Packages

Description:

community/man-pages-zh_tw 1.6.3.1-1
     Traditional Chinese Linux man pages

See:
https://www.gnu.org/philosophy/words-to-avoid.html#Linux

Description:

Private Browsing with Tracking Protection

When you browse in a Private Window, Firefox does not save:

  visited pages
  cookies
  searches
  temporary files

Firefox will save your:

  bookmarks
  downloads

Private Browsing doesn’t make you anonymous on the Internet. Your employer or Internet service provider can still know what page you visit.
Tracking Protection

Some websites use trackers that can monitor your activity across the Internet. With Tracking Protection Firefox will block many trackers that can collect information about your browsing behavior.

Learn more about Private Browsing.

Firefox is named 3 times.
Private Browsing link is broken

Additional info:
* package version(s) : 52.9.0_20180601-3

Steps to reproduce: Open Private Browsing

Description:

xdg-utils package contains some non-free applications

Additional info:

$ pacman -Si xdg-utils
Repositorio               : extra
Nombre                    : xdg-utils
Versión                   : 1.1.1-5
Descripción               : Command line tools that assist applications with a variety of
                            desktop integration tasks
Arquitectura              : any
URL                       : https://www.freedesktop.org/wiki/Software/xdg-utils/
Licencias                 : MIT
Grupos                    : Nada
Provee                    : Nada
Depende de                : sh  xorg-xset
Dependencias opcionales   : kde-cli-tools: for KDE Plasma5 support in xdg-open
                            exo: for Xfce support in xdg-open
                            xorg-xprop: for Xfce support in xdg-open
                            pcmanfm: for LXDE support in xdg-open
                            perl-file-mimeinfo: for generic support in xdg-open
                            perl-net-dbus: Perl extension to dbus used in xdg-screensaver
                            perl-x11-protocol: Perl X11 protocol used in xdg-screensaver
En conflicto con          : Nada
Remplaza a                : Nada
Tamaño de la descarga     : 54,40 KiB
Tamaño de la instalación  : 303,00 KiB
Encargado                 : Andreas Radke <andyrtr@archlinux.org>
Fecha de creación         : vie 20 ene 2017 16:12:57 -05
Validado por              : Suma MD5  Suma SHA-256  Firma

Steps to reproduce:

$ cat /usr/bin/xdg-open | grep 'chromium'

BROWSER=x-www-browser:firefox:iceweasel:seamonkey:mozilla:epiphany:konqueror:chromium:google-chrome:$BROWSER

Add “uzem” emulator and “uzebox” firmware packages[0][1].

It’s a emulator and firmware for fully free 8bit game console.

[0]:http://belogic.com/uzebox/index.asp (no https found)
[1]:https://github.com/Uzebox/uzebox

Implement octopi, octopi-cachecleaner, octopi-notifier and octopi-repoeditor packages.

Octopi is a GUI for Pacman (Package Manager) tools, needed for desktop users[0][1].

Note: Those packages need patches to remove AUR support.

[0]:https://octopiproject.wordpress.com/ [1]:https://github.com/aarnt/octopi

PKGBUILD

# $Id: PKGBUILD 187611 2016-08-26 15:44:01Z bisson $
# Contributor: lp76 <l.peduto@gmail.com>
# Contributor: Daenyth <Daenyth+Arch AT gmail DOT com>
# Maintainer: Gaetan Bisson <bisson@archlinux.org>

pkgname=ncdu
pkgver=1.12
pkgrel=1.hyperbola1
pkgdesc='Disk usage analyzer with an ncurses interface'
url='https://dev.yorhel.nl/ncdu'
license=('custom:MIT')
depends=('ncurses')
arch=('i686' 'x86_64')
validpgpkeys=('74460D32B80810EBA9AFA2E962394C698C2739FA')
source=("https://dev.yorhel.nl/download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('20620dd79d2af878442769e097f13806f64f23875dcb85ebccd573a3de43aba5663d496049b64015d13f9a79d624298032c008ef61dfb6f61d8b12902b8dca12'
            'SKIP')

build() {
    cd "${srcdir}/${pkgname}-${pkgver}"
    ./configure --prefix=/usr
    make
}

package() {
    cd "${srcdir}/${pkgname}-${pkgver}"
    make DESTDIR="${pkgdir}" install
    install -Dm644 COPYING "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

Hi André, you could make an init for the searx search engine, it happens that
I want to launch it from local to avoid being in searx.me or
searx.riseup.net.

I have seen that there is a PKGBUILD in AUR [0]. I think it is necessary to make one with the init Openrc

[0]: https://aur.archlinux.org/packages/searx-py3/

Add Wine stable version (2.x) as default Wine package.

http://scidvspc.sourceforge.net/

«Unlike most chess engines, Stockfish is open source (GPL license). That means you can read the code, modify it, contribute back, and even use it in your own projects.» I do not know if it is libre. If it is, together with Scid, Hyperbola is one step closer for every chess lover out there who also loves freedom!
https://stockfishchess.org/

Description:
Add Brazilian Portuguese grammar, spelling and hyphenation checker to hunspell.

Description:
Add Brazilian Portuguese hyphenation to hunspell.

A Material-like flat theme for GTK+ 2/3, and GNOME shell, released under a GNU General Public Licence (GNU GPL) 2 and later.

• Arch package URL: https://www.archlinux.org/packages/community/any/materia-gtk-theme
• Source code URL: https://github.com/nana-4/materia-theme

Description:

Package strongSwan is missing. Can it please be added to relevant repository? The package’s presence is critical for using IKEv2 in VPN.

Additional info:

* Source: Please see added link

Steps to reproduce:

N/A

Description: Per a user request and to better secure the kernel, we can embed the cryptsetup and ciphers in the kernel. This would mean rather than exposed modules, they are built-in to the kernel and ready to use even without an intramfs.

To be embedded: ciphers aes, twofish, serpent; sha256, sha512 - and the necessary modules (don’t forget the block modes xts, lvm and cryptsetup …)

Additionally, we could include USB Guard and any other features that meet our social contract and security outlook.

As per a user report (https://forums.hyperbola.info/viewtopic.php?id=92), DDG is USA based search engine and is blocking Tor users (https://trac.torproject.org/projects/tor/ticket/23648).
They are also using non-free JS on the default search.

It seems the best way to solve this is to use their “html” hidden service since it conceals the user IP, doesn’t block Tor users by default, and doesn’t need JS. https://3g2upl4pq6kufc4m.onion/html/

This will affect multiple applications that are currently using DuckDuckGo. The alternative is to remove it completely, but it still is a better option than Google et. all for privacy...

Description:
idk what to do with it i add the PKGBUILD but this new extension needs to be checked left or patched,
https://git.hyperbola.info:50100/~team/packages/extra.git/plain/midori/PKGBUILD?h=rachad

Additional info:
* package version(9.0)

important links to check:
* https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions * https://github.com/midori-browser/core/issues/244

Replace “devtools” to “artools”[0][1]

[0]:https://github.com/artix-linux/artools [1]:https://git.archlinux.org/devtools.git

Notes: "artools" replaces "devtools" and "archiso"
       without "systemd", but it is not a "libretools" replacement.
       For now, "libretools" needs a "chroot" wrapper to use it.

Description:

I used to be under the
impression that youtube-dl executes proprietary JavaScript, but I now
understand that it only *parses* the JavaScript to find the URL for some
videos. It doesn’t actually run the JavaScript, so it’s not a freedom
issue.

Youtube-dl only executes regular expressions [0][1][2]

you also remove the files that are just for testing [3][4][5][6][7]
and when compiling the program with libretools the test files are not placed[8]

I have consulted with other programmers and we have reached the same conclusion. Youtube-dl does not execute JS non-free, it only extracts the JS to read through python the URL‘s of some videos.[9][10]

The issues that I see with youtube-dl are rather in their form of development because it changes at every moment

Additional info:

- [0]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L12

- [1]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L132

- [2]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/swfinterp.py#L391

- [3]: https://github.com/ytdl-org/youtube-dl/tree/master/test/swftests/

- [4]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_iqiyi_sdk_interpreter.py

- [5]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_jsinterp.py

- [6]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_swfinterp.py

- [7]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_youtube_signature.py

- [8]:

$ tree -d

.
├── bin
├── lib
│   └── python3.6
│       └── site-packages
│           ├── youtube_dl
│           │   ├── downloader
│           │   │   └── __pycache__
│           │   ├── extractor
│           │   │   └── __pycache__
│           │   ├── postprocessor
│           │   │   └── __pycache__
│           │   └── __pycache__
│           └── youtube_dl-2019.5.11-py3.6.egg-info
└── share
    ├── bash-completion
    │   └── completions
    ├── doc
    │   └── youtube_dl
    ├── fish
    │   └── completions
    ├── licenses
    │   └── youtube-dl
    ├── man
    │   └── man1
    └── zsh
        └── site-functions

26 directories

- [9]: https://directory.fsf.org/wiki/Youtube-dl - [10]: https://github.com/fent/node-ytdl-core/issues/222

Description:

Firejail developers since October 2018 have started building LTS versions of firejail[0], according to Packaging Guidelines we must use LTS versions of the packages if they are available.

Links:

[0]: https://github.com/netblue30/firejail/tree/LTSbase

Remove “cinepaint” package since it’s unmaintained and unsupportable. Also, it doesn’t contains any file format support in the latest version (previous version supported multiple file formats).

I suggest use Krita (or Gimp 2.10) to edit 16bit and 32bit file formats or convert with imagemagick/graphicsmagick.

$ pacman -Si cinepaint
Repository      : community
Name            : cinepaint
Version         : 1:1.0.4-5
Description     : Sophisticated graphics manipulation programm supporting > 8bit pictures
Architecture    : x86_64
URL             : http://www.cinepaint.org
Licenses        : LGPL  GPL  MIT
Groups          : None
Provides        : None
Depends On      : gtk2  openexr  lcms  libxpm  fltk  ftgl  libxxf86vm
Optional Deps   : python2: for python plug-ins
                  gutenprint: for print plug-ins
                  ghostscript: for pdf plug-ins
Conflicts With  : None
Replaces        : None
Download Size   : 3.75 MiB
Installed Size  : 13.91 MiB
Packager        : Christian Hesse <arch@eworm.de>
Build Date      : Thu 28 Apr 2016 05:17:05 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

$ sudo pacman -S blender
resolviendo dependencias…
buscando conflictos entre paquetes…

Paquetes (20) alembic-1.7.1-1  blender-common-2.78.c-1.hyperbola4  blosc-1.11.3-1  ilmbase-2.2.0-2  intel-tbb-2017_20170226-1  libraw-0.18.2-1  libspnav-0.2.3-1  llvm-4.0.0-2
              log4cplus-1.2.0-3  opencollada-1.6.45-1.hyperbola1  opencolorio-1.0.9-5  openexr-2.2.0-3.hyperbola2  openimageio-1.6.18-1.hyperbola1  openshadinglanguage-1.7.5-1.hyperbola1
              opensubdiv-3.1.1-1  openvdb-3.2.0-2  ptex-2.1.28-1.hyperbola1  valgrind-3.12.0-2  zstd-1.1.4-1  blender-2.78.c-1.hyperbola4

Tamaño total de la descarga:      0,33 MiB
Tamaño total de la instalación:  567,26 MiB

:: ¿Continuar con la instalación? [S/n] s
:: Recibiendo los paquetes…
 libspnav-0.2.3-1-x86_64                                                                     8,5 KiB   849K/s 00:00 [######################################################################] 100%
 zstd-1.1.4-1-x86_64                                                                       283,3 KiB   199K/s 00:01 [######################################################################] 100%
 blosc-1.11.3-1-x86_64                                                                      43,0 KiB   331K/s 00:00 [######################################################################] 100%
(20/20) comprobando las claves del depósito                                                                         [######################################################################] 100%
(20/20) verificando la integridad de los paquetes                                                                   [######################################################################] 100%
error: libspnav: signature from "Andrea Scarpino <me@andreascarpino.it>" is marginal trust
:: El archivo /var/cache/pacman/pkg/libspnav-0.2.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: zstd: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/zstd-1.1.4-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: blosc: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/blosc-1.11.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: no se pudo realizar la operación (paquete no válido o dañado)
Ocurrieron errores, por lo que no se actualizaron los paquetes

https://security-tracker.debian.org/tracker/CVE-2018-1088

http://openwall.com/lists/oss-security/2018/04/18/1

https://bugs.debian.org/896128

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Upstream patches: https://review.gluster.org/#/c/19899/1..2

Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2

Per toxcore official blog, there is a security issue that affects all versions prior to 0.2.3. Users IP will leak if they have public ToxID.
https://blog.tox.chat/2018/04/security-vulnerability-and-new-toxcore-release/