Packages

x11vnc service has been imported from Gentoo, however it forces use xdm service when it should be optional since there are users don’t like use xdm to run DMs. Also, Hyperbola contains another services alternatives such as gdm, lightdm, lxdm, sddm and slim to run directly without xdm.

Description: As mentioned in Bug #18, our VLC plugin was not maintained in some time and the deprecated addon was removed. However, upstream is actively working on the plugin as per: https://code.videolan.org/videolan/npapi-vlc/tree/master

We should build this from source and re-package.

Description:

lsusb does not resolve device names from /var/lib/usbutils/usb.ids

The same thing as described here: https://unix.stackexchange.com/questions/220759/lsusb-doesnt-list-device-names

Description:

• add new package

Additional info:

• none

Steps to reproduce:

• none

Description:

• Fix package name to emacs-headless that is the correct name for packages without graphical user interface support. nox suffix is incorrect because Hyperbola supports Wayland too, not only X.Org.

Additional info:
* package version(s)

• 25.2-1

* config and/or log files etc.

Steps to reproduce:

• None

Description:

• Fix package name to erlang-headless that is the correct name for packages without graphical user interface support. nox suffix is incorrect because Hyperbola supports Wayland too, not only X.Org.

Additional info:
* package version(s)

• 19.3-3

* config and/or log files etc.

Steps to reproduce:

• None

Description:

• Fix package name to qbittorrent-headless that is the correct name for packages without graphical user interface support. nox suffix is incorrect because Hyperbola supports Wayland too, not only X.Org.

Additional info:
* package version(s)

• 3.3.11-1

* config and/or log files etc.

Steps to reproduce:

• None

Description:

crystal build src/invidious.cr –release

Error in src/invidious.cr:19: while requiring "kemal"

require "kemal"
^

in lib/kemal/src/kemal.cr:4: while requiring "./kemal/*"

require "./kemal/*"
^

in lib/kemal/src/kemal/config.cr:26: expanding macro

    property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
    ^~~~~~~~

in lib/kemal/src/kemal/config.cr:26: expanding macro

    property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
    ^

in macro 'property' expanded macro: macro_48177600:567, line 4:

   1.       
   2.         
   3.           
>  4.             @static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
   5. 
   6.             def static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
   7.               @static_headers
   8.             end
   9. 
  10.             def static_headers=(@static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil)
  11.             end
  12.           
  13.         
  14.       
  15.     

undefined constant File::Info

Additional info:
* package version(s)

Crystal 0.22.0 (2017-04-22) LLVM 4.0.0

Steps to reproduce:

Description: opmsg is a replacement for gpg which can encrypt/sign/verify your mails or create/verify detached signatures of local files. Even though the opmsg output looks similar, the concept is entirely different.

Additional info:
https://aur.archlinux.org/packages/opmsg/

As per the source code, xdg-utils is meant to work with firefox, google-chrome, and other browsers. It is missing support for -uxp applications.

The OpenRC services should be added to runlevels through installing process instead be forced each time when openrc package is upgraded, because some sysadmins need customize them and are useful for Xen environments.

Example:

rc-update
                  ... |
          agetty.tty1 |      default                                 
         agetty.tty10 |      default                                 
         agetty.tty11 |      default                                 
         agetty.tty12 |      default                                 
          agetty.tty2 |      default                                 
          agetty.tty3 |      default                                 
          agetty.tty4 |      default                                 
          agetty.tty5 |      default                                 
          agetty.tty6 |      default                                 
          agetty.tty7 |      default                                 
          agetty.tty8 |      default                                 
          agetty.tty9 |      default                                 
                  ... |
                 swap | boot                                         
                  ... |
rc-update del swap boot
rc-update del agetty.tty{12,11,10,9,8,7,6,5,4,3,2,1}
rc-update add agetty.tty{1,2,3} system # "system" runlevel runs after "default" runlevel
rc-update
                  ... |
          agetty.tty1 |                                        system
         agetty.tty10 |                                        system
         agetty.tty11 |                                        system
         agetty.tty12 |                                              
          agetty.tty2 |                                              
          agetty.tty3 |                                              
          agetty.tty4 |                                              
          agetty.tty5 |                                              
          agetty.tty6 |                                              
          agetty.tty7 |                                              
          agetty.tty8 |                                              
          agetty.tty9 |                                              
                  ... |
pacman -Sy openrc
rc-update
                  ... |
          agetty.tty1 |      default                           system
         agetty.tty10 |      default                           system
         agetty.tty11 |      default                           system
         agetty.tty12 |      default                                 
          agetty.tty2 |      default                                 
          agetty.tty3 |      default                                 
          agetty.tty4 |      default                                 
          agetty.tty5 |      default                                 
          agetty.tty6 |      default                                 
          agetty.tty7 |      default                                 
          agetty.tty8 |      default                                 
          agetty.tty9 |      default                                 
                  ... |
                 swap | boot                                         
                  ... |

https://security-tracker.debian.org/tracker/CVE-2018-1088

http://openwall.com/lists/oss-security/2018/04/18/1

https://bugs.debian.org/896128

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Upstream patches: https://review.gluster.org/#/c/19899/1..2

Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2

I can’t update filters or update with iceweasel-uxp-ublock-origin.
When I toggle the additional filters list, it is empty.

Description:

In External Linkhttps://git.hyperbola.info:50100/packages/community.git/tree/hostapd/config an option is missing to support 802.11r:

Adding “CONFIG_IEEE80211R=y”

Additional info:
* hostapd 2.6

Description:

I have tried to upgrade hyperbola.

Critical upgrades cannot be installed when wesnoth is installed, there are conflicting files

Steps to reproduce:

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 arch-keyring-201808...  1605.2 KiB   617K/s 00:03 [#########] 100%
 hyperbola-keyring-2...   215.9 KiB   635K/s 00:00 [#########] 100%
 linux-libre-lts-4.9...    59.6 MiB   749K/s 01:22 [#########] 100%
 openvpn-2.4.6-1.hyp...   402.2 KiB  1149K/s 00:00 [#########] 100%
 iceweasel-uxp-52.9....    39.8 MiB   839K/s 00:49 [#########] 100%
 libgdm-3.24.1-1.hyp...    57.3 KiB  1912K/s 00:00 [#########] 100%
 ntp-4.2.8.p11-2.hyp...  1798.4 KiB   833K/s 00:02 [#########] 100%
 sddm-0.14.0-2.hyper...     3.2 MiB   770K/s 00:04 [#########] 100%
 lxdm-0.5.3-4.hyperb...    98.4 KiB   984K/s 00:00 [#########] 100%
 tp_smapi-lts-0.43-1...    26.6 KiB  2.60M/s 00:00 [#########] 100%
 wesnoth-data-1.14.4...   395.1 MiB   745K/s 09:03 [#########] 100%
 wesnoth-1.14.4-1.hy...     5.5 MiB   616K/s 00:09 [#########] 100%
(12/12) checking keys in keyring                   [#########] 100%
(12/12) checking package integrity                 [#########] 100%
(12/12) loading package files                      [#########] 100%
(12/12) checking for file conflicts                [#########] 100%
error: failed to commit transaction (conflicting files)
/usr/share/icons/hicolor/128x128/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/16x16/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/256x256/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/32x32/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/512x512/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/64x64/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/metainfo/wesnoth.appdata.xml exists in both 'wesnoth-data' and 'wesnoth'
Errors occurred, no packages were upgraded.

Description:

Package strongSwan is missing. Can it please be added to relevant repository? The package’s presence is critical for using IKEv2 in VPN.

Additional info:

* Source: Please see added link

Steps to reproduce:

N/A

In `/etc/logrotate.d/rsyslog`, line 5:

/usr/bin/killall -HUP /usr/bin/rsyslogd

should now read as follows:

/usr/bin/killall -HUP /usr/sbin/rsyslogd

With latest 0.3 hyperbola, with the (simple) following partitioning :

/ (ext4)
/swap

The standard HOOK in /etc/mkinitcpio.conf

"HOOKS="base udev autodetect modconf block filesystems keyboard fsck"

fails to include crc32c_generic module, resulting in non bootable system.

The generated fallback initramfs include it though.

The issue was not present with 0.2.9, with the exact same partitioning.

[virt-manager] Failed to initialize a valid firewall backend

I cannot start any virtual machine with current virt-manager.
The error message is the following :

Failed to initialize a valid firewall backend

My username is in “kvm” group.

The only modification to the libvirt config files I made are in /etc/libvirt/qemu.conf

[...]
# Some examples of valid values are:
#
#       user = "qemu"   # A user named "qemu"
#       user = "+0"     # Super user (uid=0)
#       user = "100"    # A user named "100" or a user with uid=100
# 
#user = "root"
user = "david"
[...]

The libvirtd service is enabled (and start without error)
Also, the optional dependencies are correctly installed :

ebtables: required for default NAT networking [installed]
dnsmasq: required for default NAT/DHCP for guests [installed]
bridge-utils: for bridged networking [installed]

This was working fine previously (with 0.2.9) so I don’t know why this isn’t working anymore. As said previously, my config hasn’t changed.

With : v4l-utils 1.12.3-1.hyperbola1

dvb5-scan utility currently segfaults with rtl2832

*** Error in `dvbv5-scan': double free or corruption (fasttop): 0x000000000090be90 ***
======= Backtrace: =========
/lib/libc.so.6(+0x727ad)[0x7f4f9a9657ad]
/lib/libc.so.6(+0x78e6f)[0x7f4f9a96be6f]
/lib/libc.so.6(+0x796ce)[0x7f4f9a96c6ce]
/usr/lib/libdvbv5.so.0(free_dvb_dev+0x13)[0x7f4f9acafa53]
/usr/lib/libdvbv5.so.0(dvb_dev_free_devices+0x28)[0x7f4f9acafaf8]
/usr/lib/libdvbv5.so.0(dvb_dev_free+0x4e)[0x7f4f9acafe2e]
dvbv5-scan[0x401729]
/lib/libc.so.6(__libc_start_main+0xf1)[0x7f4f9a9135a1]
dvbv5-scan[0x4019fa]

This seems to have been fixed, see :

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008

I don’t know if a patch is available for it though..

With lynis 2.4.8-1.hyperbola2

sudo lynis audit system remote 192.168.0.100

fails because dmidecode is not installed to /usr/sbin/ :

/usr/share/lynis/include/functions: line 1359: /usr/sbin/dmidecode: No such file or directory

With hyperbola 0.3 :

which dmidecode
/usr/bin/dmidecode

Current torsocks version is broken.
It returns the following error when attempting to torify application :

which: no getcap

Description:
The apache pkg has a symlink in /etc/httpd/modules which points to /usr/lib/httpd/modules, and it’s wrong because modules are now located at /usr/libexec/httpd/modules

Also, packages that have apache modules, like:

• extra/php-apache
• community/mod_wsgi
• community/mod_wsgi2

have them in the old location, so they need to be rebuilt.

Additional info:

• apache 2.4.38-1.hyperbola2

Description:
After replacing roundcubemail with roundcubemail-lts, I got the following error:

  PHP Warning:  session_start(): Failed to read session data: user (path: ) in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_session.php on line 117

And going back to the non-lts version solved it

Additional info:
It looks like it is a problem of roundcube-lts not being fully compatible with PHP 7.1, maybe a backport could fix the issue

Steps to reproduce:
1) Install roundcube
2) open it in a web browser
3) Check /var/log/roundcubemail/errors

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation

https://security-tracker.debian.org/tracker/CVE-2019-2201

Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388