|
Any | Privacy Issue | Very High | Critical | [telegram-qt] only useful with Telegram service | Closed | |
Task Description
Description: TelegramQt is a Telegram binding for Qt. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telegram-qt
Repository : community
Name : telegram-qt
Version : 0.1.0-2
Description : Qt bindings for the Telegram protocol
Architecture : x86_64
URL : https://github.com/Kaffeine/telegram-qt
Licenses : GPL
Groups : None
Provides : None
Depends On : qt5-base
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 204.80 KiB
Installed Size : 747.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Sat 18 Feb 2017 06:49:55 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telegramqml] only useful with Telegram service | Closed | |
Task Description
Description: TelegramQML are Telegram API tools for QtQml and Qml. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telegramqml
Repository : community
Name : telegramqml
Version : 0.9.2-2
Description : Telegram API tools for QtQml and Qml
Architecture : x86_64
URL : https://github.com/Aseman-Land/TelegramQML
Licenses : GPL
Groups : None
Provides : None
Depends On : qt5-webkit qt5-imageformats qt5-graphicaleffects qt5-quickcontrols libqtelegram-ae
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 401.03 KiB
Installed Size : 1905.00 KiB
Packager : Jiachen Yang <farseerfc@gmail.com>
Build Date : Mon 25 Jan 2016 05:46:59 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-morse] only useful with Telegram service | Closed | |
Task Description
Description: Telepathy-Morse is a Qt-based Telegram connection manager for the Telepathy framework. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telepathy-morse
Repository : community
Name : telepathy-morse
Version : 0.1.0-1
Description : Telepathy Connection Manager for the Telegram network
Architecture : x86_64
URL : https://github.com/TelepathyQt/telepathy-morse
Licenses : GPL
Groups : None
Provides : None
Depends On : telepathy-qt5 telegram-qt
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 90.80 KiB
Installed Size : 351.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Fri 16 Sep 2016 11:49:33 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-kde-accounts-kcm] recommends Telepathy-Morse ... | Closed | |
Task Description
Description: telepathy-kde-accounts-kcm contains the telepathy-morse package in its optdepends array. It should be removed since Telepathy-Morse provides support for Telegram, a nonfree server-side service that requires accounts tied to telephone numbers.
Additional info:
$ pacman -Si telepathy-kde-accounts-kcm
Repository : extra
Name : telepathy-kde-accounts-kcm
Version : 17.04.0-1
Description : KCM Module for configuring Telepathy Instant Messaging Accounts
Architecture : x86_64
URL : https://community.kde.org/Real-Time_Communication_and_Collaboration
Licenses : GPL
Groups : kde-applications kdenetwork telepathy-kde
Provides : None
Depends On : telepathy-qt kaccounts-providers
Optional Deps : telepathy-gabble: XMPP/Jabber accounts support
telepathy-haze: account types supported by Pidgin/libpurple
telepathy-morse: Telegram accounts support
telepathy-salut: link-local XMPP account support
Conflicts With : None
Replaces : None
Download Size : 334.86 KiB
Installed Size : 2111.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Sat 15 Apr 2017 06:47:59 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Bug Report | Very High | Critical | [grub] remove the "placeholder" entry in /etc/grub.d/20 ... | Closed | |
Task Description
Description:
Additional info:
/etc/grub.d/20_linux_xen
----
- module ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
+ module ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
----
$ pacman -Si grub
Repository : core
Name : grub
Version : 2:2.02-1.hyperbola3
Description : GNU GRand Unified Bootloader (2), (Hyperbola rebranded)
Architecture : x86_64
URL : https://www.gnu.org/software/grub/
Licenses : GPL3
Groups : None
Provides : grub-common grub-bios grub-emu grub-efi-x86_64
Depends On : sh xz gettext device-mapper
Optional Deps : freetype2: For grub-mkfont usage
fuse: For grub-mount usage
dosfstools: For grub-mkrescue FAT FS and EFI support
efibootmgr: For grub-install EFI support
libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue
os-prober: To detect other OSes when generating grub.cfg in BIOS systems
mtools: For grub-mkrescue FAT FS and EFI support
xen: For Xen Dom0 support
xen-docs: For Xen documentation
Conflicts With : grub-common grub-bios grub-emu grub-efi-x86_64 grub-legacy
Replaces : grub-common grub-bios grub-emu grub-efi-x86_64
Download Size : 6.17 MiB
Installed Size : 39.31 MiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 20 Nov 2017 06:35:41 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Any | Bug Report | Very High | Critical | [openrc] rename "chroot-nspawn" keyword to "chroot+unsh ... | Closed | |
Task Description
Description:
Rename "chroot-nspawn" keyword to "chroot+unshare" one
because"chroot+unshare" subsystem (chroot and unshare command)
is more precise than "chroot-nspawn" (systemd-nspawn
compatibility script) subsystem.
The files with "chroot-nspawn" keyword are:
* /etc/init.d/binfmt
* /etc/init.d/bootmisc (as SYSTEMD-NSPAWN)
* /etc/init.d/consolefont
* /etc/init.d/devfs
* /etc/init.d/dmesg
* /etc/init.d/fsck
* /etc/init.d/hostname
* /etc/init.d/hwclock
* /etc/init.d/keymaps
* /etc/init.d/localmount
* /etc/init.d/loopback
* /etc/init.d/mtab
* /etc/init.d/modules
* /etc/init.d/modules-load
* /etc/init.d/mount-ro
* /etc/init.d/net-online
* /etc/init.d/netmount
* /etc/init.d/numlock
* /etc/init.d/procfs
* /etc/init.d/root
* /etc/init.d/swap
* /etc/init.d/swclock
* /etc/init.d/sysctl
* /etc/init.d/sysfs
* /etc/init.d/termencoding
* /etc/init.d/urandom
Note:
chroot: run a command with special root directory
unshare: isolate the command in a different "Linux namespace"
Additional info:
openrc 0.28-14
/etc/rc.conf
# "" - nothing special
# "docker" - Docker container manager (GNU/Linux)
# "jail" - Jail (DragonflyBSD or FreeBSD)
# "lxc" - Linux Containers
# "openvz" - Linux OpenVZ
# "prefix" - Prefix
# "rkt" - CoreOS container management system (GNU/Linux)
# "subhurd" - Hurd subhurds (to be checked)
-# "chroot-nspawn" - Container created by chroot-nspawn
+# "chroot" - Chroot container (to be checked)
+# "chroot+unshare" - Chroot container using unshare command (GNU/Linux)
# "uml" - Usermode Linux
# "vserver" - Linux vserver
-# "xen0" - Xen0 Domain (GNU/Linux and NetBSD)
-# "xenU" - XenU Domain (GNU/Linux and NetBSD)
+# "xen0" - Xen0 Domain (GNU/HyperBK, GNU/Linux, FreeBSD and NetBSD)
+# "xenU" - XenU Domain (GNU/Hurd, GNU/HyperBK, GNU/Linux, FreeBSD, NetBSD and OpenBSD)
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Run OpenRC init
|
|
Any | Bug Report | Very High | Critical | [eudev] rename "systemd-nspawn" keyword to "chroot+unsh ... | Closed | |
Task Description
Description:
Rename "systemd-nspawn" keyword to "chroot+unshare" one.
The files with "systemd-nspawn" keyword are:
* /etc/init.d/udev
* /etc/init.d/udev-settle
* /etc/init.d/udev-trigger
Additional info:
eudev 3.2.5-1
$ pacman -Si eudev
Repository : core
Name : eudev
Version : 3.2.5-1
Description : The userspace dev tools (udev) forked by Gentoo, with OpenRC support
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:Eudev
Licenses : GPL
Groups : None
Provides : udev
Depends On : libeudev kbd kmod hwids util-linux
Optional Deps : None
Conflicts With : udev
Replaces : udev
Download Size : 932.42 KiB
Installed Size : 7069.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Thu 07 Dec 2017 11:45:57 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Run OpenRC init
|
|
Any | Feature Request | Very High | Critical | [openrc] please remove "mtab", "modules-load" and "swcl ... | Closed | |
Task Description
Description:
Please remove "mtab", "modules-load" and "swclock" init scripts.
"mtab" is a deprecated and unmaintained init script,
because filesystem contains a mtab soft link.
"modules-load" init script, is a systemd compatibility configuration
to load the kernel modules from the "/etc/modules-load" configuration
directory.
This init script is useless, because the "modules" init script exists
and it's a duplicated feature.
If you need a module to load a module, just configure "/etc/conf.d/modules"
and start the "modules" init script or add a module in
the "/etc/mkinitcpio.conf" and run mkinitcpio -p $yourkernel
"swclock" is an useless init script, because is a service
setting the local clock based on last shutdown time.
If a machine doesn't support "/etc/rtc", then disable "clock_hctosys" and
"clock_systohc" from "/etc/conf.d/hwclock" with or without
NTP server/client. For chroot environments,"osclock" init script is the way.
Additional info:
openrc 0.28-14
/etc/init.d/localmount
-use lvm modules mtab root
+use lvm modules root
/etc/init.d/modules
- want modules-load
/etc/init.d/lm_sensors
-after modules-load
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Enable the unused init scripts
|
|
Any | Security Issue | Very High | Critical | [openrc] use procps-ng's "sysctl" by default instead of ... | Closed | |
Task Description
Description:
Use procps-ng's "sysctl" by default instead of inetutils's "hostname" for
hostname support.
Since [inetutils] is an extra dependency for openrc, it
contains insecure commands like: ftp/rcp/rlogin/rsh/talk/telnet
For security reasons, procps-ng should be the tool to handle hostname
configuration through hostname init script because is a base package.
Additional info:
openrc 0.28-14
/etc/init.d/hostname
- hostname "$h"
+ case $(uname -s) in
+ GNU/Linux|Linux)
+ sysctl -qw kernel.hostname="$h"
+ ;;
+ *)
+ hostname "$h"
+ ;;
+ esac
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Set and run hostname init script
|
|
Any | Bug Report | Very High | Critical | [openrc] set "devfs" init script to run before than any ... | Closed | |
Task Description
Description:
Set "devfs" init script to run before than any "logger" init script.
It fixes when any "logger" server is running with rc_logger activated
without the needed to add a "logger" init script on different runlevels.
Additional info:
openrc 0.28-14
/etc/init.d/devfs
- before dev
+ before dev logger
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Add "devfs" and any "logger" init script to default runlevel
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
Task Description
Description:
Some init scrips are forced to load in certain runlevels by default (eg. boot) when
OpenRC is upgraded. It isn't good for virtualization environments like chroot that
doesn't require it to work.
Those scripts are:
* /etc/init.d/dmesg
* /etc/init.d/hwclock
* /etc/init.d/keymaps
* /etc/init.d/killprocs
* /etc/init.d/local
* /etc/init.d/loopback
* /etc/init.d/modules
* /etc/init.d/mount-ro
* /etc/init.d/swap
* /etc/init.d/sysctl
Note: "/etc/init.d/dmesg" should be loaded in "boot" runlevel instead of "sysinit" one at the first installation time.
Note: "/etc/init.d/local" should be loaded in "sysinit" runlevel instead of "default" and "nonetwork" one at the first installation time.
Additional info:
openrc 0.28-14
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Re-install and/or upgrade the OpenRC package.
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
Task Description
Description:
Some init scrips are forced to load in certain runlevels by default (eg. boot) when
OpenRC is upgraded. Also some of them are autoloaded by other init scripts.
It isn't good for virtualization environments like chroot that doesn't require it to
work.
These files need be removed:
* /etc/runlevels/boot/binfmt (optional)
* /etc/runlevels/boot/fsck (autoloaded from "root" init script)
* /etc/runlevels/boot/localmount (autoloaded from "bootmisc" init script)
* /etc/runlevels/boot/procfs (optional, mount "binfmt_misc" only)
* /etc/runlevels/boot/termencoding (autoloaded from "keymaps" init script)
* /etc/runlevels/default/netmount (optional)
* /etc/runlevels/shutdown/savecache (optional)
* /etc/runlevels/sysinit/devfs (autoload from "udev" init script)
* /etc/runlevels/sysinit/sysfs (autoload from "udev" init script)
Additional info:
openrc 0.28-14
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Re-install and/or upgrade the OpenRC package
|
|
Any | Feature Request | Very High | Critical | [openrc] add "newinstance" mount parameter in "devpts" ... | Closed | |
Task Description
Description:
Add "newinstance" mount parameter in "devpts" (in "devfs" init script)
Additional info:
openrc 0.28-14
/etc/init.d/devfs
- “devpts /dev/pts 0755 ,gid=5,mode=0620 devpts” \ + “devpts /dev/pts 0755 ,gid=5,mode=0620,newinstance devpts” \
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce: Run “devfs” init script
|
|
Any | Feature Request | Very High | Critical | [openrc] add hidepid support in /proc filesystem. | Closed | |
Task Description
Description:
Additional info:
/usr/lib/rc/sh/init.sh
- mount -n -t proc -o noexec,nosuid,nodev proc /proc
+ mount -n -t proc -o noexec,nosuid,nodev,gid=proc,hidepid=2 proc /proc
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-18
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 193.18 KiB
Installed Size : 1720.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Sun 08 Jul 2018 01:28:16 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
On boot “openrc” on ‘chroot’ with ‘linux namespaces’ (unshare).
On boot “openrc” on any ‘kernel based virtual machines’ (without /proc premounted).
On boot the kernel without any image (initramfs-linux-libre-lts*.img).
|
|
Any | Feature Request | Very High | Critical | [netifrc] add net_macsec and net_veth init scripts | Closed | |
Task Description
Description:
Add net_macsec and net_veth init scripts
Additional info:
netifrc 0.5.1-3
Repository : core
Name : netifrc
Version : 0.5.1-3
Description : Network interface management scripts
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Netifrc
Licenses : BSD2
Groups : base
Provides : None
Depends On : eudev
Optional Deps : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
net-tools: for interface handler support
bridge-utils: for bridging support
linux-atm: for CLIP and RFC 2684 bridge support
wpa_supplicant: for wireless networking support (recommended)
wireless_tools: for wireless networking support
dhcpcd: for DHCP support (recommended)
dhclient: for DHCP support
busybox: for DHCP support
iputils: for APIPA support
ifenslave: for bonding interfaces
ppp: for PPP and ADSL support (recommended)
rp-pppoe: for ADSL support
macchanger: for changing MAC addresses
ifplugd: for cable in/out detection
Conflicts With : None
Replaces : None
Download Size : 62.75 KiB
Installed Size : 349.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Wed 24 Jan 2018 09:05:24 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Any | Feature Request | Very High | Critical | [openrc] add chroot init config and script files | Closed | |
Task Description
Description:
Add chroot init script
Note: chroot1 and chroot2 are examples.
Additional info:
openrc 0.28-14
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Any | Bug Report | Very High | Critical | [openrc] rename "procfs" init script to "binfmt_misc", ... | Closed | |
Task Description
Description:
Rename "procfs" init script to "binfmt_misc", it isn't a "procfs"
/etc/init.d/procfs → /etc/init.d/binfmt_misc
-description="Mounts misc filesystems in /proc."
+description="Mounts binfmt_misc filesystems in /proc."
/etc/init.d/binfmt
- after clock procfs
+ after clock binfmt_misc
Additional info:
openrc 0.28-14
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Any | Bug Report | Very High | Critical | [eudev][openrc] rename "dev-mount" to "devfs" in "udev" ... | Closed | |
Task Description
Description: Rename “dev-mount” to “devfs” in “udev” init script
/etc/init.d/udev (eudev package)
- need sysfs dev-mount
+ need sysfs devfs
/etc/init.d/devfs (openrc package)
- provide dev-mount
Additional info:
openrc 0.28-14
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Any | Backport Request | Very High | Critical | [netifrc] update package to 0.6.0 backport | Closed | |
Task Description
Description:
[netifrc] update package to 0.6.0 backport version
Fix security errors:
Fix errors:
Changes:
Features:
Note: Please add a extra hotfix patch from git:
Additional info:
netifrc 0.5.1-3
$ pacman -Si netifrc
Repository : core
Name : netifrc
Version : 0.5.1-3
Description : Network interface management scripts
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Netifrc
Licenses : BSD2
Groups : base
Provides : None
Depends On : eudev
Optional Deps : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
net-tools: for interface handler support
bridge-utils: for bridging support
linux-atm: for CLIP and RFC 2684 bridge support
wpa_supplicant: for wireless networking support (recommended)
wireless_tools: for wireless networking support
dhcpcd: for DHCP support (recommended)
dhclient: for DHCP support
busybox: for DHCP support
iputils: for APIPA support
ifenslave: for bonding interfaces
ppp: for PPP and ADSL support (recommended)
rp-pppoe: for ADSL support
macchanger: for changing MAC addresses
ifplugd: for cable in/out detection
Conflicts With : None
Replaces : None
Download Size : 62.75 KiB
Installed Size : 349.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Wed 24 Jan 2018 09:05:24 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
contains errors in 0.5.1 version
|
|
Any | Implementation Request | Very High | Critical | [linux-libre-lts-server] add "Linux-libre" kernel adapt ... | Closed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [openrc] remove dangerous "local" init script | Closed | |
Task Description
Description:
“https://wiki.gentoo.org/wiki//etc/local.d”
Additional info:
remove:
“/etc/init.d/local”
“/etc/local.d/README”
“/etc/local.d/”
/etc/init.d/agetty
----
- after local
+ after *
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-17
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 194.10 KiB
Installed Size : 1727.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Thu 05 Jul 2018 01:37:37 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Any | Bug Report | Very High | Critical | [python-acme] to start crashing on June 19th | Closed | |
Task Description
Description: Quoted from https://bugs.launchpad.net/ubuntu/+source/python-acme/+bug/1777205 Bug #1777205 reported by Brad Warren on 2018-06-16
[Impact]
Without this fix, on June 19, the library will start to fail when using Let’s Encrypt’s new ACMEv2 endpoint. We should avoid breaking this for users.
[Test Case]
On June 19, try to use Let’s Encrypt’s new ACMEv2 endpoint; it will error out, as described in https://community.letsencrypt.org/t/acmev2-order-ready-status/62866
[Regression Potential]
If the endpoint changes again, this will need another update, but the only potential regression I see is server-side, which needs patches on our end to adjust (like in this case).
[Original Bug Description]
I am the upstream maintainer of python-acme. This bug only affects python-acme in Ubuntu 18.04.
Starting on June 19th, this library will start failing when used with Let’s Encrypt’s new ACMEv2 endpoint. This is because the library does not recognize the changes described in https://community.letsencrypt.org/t/acmev2-order-ready-status/62866 and will error out when it sees them.
To fix this, python-acme either needs to be upgraded to 0.25.1 (which came out two days ago) or the one line patch that originally landed upstream at https://github.com/certbot/certbot/commit/5940ee92ab5c9a9f05f7067974f6e15c9fa3205a applied. I think the latter is the safer option.
Please let me know what I can do to help get this resolved.
Additional info: Solution is to upgrade the following packages
* certbot 0.23.0-1.hyperbola1.backports1 * python-acme 0.23.0-1.backports1
and any other that depends on certbot=0.23.0 and/or python-acme=0.23.0 (like the certbot plugins)
The other option is to patch certbot, as described in the launchpad’s issue
Steps to reproduce:
1) Install certbot 2) try anything related to the certificates (certonly, renew) 3) You may get an error like this:
Obtaining a new certificate
An unexpected error occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/josepy/json_util.py", line 280, in fields_from_json
fields[slot] = field.decode(value)
File "/usr/lib/python3.6/site-packages/josepy/json_util.py", line 88, in decode
return self.fdec(value)
File "/usr/lib/python3.6/site-packages/acme/messages.py", line 123, in from_json
'{0} not recognized'.format(cls.__name__))
josepy.errors.DeserializationError: Deserialization error: Status not recognized
During handling of the above exception, another exception occurred:
josepy.errors.DeserializationError: Deserialization error: Could not decode 'status' ('ready'): Deserialization error: Status not recognized
Please see the logfiles in /var/log/letsencrypt for more details.
|
|
Any | Security Issue | Very High | Critical | [znc] CVE-2018-14055: privilege escalation & CVE-2018-1 ... | Closed | |
Task Description
Severity: high
Versions affected: 1.6.0 through 1.7.0 Potentially, all earlier versions too, but there is no known way to trigger this before 1.6.0
Mitigation: upgrade to 1.7.1
Description: ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate privilege, inject rogue values into znc.conf, and gain shell access.
Upstream patches: https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
—
Severity: medium
Versions affected: 0.045 through 1.7.0
Mitigation: upgrade to 1.7.1, or disable HTTP via `/msg *status AddPort`, `/msg *status DelPort` commands.
Description: ZNC before 1.7.1-rc1 is prone to a path traversal flaw. A non-admin user can set web skin name to ../ to access files outside of the intended skins directories and to cause DoS.
Upstream patch: https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773
|
|
Any | Security Issue | Very High | Critical | [wesnoth] CVE-2018-1999023 - Code Injection vulnerabili ... | Closed | |
Task Description
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.
https://security-tracker.debian.org/tracker/CVE-2018-1999023
Upstream patch: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318
|
|
Stable | Security Issue | Very High | Critical | [iceweasel-uxp] Issue with HTTPS websites | Closed | |
Task Description
With latest iceweasel-uxp, I can’t connect to some HTTPS websites :
For example :
https://pkgs.fedoraproject.org/ is an example
SEC_ERROR_UNKNOWN_ISSUER
|
|
Any | Bug Report | Very High | Critical | [openrc] fix "chroot" initscript | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] fix "net_veth" and "net_macsec" initscripts | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] "net.lo" initscript is forced to load in "boo ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [eudev] "udev" and "udev-trigger" initscripts are force ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] run "sysctl" initscript after "net" initscript | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openssh] CVE-2018-15473 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [dropbear] CVE-2018-15599 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mutt] CVE-2018-14354 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [iceweasel-uxp-noscript] Zero-day bypass and script exe ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [util-linux] CVE-2018-7738 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [schroedinger] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2017-17670 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2018-11529 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [qtpass] Insecure Password Generation prior to 1.2.1 | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [qtemu] package recommends installing non-free OSes | Closed | |
|
|
Any | Security Issue | Very High | Critical | [toxcore] Memory leak - Remote DDoS vunerability | Closed | |
|
|
Any | Security Issue | Very High | Critical | [libssh] CVE-2018-10933 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openldap] 2.4.44 multiple security issues | Closed | |
|
|
Any | Security Issue | Very High | Critical | [php] CVE-2017-9120 | Closed | |
|
|
Stable | Freedom Issue | Very High | Critical | [cool-retro-term] update package to 1.0.1 and remove no ... | Closed | |
|
|
Stable | Freedom Issue | Very High | Critical | [xorg-fonts-misc] contains non-libre/free Syriac typefa ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [python-pip][python2-pip] Pip recommends proprietary so ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [purple-skypeweb] Plugin only useful with Skype | Closed | |
|
|
Stable | Freedom Issue | Very High | Critical | [gftp] Remove many other (old and dead) FTP site bookma ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [man-pages] contains nonfree POSIX manual pages | Closed | |
|