|
Any | Bug Report | Very High | Critical | [grub] remove the "placeholder" entry in /etc/grub.d/20 ... | Closed | |
Task Description
Description:
Additional info:
/etc/grub.d/20_linux_xen
----
- module ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
+ module ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
----
$ pacman -Si grub
Repository : core
Name : grub
Version : 2:2.02-1.hyperbola3
Description : GNU GRand Unified Bootloader (2), (Hyperbola rebranded)
Architecture : x86_64
URL : https://www.gnu.org/software/grub/
Licenses : GPL3
Groups : None
Provides : grub-common grub-bios grub-emu grub-efi-x86_64
Depends On : sh xz gettext device-mapper
Optional Deps : freetype2: For grub-mkfont usage
fuse: For grub-mount usage
dosfstools: For grub-mkrescue FAT FS and EFI support
efibootmgr: For grub-install EFI support
libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue
os-prober: To detect other OSes when generating grub.cfg in BIOS systems
mtools: For grub-mkrescue FAT FS and EFI support
xen: For Xen Dom0 support
xen-docs: For Xen documentation
Conflicts With : grub-common grub-bios grub-emu grub-efi-x86_64 grub-legacy
Replaces : grub-common grub-bios grub-emu grub-efi-x86_64
Download Size : 6.17 MiB
Installed Size : 39.31 MiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 20 Nov 2017 06:35:41 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Stable | Feature Request | Very High | High | [hiawatha]: remove systemd files, provide openrc | Closed | |
Task Description
Description:
Hiawatha contains only systemd files.
It shall be removed and openrc shall be provided
|
|
Any | Security Issue | Very High | Critical | [iceweasel-uxp-noscript] Zero-day bypass and script exe ... | Closed | |
Task Description
Description:
NoScript zero-day allows script execution even with scripts blocked by default.
https://www.zdnet.com/article/exploit-vendor-drops-tor-browser-zero-day-on-twitter/
https://twitter.com/ma1/status/1039163003034324992
Additional info: * package version(s) < 5.1.8.7
Steps to reproduce: Set the Content-Type of your html/js page to “text/html;json” and enjoy full JS pwnage”
|
|
Stable | Bug Report | Very High | Critical | [iceweasel-uxp] Broken addons with latest update | Closed | |
Task Description
Some addons are currently broken with latest iceweasel-uxp (iceweasel-uxp 52.9.20190926-1)
DownThemAll Save to Wayback Machine Self-Destructing Cookies (and probably others)
g4jc suggested to drop PGO as it could be the culprit.
https://forums.hyperbola.info/viewtopic.php?pid=1149#p1149
Regarding addons, I'm fairly certain flipping the switch on PGO (which makes the browser faster at the expense of wrecking code) is the culprit. We were warned not to use it, and this is planned to be rolled back.
However, Hyperbot has to be scheduled to rebuild the packages and I do not set it's schedule. Will advise.
|
|
Stable | Security Issue | Very High | Critical | [iceweasel-uxp] Issue with HTTPS websites | Closed | |
Task Description
With latest iceweasel-uxp, I can’t connect to some HTTPS websites :
For example :
https://pkgs.fedoraproject.org/ is an example
SEC_ERROR_UNKNOWN_ISSUER
|
|
Any | Replace Request | Very High | Critical | [kernel-firmware] split out firmware projects from linu ... | Closed | |
Task Description
Since Linux 4.14, the in-tree kernel firmware was dropped[0][1], and Hyperbola uses linux-libre-lts-firmware from 4.9 which still supports that firmware.
However, I’d like to request upgrading to the new libre replacement of linux-firmware.git: linux-libre-firmware[2][3].
This version has no LTS releases (well, firmwares commonly don’t have LTS versions and the in-tree firmware was always the same in post-4.9 generations), but it has the same firmwares as Linux-libre-lts plus some others.
This is the list of firmware files in linux-libre-lts-firmware and its dependencies:
linux-libre-lts-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
ath9k-htc-firmware
---
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
openfwwf
---
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
And here are the firmware files of the new linux-libre-firmware:
linux-libre-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
/usr/lib/firmware/carl9170-1.fw
/usr/lib/firmware/cis/3CCFEM556.cis
/usr/lib/firmware/cis/3CXEM556.cis
/usr/lib/firmware/cis/COMpad2.cis
/usr/lib/firmware/cis/COMpad4.cis
/usr/lib/firmware/cis/DP83903.cis
/usr/lib/firmware/cis/LA-PCM.cis
/usr/lib/firmware/cis/MT5634ZLX.cis
/usr/lib/firmware/cis/NE2K.cis
/usr/lib/firmware/cis/PCMLM28.cis
/usr/lib/firmware/cis/PE-200.cis
/usr/lib/firmware/cis/PE520.cis
/usr/lib/firmware/cis/RS-COM-2P.cis
/usr/lib/firmware/cis/SW_555_SER.cis
/usr/lib/firmware/cis/SW_7xx_SER.cis
/usr/lib/firmware/cis/SW_8xx_SER.cis
/usr/lib/firmware/cis/tamarack.cis
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
/usr/lib/firmware/isci/isci_firmware.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
/usr/lib/firmware/usbdux_firmware.bin
/usr/lib/firmware/usbduxfast_firmware.bin
/usr/lib/firmware/usbduxsigma_firmware.bin
It has openfwwf and ath9k-htc-firmware included, plus some others. If actual versions of Hyperbola don’t get the update at least consider it for future releases. You can get the new PKGBUILD[4] and its new build dependencies at Parabola’s abslibre.git libre tree[5]
The new dependencies are:
Sources:
[0] https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.14-Migrates-Out-FW [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38923a068c10fc36ca8f596d650d095ce390b85 [2] https://jxself.org/firmware/ [3] https://jxself.org/git/?p=linux-libre-firmware.git [4] https://git.parabola.nu/abslibre.git/tree/libre/linux-libre-firmware [5] https://git.parabola.nu/abslibre.git/tree/libre
Updated Note:
Since Linux-libre-firmware contains a lot of independent firmware, tools and assembly projects, it should be built from its official tarball separately and create a group called kernel-firmware to follow the our packaging guidelines. Tools and assembly projects shouldn’t be included in kernel-firmware since those ones are firmware dependencies.
|
|
Any | Feature Request | Very High | High | [kmod] add init file to load kernel modules from /etc f ... | Closed | |
Task Description
Add init file to load kernel modules in system configuration
Examples:
/etc/modules.conf
----
btrfs
/etc/modules.d/*.conf
----
/etc/modules.d/nouveau.conf
----
nouveau
/etc/init.d/modules
----
#!/usr/bin/openrc-run
command="/usr/bin/modprobe"
command_args="$(cat /etc/modules.{,d/*}conf)"
/etc/runlevels/boot/modules
|
|
Any | Feature Request | Very High | High | [kmod] when dummy.ko is loaded, dummy0 interface is loa ... | Closed | |
Task Description
When dummy.ko (kernel module) is loaded, dummy0 interface is loaded as “numdummies=1”. If any dummy interface is configured in netifrc config file, dummy module loads and adds undesirable “dummy0” interface (eg. if “dummy0” interface is configured, it generates netifrc configuration conflicts).
Please add “/usr/lib/modprobe.d/dummy.conf” file configuration to disable numdummies option by default:
options dummy numdummies=0
|
|
Any | Freedom Issue | Very High | Critical | [kodi] contains youtube-dl which runs non-free scripts | Closed | |
Task Description
Please replace by avideo, preferably by a release which receives updates so that it can still function within kodi (the non-LTS version).
Replace by LTS version of avideo to follow Hyperbola Packaging Guidelines.
|
|
Any | Update Request | Very High | High | [krita] update to 3.1.4 version | Closed | |
Task Description
Description:
Update to 3.1.4 version
Additional info:
krita 3.1.3
$ pacman -Qi krita
Name : krita
Version : 3.1.3-1
Description : Edit and paint images
Architecture : x86_64
URL : http://krita.org
Licenses : LGPL
Groups : None
Provides : None
Depends On : kio kitemmodels gsl libraw exiv2 openexr fftw curl boost-libs hicolor-icon-theme
Optional Deps : poppler-qt5: PDF filter [installed]
ffmpeg: to save animations [installed]
opencolorio: for the LUT docker [installed]
Required By : None
Optional For : None
Conflicts With : calligra-krita krita-l10n
Replaces : calligra-krita krita-l10n
Installed Size : 112.43 MiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Fri 28 Apr 2017 07:57:59 AM -03
Install Date : Tue 12 Sep 2017 03:28:32 AM -03
Install Reason : Explicitly installed
Install Script : No
Validated By : Signature
Steps to reproduce: contains some bugs
|
|
Any | Security Issue | Very High | Critical | [libarchive] CVE-2019-18408 | Closed | |
Task Description
https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/
https://security-tracker.debian.org/tracker/CVE-2019-18408
|
|
Any | Privacy Issue | Very High | Critical | [libqtelegram-ae] only useful with Telegram service | Closed | |
Task Description
Description: libqtelegram-ae is Telegram library written in Qt based on telegram-cli code. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si libqtelegram-ae
Repository : community
Name : libqtelegram-ae
Version : 3:6.1-4
Description : Telegram library written in Qt based on telegram-cli code
Architecture : x86_64
URL : https://launchpad.net/libqtelegram
Licenses : GPL3
Groups : None
Provides : None
Depends On : qt5-base qt5-multimedia
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 431.27 KiB
Installed Size : 1999.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Wed 05 Apr 2017 07:16:39 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [libreoffice*] contains Google API keys | Closed | |
Task Description
Libreoffice contains Google API keys which affects privacy.
|
|
Any | Security Issue | Very High | Critical | [libressl] add package as OpenSSL replacement and defau ... | Closed | |
Task Description
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
It was forked from the OpenSSL in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL, [4] [5] [6] [7] with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. [8]
As LibreSSL follow the same goals than Hyperbola Packaging Guidelines in stability and security concerns, it should be the default provider of SSL and TLS protocols for Hyperbola Project.
|
|
Any | Security Issue | Very High | Critical | [libssh] CVE-2018-10933 | Closed | |
Task Description
Description: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.
Additional info: * package version(s) : extra/libssh 0.7.5-1
CVE
|
|
Any | Feature Request | Very High | High | [linux-libre-*] add missing installed kernel configurat ... | Closed | |
Task Description
Add missing /boot/config-linux-libre-* useful for applications such as Xen.
|
|
Any | Security Issue | Very High | Critical | [linux-libre-lts*] Meltdown & Spectre Vulnerability | Closed | |
Task Description
Multiple CVEs. Unprivileged programs can gain access to a hardware bug in the CPU, and thereby initiate memory dumps and other low-level attacks.
|
|
Any | Implementation Request | Very High | Critical | [linux-libre-lts-server] add "Linux-libre" kernel adapt ... | Closed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Any | Bug Report | Very High | Critical | [linux-libre-lts] spinlock not released on kernel by i9 ... | Closed | |
Task Description
Description:
With the latest release of the kernel, xwindow does not start anymore. I had to revert to 4.9.143.
Additional info: * package version(s): linux-libre-lts-4.9.150_gnu-0-x86_64.pkg.tar.xz
Steps to reproduce:
Upgrade to the following: - linux-libre-lts-4.9.150_gnu-0-x86_64.pkg.tar.xz - linux-libre-lts-headers-4.9.150_gnu-0-x86_64.pkg.tar.xz - acpi_call-lts-1.1.0-42.hyperbola34.6-x86_64.pkg.tar.xz
And try to start xwindow
|
|
Any | Freedom Issue | Very High | Critical | [luminancehdr] depends on non-free qt5-webengine | Closed | |
Task Description
Please repackage or replace with free software which provides similar functionality such as MacroFusion (which is available in the AUR).
The package cannot be installed. Here is the terminal output:
$ sudo pacman -S luminancehdr
resolving dependencies...
warning: cannot resolve "qt5-webengine", a dependency of "luminancehdr"
:: The following package cannot be upgraded due to unresolvable dependencies:
luminancehdr
:: Do you want to skip the above package for this upgrade? [y/N] y
looking for conflicting packages...
there is nothing to do
|
|
Any | Freedom Issue | Very High | Critical | [man-pages] contains nonfree POSIX manual pages | Closed | |
Task Description
Description:
Arch distributes a version of man-pages with manual pages from the POSIX standard. The man-pages project is permitted to distribute them and Andries Brouwer assumes that re-distribution by vendors is permitted as well. However, modification is definitively not allowed, hence this contribution by The Institute of Electrical and Electronics Engineers and The Open Group render the entire man-pages package nonfree. The way to solve it is remove all nonfree POSIX manual pages from man-pages package.
Additional info: * package version(s)
* config and/or log files etc.
The Institute of Electrical and Electronics Engineers (IEEE) and
The Open Group, have given us permission to reprint portions of
their documentation.
In the following statement, the phrase ``this text'' refers to
portions of the system documentation.
Portions of this text are reprinted and reproduced in electronic form
from IEEE Std 1003.1, 2013 Edition, Standard for Information Technology
-- Portable Operating System Interface (POSIX), The Open Group Base
Specifications Issue 7, Copyright (C) 2013 by the Institute of Electri-
cal and Electronics Engineers, Inc and The Open Group. (This is
POSIX.1-2008 with the 2013 Technical Corrigendum 1 applied.) In the
event of any discrepancy between this version and the original IEEE and
The Open Group Standard, the original IEEE and The Open Group Standard
is the referee document. The original Standard can be obtained online
at http://www.unix.org/online.html .
This notice shall appear on any product containing this material.
Redistribution of this material is permitted so long as this notice and
the corresponding notices within each POSIX manual page are retained on
any distribution, and the nroff source is included. Modifications to
the text are permitted so long as any conflicts with the standard
are clearly marked as such in the text.
Steps to reproduce:
|
|
Any | Feature Request | Very High | High | [mcelog] needs OpenRC init script and contains systemd ... | Closed | |
Task Description
Description:
Additional info:
mcelog /usr/lib/systemd/system/mcelog.service
Steps to reproduce:
|
|
Any | Implementation Request | Very High | Medium | [mediagoblin] add GNU MediaGoblin package | Closed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Any | Feature Request | Very High | High | [mercurial] needs OpenRC init scripts (hg serve and chg ... | Closed | |
Task Description
Description:
Additional info:
Note: needs a provide: hg
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [midori] unmaintained and unsupportable | Closed | |
Task Description
The developer team is discussing the removal of Midori from Debian repositories.
Jeremy Bicha says:
> The final stable release of Midori still uses the unmaintained WebKit1 > instead of webkit2gtk and therefore the browser suffers from numerous > known security vulnerabilities. Midori now fails to build with vala > 0.36 which is in Ubuntu 17.10 Alpha and will be in Debian unstable > once it clears the Debian new queue. > https://launchpad.net/bugs/1698483 .
See a complete discussion here.
|
|
Any | Bug Report | Very High | High | [mkinitcpio] consolefont and keymap hooks is adapted to ... | Closed | |
|
|
Any | Feature Request | Very High | High | [mkinitcpio] enable "hidepid" support in /proc filesyst ... | Closed | |
|
|
Any | Feature Request | Very High | High | [mldonkey] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [motion] contains systemd unit file | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mupdf] multiple security issues | Closed | |
|
|
Any | Implementation Request | Very High | High | [murmur-headless] add a Murmur package capable of worki ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mutt] CVE-2018-14354 | Closed | |
|
|
Any | Feature Request | Very High | High | [netdata] contains systemd unit files | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] "net.lo" initscript is forced to load in "boo ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [netifrc] add net_macsec and net_veth init scripts | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] fix "net_veth" and "net_macsec" initscripts | Closed | |
|
|
Any | Backport Request | Very High | Critical | [netifrc] update package to 0.6.0 backport | Closed | |
|
|
Any | Security Issue | Very High | Critical | [networkmanager] CVE-2018-1111: DHCP client script code ... | Closed | |
|
|
Any | Backport Request | Very High | High | [nodejs] backporting to nodejs LTS 8.11.3 | Closed | |
|
|
Any | Feature Request | Very High | High | [onioncat] needs OpenRC init script | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openldap] 2.4.44 multiple security issues | Closed | |
|
|
Stable | Bug Report | Very High | Critical | [openrc] Cowardly refusing to concatenate a logfile int ... | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [openrc] Google in init.d and conf.d configuration (ne ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add "newinstance" mount parameter in "devpts" ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add chroot init config and script files | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add hidepid support in /proc filesystem. | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] fix "chroot" initscript | Closed | |
|
|
Any | Feature Request | Very High | High | [openrc] minor fix in /proc mount option | Closed | |
|
|
Any | Bug Report | Very High | High | [openrc] needs a minor fix | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] please remove "mtab", "modules-load" and "swcl ... | Closed | |
|