|
Any | Security Issue | Medium | Medium | [openssh] CVE-2018-15919 | Closed | |
Task Description
Remotely observable behavior in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration (or “oracle”) as a vulnerability.’ https://security-tracker.debian.org/tracker/CVE-2018-15919
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
Task Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation
https://security-tracker.debian.org/tracker/CVE-2019-2201
Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
|
|
Any | Update Request | Medium | Medium | [youtube-viewer] update request to v3.7.9 | Closed | |
Task Description
Please package update to version 3.7.9 of youtube-viewer.
libre.patch attached :)
|
|
Any | Update Request | Medium | High | Make Knock patch for Linux-libre 4.14 LTS | Closed | |
Task Description
The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x
However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x
This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.
Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases
|
|
Any | Update Request | Medium | Medium | [cups] update request | Closed | |
Task Description
New versión v2.2.7
References:
|
|
Any | Update Request | Medium | High | [php] is out of date/support | Closed | |
Task Description
Description:
From official PHP page, our php 7.1 is out of support and security
Our package :
https://www.hyperbola.info/packages/extra/x86_64/php/
PHP page :
https://www.php.net/supported-versions.php
|
|
Any | Backport Request | Low | Medium | [docker] package request | Closed | |
Task Description
Please, package and backport the docker CE for Hyperbola Milky Way.
For reference, see the package docker in the Parabola.
|
|
Any | Bug Report | Low | High | [php-fpm] service fails to start | Closed | |
Task Description
Package information
$ pacman -Ql php-fpm
php-fpm /etc/
php-fpm /etc/init.d/
php-fpm /etc/init.d/php-fpm
php-fpm /etc/php/
php-fpm /etc/php/php-fpm.conf
php-fpm /etc/php/php-fpm.d/
php-fpm /etc/php/php-fpm.d/www.conf
php-fpm /usr/
php-fpm /usr/bin/
php-fpm /usr/bin/php-fpm
php-fpm /usr/lib/
php-fpm /usr/lib/tmpfiles.d/
php-fpm /usr/lib/tmpfiles.d/php-fpm.conf
php-fpm /usr/share/
php-fpm /usr/share/man/
php-fpm /usr/share/man/man8/
php-fpm /usr/share/man/man8/php-fpm.8.gz
php-fpm /usr/share/php/
php-fpm /usr/share/php/fpm/
php-fpm /usr/share/php/fpm/status.html
Bug information
$ sudo service php-fpm start
* Starting PHP FastCGI Process Manager ...
[ERROR] unable to bind listening socket for address '/run/php-fpm/php-fpm.sock': No such file or directory (2)
[ERROR] FPM initialization failed
* start-stop-daemon: failed to start `/usr/bin/php-fpm'
[ !! ]
* ERROR: php-fpm failed to start
|
|
Any | Bug Report | Low | Medium | [openrc] Error: fopen(/run/openrc/rc.log) failed: No su ... | Closed | |
Task Description
Replace RC_SVCDIR to RC_LOGDIR, like:
src/librc/rc.h.in
-----
#define RC_LIBEXECDIR "LIBEXECDIR@"
+#define RC_LOGDIR "/var/log"
_____
src/rc/rc-logger.c
-----
-#define TMPLOG RC_SVCDIR "rc.log"
+#define TMPLOG RC_LOGDIR "rc.log"
|
|
Any | Bug Report | Low | Medium | [cryptsetup] when dmcrypt start, the "/" filesystem, m ... | Closed | |
Task Description
When dmcrypt service start, the “/” filesystem is remounted, mtab is updated and bootmisc is recording the login users, by waiting time scheduling:
* root: waiting for dmcrypt (50 seconds)
* root: timed out waiting for dmcrypt
* Remounting root filesystem read/write ...
* Remounting filesystems ...
* mtab: waiting for dmcrypt (50 seconds)
* mtab: timed out waiting for dmcrypt
* Updating /etc/mtab ...
* Creating mtab symbolic link
* bootmisc: waiting to dmcrypt (50 seconds)
* bootmisc: timed out waiting for dmcrypt
* Creating user login records ...
These features on dmcrypt service are useless and these lines print above filesystem passphrase order (the printed line), those ones break printed console and print the pressed keyboard digit when I’m setting up password.
Sometimes this breaks services startup, and I need press “enter” consecutively to allow run the services.
|
|
Any | Bug Report | Low | Medium | [cryptsetup] can't umount luks filesystem on reboot/shu ... | Closed | |
Task Description
dmcrypt service can’t umount luks filesystem on reboot/shutdown, device or resource busy:
* Removing dm-crypt mappings
* foobar-pv
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv failed: Device or resource busy
Device foobar-pv is still in use [ !! ]
|
|
Any | Bug Report | Low | Medium | [samba] wrong permissions on /etc/conf.d folder | Closed | |
Task Description
Latest samba has wrong permissions on /etc/conf.d folder, that is 644 whereas it should be 755.
|
|
Any | Bug Report | Low | Low | [x11vnc] service contains error: "Service 'x11vnc' need ... | Closed | |
Task Description
x11vnc service has been imported from Gentoo, however it forces use xdm service when it should be optional since there are users don’t like use xdm to run DMs. Also, Hyperbola contains another services alternatives such as gdm, lightdm, lxdm, sddm and slim to run directly without xdm.
|
|
Any | Bug Report | Low | Critical | [openvswitch-lts] netifrc fails to start openvwitch int ... | Closed | |
Task Description
Description:
During openrc boot, ‘net’ starts before ‘ovs-vswitchd’ and result to an error and not attributing IP to the openvswitch interface:
ERROR: interface vswitch does not exist
Ensure that you have loaded the correct kernel module for your hardware
ERROR: net.vswitch failed to start
/run/openvswitch: creating directory
Starting ovsdb-server ...
Starting ovs-vswitchd ..
Additional info:
As a workaround I have added
after modules ovs-vswitchd line #39 to /etc/init.d/net.lo and it solves the issue.
I think it would require an if statement to append ovs-vsitchd to line #39 in case openvswitch is installed and activated.
After my change, rc.log:
/run/openvswitch: creating directory
Starting ovsdb-server ...
Starting ovs-vswitchd ...
Bringing up interface vswitch
Caching network module dependencies
need dbus
10.XX.XX.XX/24 ...
Adding routes
default via 10.XX.XX.XX
Steps to reproduce:
|
|
Any | Bug Report | Low | Critical | [hostapd] fails to start at boot when using openvwitch ... | Closed | |
Task Description
Hostapd is failing at boot with :
Starting hostapd ...
Configuration file: /etc/hostapd/hostapd.conf
ovs-vsctl: unix:/run/openvswitch/db.sock: database connection failed (No such file or directory)
Hostapd should start “after ovs-vswitchd”
If I add it to /etc/init.d/hostapd, I don’t have the issue anymore
|
|
Any | Bug Report | Low | Low | [usbutils] lsusb does not list device names | Closed | |
Task Description
Description:
lsusb does not resolve device names from /var/lib/usbutils/usb.ids
The same thing as described here: https://unix.stackexchange.com/questions/220759/lsusb-doesnt-list-device-names
|
|
Any | Bug Report | Low | Low | [emacs-nox] uses "nox" suffix | Closed | |
Task Description
Description:
Additional info:
* package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Bug Report | Low | Low | [erlang-nox] uses "nox" suffix | Closed | |
Task Description
Description:
Additional info:
* package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Bug Report | Low | Low | [qbittorrent-nox] uses "nox" suffix | Closed | |
Task Description
Description:
Additional info:
* package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Stable | Bug Report | Low | Medium | Garbled display with xfce4-terminal (terminfo) | Closed | |
Task Description
A very nasty bug I wasn’t able to find an answer to.
I compiled stuff (buildroot) using menuconfig, the menu display was fine in xfce4-terminal (See screenshot #1)
I restarted the config a few days later with the same command :
$ make menuconfig
and this time the display was messed up (See screenshot #2)
After investigation, I noticed a directory (filled with stuff) have been created in my home folder :
.terminfo
I don’t know why. But anyway, if I delete it, then the display is ok again.
I noticed that if I use good old xterm terminal, then the display is fine even if the .terminfo directory is present. (it uses “xterm” instead of xterm-256color)
But, with xfce4-terminal (and others, I tried with gnome-terminal, sakura..), the display is messed up if the .terminfo directory is present in my home folder.
I also noticed that if I run the command in a screen session, the issue is not present.
(I open xfce4-terminal)
$ screen
$ printenv TERM
screen.xterm-256color
$ make menuconfig (or htop, or other program using ncurses)
= display ok
but with default :
(I open xfce4-terminal)
$ printenv TERM
xterm-256color
make menuconfig (or htop, or other program using ncurses)
= display messed up if .terminfo directory is present
So I have no idea why this .terminfo directory is generated. What could trigger its generation ? Is that an issue with ncurses or something else ?
Thanks for your help
|
|
Any | Bug Report | Low | Low | [crystal] error build Invidious | Closed | |
Task Description
Description:
crystal build src/invidious.cr –release
Error in src/invidious.cr:19: while requiring "kemal"
require "kemal"
^
in lib/kemal/src/kemal.cr:4: while requiring "./kemal/*"
require "./kemal/*"
^
in lib/kemal/src/kemal/config.cr:26: expanding macro
property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
^~~~~~~~
in lib/kemal/src/kemal/config.cr:26: expanding macro
property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
^
in macro 'property' expanded macro: macro_48177600:567, line 4:
1.
2.
3.
> 4. @static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
5.
6. def static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
7. @static_headers
8. end
9.
10. def static_headers=(@static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil)
11. end
12.
13.
14.
15.
undefined constant File::Info
Additional info:
* package version(s)
Crystal 0.22.0 (2017-04-22) LLVM 4.0.0
Steps to reproduce:
|
|
Any | Bug Report | Low | High | [kaccounts-integration] option to add NextCloud/OwnClou ... | Closed | |
Task Description
Description:
Additional info:
* package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Bug Report | Low | High | [kdenetwork-kopete] clicking to add an Jabber Account o ... | Closed | |
Task Description
Description:
Additional info:
* package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Bug Report | Low | High | [xfce4-power-manager] locking session issue | Closed | |
Task Description
I probably should’ve mentioned this before, but if it is set to suspend when lid is closed, it should automatically lock. if the security option: lock screen with system is set to sleep is tweaked on it doesn’t lock always.
This is word for word what I wrote in the forums, but yeah... it is a problem say if someone wants to use your laptop without your permission and can do so.
But it is also a problem if you set it to lock instead because it is more prone to overheating when your not using it, and it doesn’t suspend quickly enough.
I have tried this many times and the same story can be told, again and again.
I think this issue should be considered high or critical merely because of the privacy risk if someone gets their hands on your laptop while its on. Even if you have been away... :/
I wonder if anyone else has this issue... well you guys will tell me I am sure. if critical doesn’t match what you think I am sure you will change it. ;)
|
|
Any | Bug Report | Low | Low | [xdg-utils] doesn't work with -uxp applications and has ... | Closed | |
Task Description
As per the source code, xdg-utils is meant to work with firefox, google-chrome, and other browsers. It is missing support for -uxp applications.
|
|
Any | Drop Request | Low | Low | [gegl02] remove unmaintained version of GEGL | Closed | |
|
|
Any | Drop Request | Low | Low | [nginx-mainline] remove unstable and duplicated package | Closed | |
|
|
Any | Drop Request | Low | Low | [libreoffice-fresh*] remove unstable and duplicated pac ... | Closed | |
|
|
Any | Drop Request | Low | Low | [autoconf-2.64] remove duplicated package | Closed | |
|
|
Any | Drop Request | Low | Low | [wine*] remove unstable and staging packages | Closed | |
|
|
Any | Feature Request | Low | Low | [scribus] missing hunspell support | Closed | |
|
|
Any | Feature Request | Low | Very Low | [openrc] services should be added to runlevels through ... | Closed | |
|
|
Any | Feature Request | Low | Low | [npapi-vlc] package from git source | Closed | |
|
|
Any | Implementation Request | Low | Low | [nut] add Network UPS Tools 2.7.x package | Closed | |
|
|
Testing | Implementation Request | Low | Medium | [spacefm] add new package | Closed | |
|
|
Any | Implementation Request | Low | Low | [codecrypt] add new package | Closed | |
|
|
Any | Implementation Request | Low | Low | [i2p] add new package | Closed | |
|
|
Any | Implementation Request | Low | Low | [opmsg] add new package | Closed | |
|
|
Any | Replace Request | Low | Low | [appmenu-qt4] replace with appmenu-qt (qt5) | Closed | |
|
|
Any | Replace Request | Low | Low | [botan*] remove unstable "botan" and rename ''botan1.10 ... | Closed | |
|
|
Stable | Update Request | Low | High | [pigeonhole] needs to be updated (depends on older vers ... | Closed | |
|
|
Any | Backport Request | Very Low | Medium | [iceweasel-uxp] Privacy Possum continuous support for I ... | Closed | |
|
|
Stable | Backport Request | Very Low | Medium | Zoom Page WE Backport Request | Closed | |
|
|
Any | Backport Request | Very Low | Medium | [iceowl] package request | Closed | |
|
|
Any | Backport Request | Very Low | Medium | [icedove-uxp] backport mail merge | Closed | |
|
|
Any | Backport Request | Very Low | Medium | [icedove-uxp] backport cardbook | Closed | |
|
|
Stable | Backport Request | Very Low | Medium | Request for addon used by Iceweasel-UXP: uMatrix | Closed | |
|
|
Any | Backport Request | Very Low | Medium | Random Agent Spoofer for Iceape | Closed | |
|
|
Any | Backport Request | Very Low | Medium | Greasemonkey For Iceape | Closed | |
|
|
Any | Backport Request | Very Low | Low | Self Destructing Cookies for Iceape | Closed | |
|
