Packages

Category Task Type Priority  desc Severity Summary Status Progress
AnyFeature RequestVery HighHigh [mcelog] needs OpenRC init script and contains systemd  ...Closed
100%
Task Description

Description:

  • needs OpenRC init script and contains systemd file

Additional info:

  • mcelog 1:148-1
mcelog /usr/lib/systemd/system/mcelog.service

Steps to reproduce:

  • none
AnyBug ReportVery HighHigh [openrc] needs a minor fix Closed
100%
Task Description

Description:

  • OpenRC needs a minor fix (remount proc)

Additional info:

  • openrc 0.28-19
openrc /usr/lib/rc/sh/init.sh

-        mount -n -t proc -o noexec,nosuid,nodev,gid=proc,hidepid=2 proc /proc
+        mount -n -t proc -o noexec,nosuid,nodev proc /proc
+        mount -n /proc -o remount,gid=26,hidepid=2

Steps to reproduce:

  • Boot OpenRC in chroot with unshare
AnyFeature RequestVery HighHigh [bzr] needs OpenRC init script (bzr serve) Closed
100%
Task Description

Description:

  • needs OpenRC init script (bzr serve), like [git] (git-daemon) and [subversion] (svnserve)

Additional info:

  • bzr 2.7.0-2
Note: needs a provide: bazaar

Steps to reproduce:

  • none
AnyFeature RequestVery HighHigh [mercurial] needs OpenRC init scripts (hg serve and chg ...Closed
100%
Task Description

Description:

  • needs OpenRC init scripts (hg serve and chg server), like [git] (git-daemon) and [subversion] (svnserve)

Additional info:

  • mercurial 4.2-1
Note: needs a provide: hg

Steps to reproduce:

  • none
AnyImplementation RequestVery HighHigh [murmur-headless] add a Murmur package capable of worki ...Closed
100%
Task Description

Description:

  • Add new a Murmur package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

  • based on murmur 1.2.19-5

Steps to reproduce:

  • none
AnyImplementation RequestVery HighHigh [asterisk-headless] add an Asterisk package capable of  ...Closed
100%
Task Description

Description:

  • Add an Asterisk package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

  • based on asterisk 14.4.0-1

Steps to reproduce:

  • none
AnyBug ReportVery HighHigh [mkinitcpio] consolefont and keymap hooks is adapted to ...Closed
100%
Task Description

Description:

  • “consolefont” and “keymap” hooks is adapted to systemd using /etc/vconsole.conf file, those hooks are needed to adapt to [openrc] with /etc/conf.d/consolefont and /etc/conf.d/keymaps

Additional info:

  • mkinitcpio 23-1.hyperbola3.1
/usr/lib/initcpio/install/consolefont
---
-        [[ -s /etc/vconsole.conf ]] && . /etc/vconsole.conf
+        [[ -s /etc/conf.d/consolefont ]] && . /etc/conf.d/consolefont

-        if [[ $FONT ]]; then
-            for file in "/usr/share/kbd/consolefonts/$FONT".@(fnt|psf?(u))?(.gz); do
+        if [[ $consolefont ]]; then
+            for file in "/usr/share/kbd/consolefonts/$consolefont".@(fnt|psf?(u))?(.gz); do

-            error "consolefont: requested font not found: \`%s'" "$FONT"
+            error "consolefont: requested font not found: \`%s'" "$consolefont"

-This hook loads consolefont specified in vconsole.conf during early 
-userspace.
+This hook loads consolefont specified in /etc/conf.d/consolefont during 
+early userspace.
/usr/lib/initcpio/install/keymap
---
-        for cfg in /etc/{vconsole,locale}.conf; do
+        for cfg in /etc/{conf.d/keymaps,locale}.conf; do

-        loadkeys -q $uc ${KEYMAP:-us} -b > "$BUILDROOT/keymap.bin"
+        loadkeys -q $uc ${keymap:-us} -b > "$BUILDROOT/keymap.bin"

-This hook loads keymap(s) specified in vconsole.conf during early 
-userspace.
+This hook loads keymap(s) specified in /etc/conf.d/keymaps during 
+early userspace.
Repository      : core
Name            : mkinitcpio
Version         : 23-1.hyperbola3.1
Description     : Modular initramfs image creation utility, with eudev support
Architecture    : any
URL             : https://projects.archlinux.org/mkinitcpio.git/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : awk  mkinitcpio-busybox>=1.19.4-2  kmod  util-linux>=2.23  libarchive  coreutils  bash  findutils  grep  filesystem>=2011.10-1  gzip  eudev
Optional Deps   : xz: Use lzma or xz compression for the initramfs image
                  bzip2: Use bzip2 compression for the initramfs image
                  lzop: Use lzo compression for the initramfs image
                  lz4: Use lz4 compression for the initramfs image
                  mkinitcpio-nfs-utils: Support for root filesystem on NFS
Conflicts With  : None
Replaces        : None
Download Size   : 38.40 KiB
Installed Size  : 186.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Fri 05 Oct 2018 03:28:32 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

  • Use “consolefont” and “keymap” hooks from mkinitcpio
AnyImplementation RequestVery HighMedium [coturn] add new package Closed
100%
Task Description

Description:

  • add new package

Additional info:

Steps to reproduce:

  • none
AnyImplementation RequestVery HighMedium [mediagoblin] add GNU MediaGoblin package Closed
100%
Task Description

Description:

  • add GNU MediaGoblin package

Additional info:

  • none

Steps to reproduce:

  • none
AnyBug ReportVery HighLow [filesystem] the hyperbola manual (/usr/share/man/man7/ ...Closed
100%
Task Description

The hyperbola manual (/usr/share/man/man7/hyperbola.7.gz), the command “ln” is inverted:

ln -s /etc/localtime /usr/share/zoneinfo/Europe/Paris # wrong
ln -s /usr/share/zoneinfo/Europe/Paris /etc/localtime # correct
StableBug ReportHighCritical [vhba-module-lts] modprobe: ERROR: could not insert 'vh ...Closed
100%
Task Description
filename:       /lib/modules/4.9.77-gnu-1-lts/extramodules/vhba.ko
license:        GPL
description:    Virtual SCSI HBA
version:        20161009
author:         Chia-I Wu
srcversion:     E5A3E6F70DFD436A6B1C8D6
depends:        scsi_mod
vermagic:       4.9.27-gnu-1-lts SMP mod_unload modversions

Can’t insert module vhba

Error :

modprobe: ERROR: could not insert ‘vhba’: Exec format error

AnySecurity IssueHighCritical [irssi] IRSSI-SA-2018-02 Irssi Security Advisory Closed
100%
Task Description

Multiple vulnerabilities have been located in Irssi.

Access remote: yes

References links:

AnyFeature RequestHighCritical [pacman-key][cronie][fcron] eating up hardware resource ...Closed
100%
Task Description

This morning while I was working on my X200, I noticed that my CPU was kept 100% busy for a long time by some process which was obvioulsy eating up the battery life. The culprit was pacman-key, triggered by logrotate.

To stop this, I did ‘chmod -x /etc/cron.daily/pacman-key’ and I rebooted.

Later on, it was impossible to install a new package as it was impossible to get over the step marked as “checking keys in keyring...”

So I tried to do again ‘pacman-key –refresh-keys’: the overall process took more than an hour—behind a fast and robust internet connection. I finally got three lines, saying that about 1,000 keys were updated but I never got the prompt back. So I hit Ctrl-C.

At the time of writing, I am still trying to refresh the keys—a quite desperate attempt, if I may say so.

Although I tagged this report as a “Feature request”, it is in my opinion of quite some importance. I understand very well the absolute necessity to always have the keys updated, but in this particular case, with so many keys and so frequent updates, I begin to wonder if losses are not beginning to prevail over benefits.

Unless I am doing something wrong or missing something I should do?

Any help would be strongly appreciated.

Robert

AnySecurity IssueHighCritical [python2] heap-overflow vulnerability CVE-2018-1000030 Closed
100%
Task Description

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3→Malloc→Thread1→Free’s→Thread2-Re-uses-Free’d Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.

https://security-tracker.debian.org/tracker/CVE-2018-1000030

AnySecurity IssueHighCritical [geth] possible denial of service attacks "DoS Attack" Closed
100%
Task Description

Geth 1.6.x contains possible denial of service attacks “DoS Attack”, however it has been solved in 1.7.2 [0] instead. Since 1.6.x needs many modifications spread across multiple files of the code and it is inefficient to be backported, the newer version (eg. 1.7.x) could replace the current version package as exception, but repackaged with the appropriate suffix “-backports”.

AnyPrivacy IssueHighCritical [deepin-desktop-base] Check for CNZZ Spyware Closed
100%
Task Description

As per a recent discovery, we should check if our deepin is affected by the CNZZ spyware in the AppStore.
https://www.youtube.com/watch?v=v25Dy66AtNI

We also shouldn’t use the AppStore if it exists, due to non-free apps.

Known files:
> usr/share/dbus-1/system-services/com.deepin.daemon.Apps.service
> etc/appstore.json

StableBug ReportHighCritical [alsa-tools] create missing firmware folder since firmw ...Closed
100%
Task Description

### Some context ###

I use hdajackretask on my G41M-ES2L motherboard (Libreboot)

Alsamixer doesn’t offer automute feature so every time I plug my headphones, the sound is playing by my speakers.
So to work around this, I use hdajackretask from alsa-tools package.

It allows to install a boot override to solve the issue.

Yesterday, I reinstalled Hyperbola on my system and the boot override because of missing /lib/firmware directory. (Although it was present before, something changed ?)

The error message was (I translate)

/mv: can't move '/tmp/hda-jack-retask-VH3KIZ/hda-jack-retask.fw' to /lib/firmware/hda-jack-retask.fw' No file or folder of this type

So I created a folder “firmware” in /lib/
and copied hda-jack-retask.fw in it.

Then I rebooted, 100% working.

I don’t know if the fix should apply to the PKGBUILD of alsa-tools (to create a /lib/firmware directory) or something else ?

AnyBug ReportHighCritical [light-locker] returns error while tries load shared li ...Closed
100%
Task Description

Description:
The light-locker package returns error while tries load shared library libsystemd.so.0.

Additional info:
* package version(s): light-locker-1.6.0-3

Steps to reproduce:

  1. Install the package:
  $ sudo pacman -S light-locker
  
  1. Run it:
  $ light-locker
  
  1. Then, you get the following message:
  light-locker: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory
  
AnyBug ReportHighCritical [utox] package needs rebuilding Closed
100%
Task Description

I get this error when trying to run it:

$ utox
utox: error while loading shared libraries: libtoxencryptsave.so.1: cannot open shared object file: No such file or directory

AnyReplace RequestHighCritical [python2] replace deprecated Python 2 to Tauthon Closed
100%
Task Description

Description:

  • replace deprecated Python 2 to Tauthon for Canis Major

Additional info:

Steps to reproduce:

  • Broken python2 packages.
AnyBug ReportHighCritical [zathura-ps] needs to be recompiled Closed
100%
Task Description

Description:
Since the update to 0.3.9 (or the update of girara to 0.2.9), zathura-pdf-poppler returns the following error:

error: Could not load plugin '/usr/lib/zathura/ps.so' (libgirara-gtk3.so.2: cannot open shared object file: No such file or directory).
AnyBug ReportHighCritical [links][elinks] segmentation fault after start by termi ...Closed
100%
Task Description

Description:

  • Segmentation fault after start by terminal emulator but elinks does not crash in console. After that, it prints characters when mouse buttons pressed so it can not copy its output.

Additional info:
* package version(s)

  • links 2.14-2
  • elinks 0.13-18

* config and/or log files etc.

  • gdb output for links 2.16:
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4295e43 in strchrnul () from /usr/lib/libc.so.6
  • gdb output for elinks 0.13-18:
[New Thread 0x7ffff4dfb700 (LWP 8393)]
Thread 1 "elinks" received signal SIGSEGV, Segmentation fault.
0x00007ffff5fa3e43 in strchrnul () from /usr/lib/libc.so.6

Steps to reproduce:

  • Run links and elinks by terminal emulator
AnySecurity IssueHighCritical [octopi] uploads system logs to ptpb.pw without confirm ...Closed
100%
Task Description

Octopi 0.9.0 is uploading system logs to ptpb.pw without confirmation through :

Tools
→ SysInfo → ptpb.pw

I think it should be either disabled or add at least a patch to ask for a confirmation.
An other way could be to patch this :

src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255:  QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- https://ptpb.pw/?u=1", tempFile->fileName());
256:  return ptpb;

to :

src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255:  QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- **https://ptpb.pw/", tempFile->fileName());
256:  return ptpb;

This way, you can at least ask for log deletion with the help of log uuid as explained here : https://ptpb.pw/#id10

StableUpdate RequestHighCritical [system-config-printer] update to 1.5.11 Closed
100%
Task Description

Description:

this release is mostly bugfix, updated translations, removed some deprecated parts in code (abandoning libgnome-keyring and starting using libsecret) and in UI and added Till’s patches from Ubuntu (Thank you, Till!).

Additional info:
* package version(s)

# pacman -Si system-config-printer
Repositorio               : extra
Nombre                    : system-config-printer
Versión                   : 1.5.9-2
Descripción               : A CUPS printer configuration tool and status applet
Arquitectura              : x86_64
URL                       : https://github.com/zdohnal/system-config-printer
Licencias                 : GPL
Grupos                    : Nada
Provee                    : Nada
Depende de                : python-pycups  python-dbus  python-pycurl  libnotify  python-requests  python-gobject  gtk3  python-cairo
Dependencias opcionales   : python-pysmbc: SMB browser support
                            python-packagekit: to install drivers with PackageKit
                            cups-pk-helper: PolicyKit helper to configure cups with fine-grained privileges
En conflicto con          : Nada
Remplaza a                : Nada
Tamaño de la descarga     : 908,59 KiB
Tamaño de la instalación  : 7159,00 KiB
Encargado                 : Andreas Radke <andyrtr@archlinux.org>
Fecha de creación         : vie 27 ene 2017 04:18:24 -03
Validado por              : Suma MD5  Suma SHA-256  Firma

* config and/or log files etc.

Steps to reproduce:

AnyBug ReportHighCritical [electrum] updated package still does not work Closed
100%
Task Description

Here is the terminal output:

$ electrum
Error: No module named ‘aiorpcx’. Try ‘sudo python3 -m pip install <module-name>

I think a newer python version (e.g. 3.7) might be needed in order to get it to work as well as even after installing missing modules via pip locally the package does not run.

StableBug ReportHighCritical  [gufw] FileNotFoundError: [Errno 2] '/usr/sbin/ufw': ' ...Closed
100%
StableBug ReportHighCritical [postfix][FHS] multiple issues, need rebuilding Closed
100%
StableFreedom IssueHighCritical [smplayer] Removal of unfree "Chromecast"-plugin Closed
100%
TestingBug ReportHighCritical [Hyperbola GNU/Linux-libre 0.4] Installation for syslin ...Closed
100%
TestingBug ReportHighCritical [Hyperbola GNU/Linux-libre 0.4] Problems with sndio fai ...Closed
100%
TestingBug ReportHighCritical [wpa_supplicant]: wireless connection does not work Closed
100%
TestingBug ReportHighCritical Runit errors, Closed
100%
TestingImplementation RequestHighCritical [xlsfonts] Missing package needs to be added for xenoca ...Closed
100%
TestingBug ReportHighHigh [sway] error while loading shared libraries Closed
100%
TestingBug ReportHighHigh [sddm] error while loading shared libraries Closed
100%
AnySecurity IssueHighHigh [npapi-sdk] remove unsecure/deprecated package Closed
100%
AnySecurity IssueHighHigh [npapi-vlc] remove unsecured package Closed
100%
AnySecurity IssueHighHigh [nspluginwrapper] remove unsecure/deprecated package Closed
100%
AnySecurity IssueHighHigh [x2goplugin] remove unsecure package Closed
100%
AnySecurity IssueHighHigh [djview] remove unsecure "nsdejavu.so" Closed
100%
AnySecurity IssueHighHigh [icedtea-web] remove unsecure "IcedTeaPlugin.so" Closed
100%
TestingBug ReportHighHigh [freerdp] error while loading shared libraries Closed
100%
TestingBug ReportHighHigh [gnome-shell] error while loading shared libraries Closed
100%
TestingBug ReportHighHigh [ksystemlog] error while loading shared libraries Closed
100%
TestingBug ReportHighHigh [mutter] error while loading shared libraries Closed
100%
AnyDrop RequestHighHigh [devtools] remove this package Closed
100%
AnyPrivacy IssueHighHigh [redshift] remove geoclue2 support Closed
100%
AnyPrivacy IssueHighHigh [epiphany] would be more private if not for Hyperbola p ...Closed
100%
AnyBug ReportHighHigh [tlp] remove systemd support Closed
100%
AnyBug ReportHighHigh [sway] relies on systemd libraries Closed
100%
Showing tasks 151 - 200 of 1516 Page 4 of 31

Available keyboard shortcuts

Tasklist

Task Details

Task Editing