I know that upgrading Qt is not a trivial task, but would it be possible to do this anyway? Qt 5.8 has issues that other versions do not have. See for example the discussion here about Projecteur, a very useful tool. Hyperbola seems to be the only Linux distribution unable to run it, just because of Qt 5.8:

https://github.com/jahnf/Projecteur/issues/26

As even the support for GCC 7 is now ending with the release of version 7.5 (https://gcc.gnu.org/ml/gcc/2019-11/msg00099.html) I’d like to propose a renewal of the building-stack - which I think is also needed in time. Also a renewal of the glibc would be good at all!

Hello,

Would it be possible to get a package bump for mpv ?

Currently, Debian Buster (stable) uses 0.29.1-1. This would be great as it introduces many fixes and support for lua scripts I heavily use.
0.29.* requires a ffmpeg to 4.x series as well.

Thanks.

An example:

$ hypervideo https://soundcloud.com/moshe-feiglin/wuh9dlykfhok [soundcloud] moshe-feiglin/wuh9dlykfhok: Downloading webpage
[soundcloud] moshe-feiglin/wuh9dlykfhok: Downloading info JSON
[soundcloud] 717666847: Downloading track url
WARNING: Unable to download JSON metadata: HTTP Error 401: Unauthorized
[soundcloud] 717666847: Checking fallback video format URL [soundcloud] 717666847: fallback video format URL is invalid, skipping
ERROR: No video formats found;

                  Error: Nonfree Bytecode Required!

     It's currently impossible to download this video with DRM.

    Hypervideo protects your freedom by avoiding DRM and nonfree
                        bytecode parsing.

                            More info:

The IDE codelite is an excellent development environment, continuously updated, has a clear vision and active support.
Would be nice to have this one within the repositories in upcoming releases, perhaps 0.5?

Description: As Gnome has decided against following libre, free principles the desktop-environment has becoming a risk for the privacy and freedom for users. Meaning that the desktop-environment with all basic packages should be removed. Of course the final decision is up to the community and the development-team. Followed up are more reasons for the insights:

* Bloated with questionable dependencies (including mandatory systemd)
* Using proprietary services as high risk for freedom and privacy for users (https://i.stack.imgur.com/yZcyV.png)
* Coming up with questionable and vague principles, against software-freedom in a whole (inclusion of flatpak and flathub as so-called standardization for distributions, discussions about proprietary software included within the software-center)

Additional info for packages:

gnome-backgrounds
gnome-calculator
gnome-contacts
gnome-control-center
gnome-dictionary
gnome-disk-utility
gnome-font-viewer
gnome-keyring
gnome-screenshot
gnome-session
gnome-settings-daemon
gnome-shell
gnome-shell-extensions
gnome-system-monitor
gnome-terminal
gnome-themes-standard
gnome-user-docs
gnome-user-share
grilo-plugins

It happened already with minetest and again with prosody: When trying to build own packages with makepkg there are patches downloaded from the Debian-project. But the given HTTP(S)-sources are no longer available, concrete example within prosody to be found: https://deb.debian.org/debian/pool/main/p/prosody/prosody_0.10.2-1~bpo9+1.debian.tar.xz (not available)

Please don’t rely on those external sources when creating PKGBUILD-files or just give users the possibility for a secure and granted download. Therefore I cannot build prosody on my own now!

The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.

https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/

[Critical] https://security-tracker.debian.org/tracker/CVE-2019-18934

Description:
linphonec is unusable because a error produce a continuous log

Additional info:
linphone 3.11.1-1.hyperbola1

Steps to reproduce:
linphonec

Log:
linphonec> 2019-12-15 19:25:58:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:03:012 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:08:018 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:13:013 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:18:016 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:23:014 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:28:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:33:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:38:012 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:43:015 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:48:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:53:010 ortp-error-Error in connect: Network is unreachable

When i try to set the brightness on my screen, with xbacklight -set 100,

it does this:

No outputs have backlight property

and it doesn’t really matter if I set it lower than 100 or what it currently is at.

Fix when you can please!

The current version of the package icewm within the Hyperbola-repositories is 1.3.8. The latest version is 1.6.3!
An update would be helpful as this window-manager follows absolutely the principles of the distribution Hyperbola itself, being simple and fast.

It appears when I plug in my libreboot laptop x200 in, it appears to dim the screen and when its unplugged, the screen is bright again. Something peculiar is at work, I wondered if this could be fixed.

My assumption is it is related to lxdm or lightdm. Any thoughts?

I am currently using 0.4, so I don’t expect this to be a fast process, just when you get a chance okay?

smartmontools 6.5-1.hyperbola1

Error while trying to update smart-drivedb :

anon@test[~] update-smart-drivedb

External Link/usr/bin/update-smart-drivedb: download from branches/RELEASE_6_5_DRIVEDB failed (curl: exit 23) /usr/bin/update-smart-drivedb: download from trunk failed (curl: exit 23)

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

When trying to start a new campaign the complete game-engine is crashing with the following message:

Object::disconnect: Unexpected null parameter
QCoreApplication::postEvent: Unexpected null receiver

As ghc and fpc should be removed in the near future it would be good to validate this or otherwise remove the game-package itself also.

When using the package for wireless connections no further icon is displayed without having the package [b]network-manager-applet[/b] installed.

https://www.openwall.com/lists/oss-security/2019/12/20/2

“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”

Is there any way to force it to try from yt as it did in the final attempt?

$ hypervideo -f 22 https://www.youtube.com/watch?v=X7v2aHUPp14 [youtube] X7v2aHUPp14: Downloading webpage
[youtube] X7v2aHUPp14: Downloading video info webpage
[youtube] X7v2aHUPp14: Checking URL Invidious API [youtube] X7v2aHUPp14: Downloading JSON metadata
[youtube] X7v2aHUPp14: Downloading from Invidious API ERROR: unable to download video data: HTTP Error 403: Forbidden

$ hypervideo -f 22 https://www.youtube.com/watch?v=X7v2aHUPp14 [youtube] X7v2aHUPp14: Downloading webpage
[youtube] X7v2aHUPp14: Downloading video info webpage
[youtube] X7v2aHUPp14: Checking URL Invidious API [youtube] X7v2aHUPp14: Trying from YT
[download] Destination: Caroline’s First Day _ Green Wing _ Series 1 Episode 1 _ Dead Parrot-X7v2aHUPp14.mp4
[download] 100% of 418.57MiB in 03:31

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.

Description:

cant open /usr/local/lib/english.hash

Additional info:

Repository      : extra
Name            : ispell
Version         : 3.3.02-7
Description     : An interactive spell-checking program for Unix
Architecture    : x86_64
URL             : http://ficus-www.cs.ucla.edu/geoff/ispell.html
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : ncurses
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 321.26 KiB
Installed Size  : 1336.00 KiB
Packager        : Evangelos Foutras <evangelos@foutrelis.com>
Build Date      : Sun Sep 6 12:07:06 2015
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

- Install package

CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).

Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.

But I have the following error on check():

 |  *** prove ***
 |
 |  Test Summary Report
 |  -------------------
 |  t5570-git-daemon.sh                              (Wstat: 256 Tests: 20 Failed: 10)
 |    Failed tests:  3-7, 15-19
 |    Non-zero exit status: 1
 |  t5811-proto-disable-git.sh                       (Wstat: 256 Tests: 26 Failed: 16)
 |    Failed tests:  2-6, 9-11, 15-19, 21-23
 |    Non-zero exit status: 1
 |  Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr  1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
 |  Result: FAIL
 |  make[1]: *** [Makefile:45: prove] Error 1
 |  make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
 |  make: *** [Makefile:2291: test] Error 2
 |  ==> ERROR: A failure occurred in check().
 |      Aborting...

This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).

Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.

Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984

Affected are for example LXDE in general, icedove, iceweasel and many more!