|
Any | Feature Request | High | High | [xz] adapt package in accordance with the Hyperbola Pac ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [zlib] adapt package in accordance with the Hyperbola P ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Bug Report | High | High | [mate-session-manager] add elogind support | Closed | |
Task Description
The MATE Session Handler lacks elogind support to handle session options from MATE since it is adapted for systemd only. There is a patch of elogind support for gnome-session [0] that could be adapted to mate-session-manager.
$ pacman -Si mate-session-manager
Repository : community
Name : mate-session-manager
Version : 1.18.1-1.hyperbola1
Description : The MATE Session Handler, without systemd support
Architecture : x86_64
URL : https://mate-desktop.org
Licenses : GPL
Groups : mate
Provides : None
Depends On : dbus-glib gtk3 libsm mate-desktop
Optional Deps : gnome-keyring: keyring support
xdg-user-dirs-gtk: manage user directories
Conflicts With : mate-session-manager-gtk3
Replaces : mate-session-manager-gtk3
Download Size : 284.77 KiB
Installed Size : 2347.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Fri 08 Sep 2017 03:03:18 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Bug Report | High | High | [gvfs] add libelogind support | Closed | |
Task Description
gvfs uses some features from systemd-logind that can be provided by elogind. There is an implementation made from Gentoo [0] to add libelogind support.
|
|
Stable | Bug Report | Medium | Medium | [ranger]: /bin/sh: sensible-editor: command not found | Closed | |
Task Description
Al momento de querer previsualizar un archivo txt o cualquier archivo que contenga texto sale este mensaje: ‘/bin/sh: sensible-editor: command not found’
|
|
Stable | Bug Report | Medium | Medium | [icecast] init script fails | Closed | |
Task Description
icecast has a failure in hyperbola, every time you want to connect icecast you must launch this command: ‘icecast -b -c /etc/icecast.xml’, without that command icecast is not connected with the client.
|
|
Stable | Bug Report | High | Critical | [vhba-module-lts] modprobe: ERROR: could not insert 'vh ... | Closed | |
Task Description
filename: /lib/modules/4.9.77-gnu-1-lts/extramodules/vhba.ko
license: GPL
description: Virtual SCSI HBA
version: 20161009
author: Chia-I Wu
srcversion: E5A3E6F70DFD436A6B1C8D6
depends: scsi_mod
vermagic: 4.9.27-gnu-1-lts SMP mod_unload modversions
Can’t insert module vhba
Error :
modprobe: ERROR: could not insert ‘vhba’: Exec format error
|
|
Any | Security Issue | Very High | Critical | [electrum] JSONRPC vulnerability | Closed | |
Task Description
Our current version is vulnerable
|
|
Any | Bug Report | High | High | [lightdm] is running under foreground mode and causing ... | Closed | |
Task Description
Since latest update, many of my service do not start automatically. (I can start them manually though) This cause multiple errors at shutdown as well.
udev [ started ]
localmount [ started ]
dbus [ started ]
elogind [ started ]
NetworkManager [ started ]
syslog-ng [ started ]
acpid [ started ]
dhcpcd [ started ]
avahi-daemon [ started ]
netmount [ started ]
lightdm [ starting ]
alsasound [ stopped ]
avahi-dnsconfd [ stopped ]
cronie [ stopped ]
cupsd [ stopped ]
fuse [ stopped ]
ntpd [ stopped ]
libvirtd [ stopped ]
openrc-settingsd [ stopped ]
sshd [ stopped ]
thinkfan [ stopped ]
local [ stopped ]
agetty.tty5 [ stopped ]
agetty.tty3 [ stopped ]
agetty.tty6 [ stopped ]
agetty.tty4 [ stopped ]
agetty.tty2 [ stopped ]
agetty.tty1 [ stopped ]
Dynamic Runlevel: hotplugged
Dynamic Runlevel: needed/wanted
modules-load [ started ]
lvmetad [ started ]
Before dbus update, everything was working fine.
Thanks for your help
|
|
Any | Implementation Request | Very Low | Low | [octopi] add package | Closed | |
Task Description
Hello,
Could it be possible to add this package :
octopi
“A powerful Pacman frontend using Qt5 libs, without nonfree pacaur and yaourt recommendation”
https://www.parabola.nu/packages/pcr/x86_64/octopi/
License : GPL2
Thanks
|
|
Any | Security Issue | High | Critical | [irssi] IRSSI-SA-2018-02 Irssi Security Advisory | Closed | |
Task Description
Multiple vulnerabilities have been located in Irssi.
Access remote: yes
References links:
|
|
Any | Feature Request | High | Critical | [pacman-key][cronie][fcron] eating up hardware resource ... | Closed | |
Task Description
This morning while I was working on my X200, I noticed that my CPU was kept 100% busy for a long time by some process which was obvioulsy eating up the battery life. The culprit was pacman-key, triggered by logrotate.
To stop this, I did ‘chmod -x /etc/cron.daily/pacman-key’ and I rebooted.
Later on, it was impossible to install a new package as it was impossible to get over the step marked as “checking keys in keyring...”
So I tried to do again ‘pacman-key –refresh-keys’: the overall process took more than an hour—behind a fast and robust internet connection. I finally got three lines, saying that about 1,000 keys were updated but I never got the prompt back. So I hit Ctrl-C.
At the time of writing, I am still trying to refresh the keys—a quite desperate attempt, if I may say so.
Although I tagged this report as a “Feature request”, it is in my opinion of quite some importance. I understand very well the absolute necessity to always have the keys updated, but in this particular case, with so many keys and so frequent updates, I begin to wonder if losses are not beginning to prevail over benefits.
Unless I am doing something wrong or missing something I should do?
Any help would be strongly appreciated.
Robert
|
|
Any | Security Issue | High | Critical | [python2] heap-overflow vulnerability CVE-2018-1000030 | Closed | |
Task Description
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3→Malloc→Thread1→Free’s→Thread2-Re-uses-Free’d Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
https://security-tracker.debian.org/tracker/CVE-2018-1000030
|
|
Any | Feature Request | Medium | Medium | [tlp] needs OpenRC init script | Closed | |
Task Description
pacman -Si tlp Repository : community Name : tlp Version : 0.9-2.hyperbola1 Description : Save battery power on laptops, without systemd support Architecture : any URL : http://linrunner.de/en/tlp/tlp.html Licenses : GPL2 GPL3 Groups : None Provides : None Depends On : hdparm iw pciutils rfkill usbutils util-linux Optional Deps : acpi_call: ThinkPad battery functions, Sandy Bridge and newer
bash-completion: Bash completion
ethtool: Disable Wake On Lan
lsb-release: Display LSB release version in tlp-stat
smartmontools: Display S.M.A.R.T. data in tlp-stat
tp_smapi: ThinkPad battery functions
x86_energy_perf_policy: Set energy versus performance policy on x86 processors
Conflicts With : laptop-mode-tools pm-utils Replaces : None Download Size : 44.92 KiB Installed Size : 243.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Wed 25 Oct 2017 07:26:10 AM CEST Validated By : MD5 Sum SHA-256 Sum Signature
pacman -Ql tlp tlp /etc/ tlp /etc/default/ tlp /etc/default/tlp tlp /usr/ tlp /usr/bin/ tlp /usr/bin/bluetooth tlp /usr/bin/run-on-ac tlp /usr/bin/run-on-bat tlp /usr/bin/tlp tlp /usr/bin/tlp-pcilist tlp /usr/bin/tlp-stat tlp /usr/bin/tlp-usblist tlp /usr/bin/wifi tlp /usr/bin/wwan tlp /usr/lib/ tlp /usr/lib/udev/ tlp /usr/lib/udev/rules.d/ tlp /usr/lib/udev/rules.d/85-tlp.rules tlp /usr/lib/udev/tlp-usb-udev tlp /usr/share/ tlp /usr/share/bash-completion/ tlp /usr/share/bash-completion/completions/ tlp /usr/share/bash-completion/completions/bluetooth tlp /usr/share/bash-completion/completions/tlp tlp /usr/share/bash-completion/completions/tlp-stat tlp /usr/share/bash-completion/completions/wifi tlp /usr/share/bash-completion/completions/wwan tlp /usr/share/man/ tlp /usr/share/man/man1/ tlp /usr/share/man/man1/bluetooth.1.gz tlp /usr/share/man/man1/run-on-ac.1.gz tlp /usr/share/man/man1/run-on-bat.1.gz tlp /usr/share/man/man1/wifi.1.gz tlp /usr/share/man/man1/wwan.1.gz tlp /usr/share/man/man8/ tlp /usr/share/man/man8/tlp-stat.8.gz tlp /usr/share/man/man8/tlp.8.gz tlp /usr/share/tlp-pm/ tlp /usr/share/tlp-pm/tlp-functions tlp /usr/share/tlp-pm/tlp-rf-func tlp /usr/share/tlp-pm/tpacpi-bat
|
|
Any | Privacy Issue | Very High | Critical | [openrc] Google in init.d and conf.d configuration (ne ... | Closed | |
Task Description
/etc/init.d/net-online
-----
Line #62
ping_test_host="${ping_test_host:-google.com}"
_____
/etc/conf.d/net-online
-----
# The default is google.com.
|
|
Any | Feature Request | Medium | Medium | [fail2ban] needs OpenRC init script | Closed | |
Task Description
hello to all, I request that the developers of hyperbola develop the service of ‘fail2ban’, is an application that is used to protect servers. I hope my request is positive, I thank you in advance.
|
|
Any | Security Issue | Very High | Critical | [mupdf] multiple security issues | Closed | |
Task Description
Summary
The package mupdf is vulnerable to multiple issues including arbitrary code execution and denial of service via CVE-2018-6544, CVE-2018-6192, CVE-2018-6187, CVE-2018-5686 and CVE-2018-1000051.
Package Information
$ pacman -Si mupdf
Repositorio : community
Nombre : mupdf
Versión : 1.11-1
Descripción : Lightweight PDF and XPS viewer
Arquitectura : x86_64
URL : http://mupdf.com
Licencias : AGPL3
Grupos : Nada
Provee : Nada
Depende de : curl desktop-file-utils freetype2 harfbuzz jbig2dec libjpeg openjpeg2 openssl
Dependencias opcionales : Nada
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 18,18 MiB
Tamaño de la instalación : 33,03 MiB
Encargado : Christian Hesse <arch@eworm.de>
Fecha de creación : mar 11 abr 2017 05:22:41 -05
Validado por : Suma MD5 Suma SHA-256 Firma
References
|
|
Any | Replace Request | Very High | Critical | [dnscrypt-proxy] update package to 2.x following backpo ... | Closed | |
Task Description
Since DNSCrypt-Proxy project has been abandoned [0] , DNSCrypt-Proxy 2 [1] should be used as its source replacement, however DNSCrypt-Proxy 2 contains support for unsafe and dangerous for privacy protocols such as Google. [2] [3] [4] Also, it contains Google recommendation and support through its parental control servers and public resolvers lists [5] [6]
Therefore DNSCrypt-Proxy 2 requires be re-forked by us first to follow our social contract.
|
|
Any | Security Issue | High | Critical | [geth] possible denial of service attacks "DoS Attack" | Closed | |
Task Description
Geth 1.6.x contains possible denial of service attacks “DoS Attack”, however it has been solved in 1.7.2 [0] instead. Since 1.6.x needs many modifications spread across multiple files of the code and it is inefficient to be backported, the newer version (eg. 1.7.x) could replace the current version package as exception, but repackaged with the appropriate suffix “-backports”.
|
|
Any | Bug Report | Very Low | Medium | [python-pafy] Like/dislike ratio and category not displ ... | Closed | |
Task Description
Tried browsing videos in other YouTube client(s) such as mps-youtube. Minor problems, like/dislike ratio and category aren’t displaying of video metadata.
|
|
Any | Bug Report | Very Low | Medium | [shadow] missing = sign in /etc/cron.daily/grpck | Closed | |
Task Description
I think that line 12 of this file should be:
CMD_GRPCK="/usr/bin/grpck -r"
instead of:
CMD_GRPCK"/usr/bin/grpck -r"
|
|
Any | Replace Request | Very High | Critical | [kernel-firmware] split out firmware projects from linu ... | Closed | |
Task Description
Since Linux 4.14, the in-tree kernel firmware was dropped[0][1], and Hyperbola uses linux-libre-lts-firmware from 4.9 which still supports that firmware.
However, I’d like to request upgrading to the new libre replacement of linux-firmware.git: linux-libre-firmware[2][3].
This version has no LTS releases (well, firmwares commonly don’t have LTS versions and the in-tree firmware was always the same in post-4.9 generations), but it has the same firmwares as Linux-libre-lts plus some others.
This is the list of firmware files in linux-libre-lts-firmware and its dependencies:
linux-libre-lts-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
ath9k-htc-firmware
---
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
openfwwf
---
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
And here are the firmware files of the new linux-libre-firmware:
linux-libre-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
/usr/lib/firmware/carl9170-1.fw
/usr/lib/firmware/cis/3CCFEM556.cis
/usr/lib/firmware/cis/3CXEM556.cis
/usr/lib/firmware/cis/COMpad2.cis
/usr/lib/firmware/cis/COMpad4.cis
/usr/lib/firmware/cis/DP83903.cis
/usr/lib/firmware/cis/LA-PCM.cis
/usr/lib/firmware/cis/MT5634ZLX.cis
/usr/lib/firmware/cis/NE2K.cis
/usr/lib/firmware/cis/PCMLM28.cis
/usr/lib/firmware/cis/PE-200.cis
/usr/lib/firmware/cis/PE520.cis
/usr/lib/firmware/cis/RS-COM-2P.cis
/usr/lib/firmware/cis/SW_555_SER.cis
/usr/lib/firmware/cis/SW_7xx_SER.cis
/usr/lib/firmware/cis/SW_8xx_SER.cis
/usr/lib/firmware/cis/tamarack.cis
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
/usr/lib/firmware/isci/isci_firmware.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
/usr/lib/firmware/usbdux_firmware.bin
/usr/lib/firmware/usbduxfast_firmware.bin
/usr/lib/firmware/usbduxsigma_firmware.bin
It has openfwwf and ath9k-htc-firmware included, plus some others. If actual versions of Hyperbola don’t get the update at least consider it for future releases. You can get the new PKGBUILD[4] and its new build dependencies at Parabola’s abslibre.git libre tree[5]
The new dependencies are:
Sources:
[0] https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.14-Migrates-Out-FW [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38923a068c10fc36ca8f596d650d095ce390b85 [2] https://jxself.org/firmware/ [3] https://jxself.org/git/?p=linux-libre-firmware.git [4] https://git.parabola.nu/abslibre.git/tree/libre/linux-libre-firmware [5] https://git.parabola.nu/abslibre.git/tree/libre
Updated Note:
Since Linux-libre-firmware contains a lot of independent firmware, tools and assembly projects, it should be built from its official tarball separately and create a group called kernel-firmware to follow the our packaging guidelines. Tools and assembly projects shouldn’t be included in kernel-firmware since those ones are firmware dependencies.
|
|
Stable | Update Request | High | Medium | [xscreensaver] needs an update, since there is a bugfix ... | Closed | |
Task Description
We seem to have a very old version of xscreensaver... Could you possibly update it?
this may be a security issue/privacy issue.
|
|
Any | Bug Report | Low | Medium | [openrc] Error: fopen(/run/openrc/rc.log) failed: No su ... | Closed | |
Task Description
Replace RC_SVCDIR to RC_LOGDIR, like:
src/librc/rc.h.in
-----
#define RC_LIBEXECDIR "LIBEXECDIR@"
+#define RC_LOGDIR "/var/log"
_____
src/rc/rc-logger.c
-----
-#define TMPLOG RC_SVCDIR "rc.log"
+#define TMPLOG RC_LOGDIR "rc.log"
|
|
Any | Feature Request | Very High | High | [kmod] when dummy.ko is loaded, dummy0 interface is loa ... | Closed | |
Task Description
When dummy.ko (kernel module) is loaded, dummy0 interface is loaded as “numdummies=1”. If any dummy interface is configured in netifrc config file, dummy module loads and adds undesirable “dummy0” interface (eg. if “dummy0” interface is configured, it generates netifrc configuration conflicts).
Please add “/usr/lib/modprobe.d/dummy.conf” file configuration to disable numdummies option by default:
options dummy numdummies=0
|
|
Any | Feature Request | Low | Very Low | [openrc] services should be added to runlevels through ... | Closed | |
|
|
Any | Bug Report | Very Low | Low | [openrc] agetty.tty loads in default runlevel only and ... | Closed | |
|
|
Any | Bug Report | Very High | Low | [filesystem] the hyperbola manual (/usr/share/man/man7/ ... | Closed | |
|
|
Any | Update Request | Very High | Critical | [certbot] update package to support ACMEv2 and Wildcard | Closed | |
|
|
Any | Feature Request | Medium | Medium | [chrony] needs OpenRC init script | Closed | |
|
|
Any | Bug Report | Medium | Medium | [shadow] warning <<FAIL_DELAY>> | Closed | |
|
|
Any | Bug Report | Very High | Critical | [warsow] the package is not compiled from source | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [warsow-data] the package contains nonfree assets (CC B ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [torcs-data] contains nonfree car models | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [vdrift-data] contains nonfree car and track models | Closed | |
|
|
Stable | Bug Report | High | Critical | [alsa-tools] create missing firmware folder since firmw ... | Closed | |
|
|
Stable | Bug Report | Very High | Critical | [openrc] Cowardly refusing to concatenate a logfile int ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [warsow] contains Steam support | Closed | |
|
|
Any | Feature Request | Medium | Medium | [create_ap] needs OpenRC init script | Closed | |
|
|
Any | Feature Request | Medium | Medium | [iperf] needs OpenRC init script | Closed | |
|
|
Any | Feature Request | Medium | Medium | [gammu] needs OpenRC init script | Closed | |
|
|
Any | Security Issue | Very High | Critical | [xen] multiple security issues: CVE-2018-10472, CVE-201 ... | Closed | |
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wget] - GNU Wget Cookie Injection CVE-2018-0494 | Closed | |
|
|
Any | Bug Report | Medium | High | [postgresql] creating directory Permission denied | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [rust][cargo] trademark agreement affects user freedom | Closed | |
|
|
Any | Drop Request | Very High | Critical | [cgmanager] unmaintained and unsupportable | Closed | |
|
|
Any | Drop Request | Very High | Critical | [pm-utils] unmaintained and unsupportable | Closed | |
|
|
Any | Bug Report | Low | Medium | [samba] wrong permissions on /etc/conf.d folder | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [pacman] uses "Linux" term instead of "GNU/Linux" in it ... | Closed | |
|