Description:

• replace deprecated GNU Bazaar to Brezy for Canis Major

Additional info:

• bzr 2.7.0-2
• GNU Bazaar will be unmaintained (for now, there are only bug fixes)
• GNU Bazaar only supports Python 2.
• Python 2.7 is the end of the Python 2 line of development. [0]
• There never will be an official Python 2.8 release.
• Or use Tauthon (fork of Python 2.7) as dependency.

Note: It needs a provide: bazaar and brezy

Steps to reproduce:

• broken package

Hello,

I can’t manually install some extensions I was using successfully with iceweasel-esr (52.9.x) previously.
Notably :

https-everywhere https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/ watch-with-mpv https://addons.mozilla.org/en-US/firefox/addon/watch-with-mpv/ tampermonkey https://addons.mozilla.org/en-US/firefox/addon/tampermonkey/ Save URL to Wayback Machine https://addons.mozilla.org/en-US/firefox/addon/save-url-to-wayback-machine

How to install them with iceweasel-uxp ?

pacman -Si openldap
Repository : core
Name : openldap
Version : 2.4.44-4.hyperbola3
Description : Lightweight Directory Access Protocol (LDAP) client and

                server, with OpenRC support

Architecture : x86_64
URL : https://www.openldap.org/ Licenses : custom
Groups : None
Provides : None
Depends On : libldap>=2.4.44 libltdl unixodbc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 1282.52 KiB
Installed Size : 3990.00 KiB
Packager : André Silva emulatorman@hyperbola.info Build Date : Wed 21 Feb 2018 08:09:38 PM CET
Validated By : MD5 Sum SHA-256 Sum Signature

pacman -Ql openldap | grep /usr/lib/
openldap /usr/lib/
openldap /usr/lib/openldap/
openldap /usr/lib/openldap/accesslog-2.4.so.2
openldap /usr/lib/openldap/accesslog-2.4.so.2.10.7
openldap /usr/lib/openldap/accesslog.so
openldap /usr/lib/openldap/auditlog-2.4.so.2
openldap /usr/lib/openldap/auditlog-2.4.so.2.10.7
openldap /usr/lib/openldap/auditlog.so
openldap /usr/lib/openldap/collect-2.4.so.2
openldap /usr/lib/openldap/collect-2.4.so.2.10.7
openldap /usr/lib/openldap/collect.so
openldap /usr/lib/openldap/constraint-2.4.so.2
openldap /usr/lib/openldap/constraint-2.4.so.2.10.7
openldap /usr/lib/openldap/constraint.so
openldap /usr/lib/openldap/dds-2.4.so.2
openldap /usr/lib/openldap/dds-2.4.so.2.10.7
openldap /usr/lib/openldap/dds.so
openldap /usr/lib/openldap/deref-2.4.so.2
openldap /usr/lib/openldap/deref-2.4.so.2.10.7
openldap /usr/lib/openldap/deref.so
openldap /usr/lib/openldap/dyngroup-2.4.so.2
openldap /usr/lib/openldap/dyngroup-2.4.so.2.10.7
openldap /usr/lib/openldap/dyngroup.so
openldap /usr/lib/openldap/dynlist-2.4.so.2
openldap /usr/lib/openldap/dynlist-2.4.so.2.10.7
openldap /usr/lib/openldap/dynlist.so
openldap /usr/lib/openldap/memberof-2.4.so.2
openldap /usr/lib/openldap/memberof-2.4.so.2.10.7
openldap /usr/lib/openldap/memberof.so
openldap /usr/lib/openldap/nssov.so
openldap /usr/lib/openldap/nssov.so.0
openldap /usr/lib/openldap/nssov.so.0.0.0
openldap /usr/lib/openldap/pcache-2.4.so.2
openldap /usr/lib/openldap/pcache-2.4.so.2.10.7
openldap /usr/lib/openldap/pcache.so
openldap /usr/lib/openldap/ppolicy-2.4.so.2
openldap /usr/lib/openldap/ppolicy-2.4.so.2.10.7
openldap /usr/lib/openldap/ppolicy.so
openldap /usr/lib/openldap/refint-2.4.so.2
openldap /usr/lib/openldap/refint-2.4.so.2.10.7
openldap /usr/lib/openldap/refint.so
openldap /usr/lib/openldap/retcode-2.4.so.2
openldap /usr/lib/openldap/retcode-2.4.so.2.10.7
openldap /usr/lib/openldap/retcode.so
openldap /usr/lib/openldap/rwm-2.4.so.2
openldap /usr/lib/openldap/rwm-2.4.so.2.10.7
openldap /usr/lib/openldap/rwm.so
openldap /usr/lib/openldap/seqmod-2.4.so.2
openldap /usr/lib/openldap/seqmod-2.4.so.2.10.7
openldap /usr/lib/openldap/seqmod.so
openldap /usr/lib/openldap/sssvlv-2.4.so.2
openldap /usr/lib/openldap/sssvlv-2.4.so.2.10.7
openldap /usr/lib/openldap/sssvlv.so
openldap /usr/lib/openldap/syncprov-2.4.so.2
openldap /usr/lib/openldap/syncprov-2.4.so.2.10.7
openldap /usr/lib/openldap/syncprov.so
openldap /usr/lib/openldap/translucent-2.4.so.2
openldap /usr/lib/openldap/translucent-2.4.so.2.10.7
openldap /usr/lib/openldap/translucent.so
openldap /usr/lib/openldap/unique-2.4.so.2
openldap /usr/lib/openldap/unique-2.4.so.2.10.7
openldap /usr/lib/openldap/unique.so
openldap /usr/lib/openldap/valsort-2.4.so.2
openldap /usr/lib/openldap/valsort-2.4.so.2.10.7
openldap /usr/lib/openldap/valsort.so
openldap /usr/lib/slapd

Description:

Apache web server shall be running with or without the external network, and without NetworkManager.

rc-service httpd start

will give the message that NetworkManager must be started first, and will not start apache web server. I cannot find in which file is that written.

Steps to reproduce:

1. Disconnect network. Start computer.

2. Try to start apache with above command.

That makes no sense, as Apache can run on local network without NetworkManager and it is not written in the description.

Description:
https://blog.tox.chat/2018/10/memory-leak-bug-and-new-toxcore-release-fixing-it/

The bug is fixed in TokTok c-toxcore v0.2.8. The bug is also fixed in the master branch of irungentoo’s toxcore, in commit bf69b54f64003d160d759068f4816b2d9b2e1e21. As a general reminder, if you are still using irungentoo’s toxcore, we strongly encourage you to switch to using TokTok c-toxcore instead as it’s a lot more actively developed and maintained.

With the recent update to hypervideo, my workflow is broken as I can’t archive several youtube channels with hypervideo, the error is always the following :

WARNING: unable to extract html5 player; please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.
[youtube] {22} signature length 44.40, html5 player None
ERROR: Signature extraction failed: Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
    video_id, player_url, s
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
    raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
 (caused by ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL",)); please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
    video_id, player_url, s
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
    raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
    video_id, player_url, s
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
    raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/hypervideo/YoutubeDL.py", line 792, in extract_info
    ie_result = ie.extract(url)
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/common.py", line 508, in extract
    ie_result = self._real_extract(url)
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1806, in _real_extract
    encrypted_sig, video_id, player_url, age_gate)
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1204, in _decrypt_signature
    'Signature extraction failed: ' + tb, cause=e)
hypervideo.utils.ExtractorError: Signature extraction failed: Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
    video_id, player_url, s
  File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
    raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
 (caused by ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL",)); please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.

Since python-pip and python2-pip have been removed, I can’t install python2-reportlab because python2-pip is a dependency of this package.
.

Description: The package spamassassin has no further init-script for OpenRC and instead includes service-definitions for systemd

Additional info:
* package version(s) 3.4.1-7

Description: The package opendkim has no further init-script for OpenRC and instead includes service-definitions for systemd

Additional info:
* package version(s) 2.10.3-4

Our current dokuwiki 20170219_b-1 has two serious CVE.

Error message attached after the first installation

A huge number of CVEs have been fixed on 4.3.1 :

CVE-2018-20552
CVE-2018-20553
CVE-2018-18408
CVE-2018-18407
CVE-2018-17974
CVE-2018-17580
CVE-2018-17582
CVE-2018-13112

Current Hyperbola version is 4.2.6

Description:

Additional info:
* 0.9.10-2.hyperbola2

Steps to reproduce: Flatpak gives access to interesting features for the deployment of applications, but in fact it also gives access to proprietary applications like Skype (https://flathub.org/apps/details/com.skype.Client), Steam (https://flathub.org/apps/details/com.valvesoftware.Steam) and many more. So it should be checked if this should be part of the repositories within an open, libre distribution. In my point of view this violates the freedom of users, because there can be not tolerance about intolerance even regarding this.

Description:

I may be wrong for I did not migrate to 0.3 as of yet, but I think that `msmtp` has been forgotten and needs to be recompiled with `libressl`.

Please remove this report if I am mistaken.

Description:

I may be wrong for I did not migrate to 0.3 as of yet, but I think that `msmtp` has been forgotten and needs to be recompiled with `libressl`.

Please remove this report if I am mistaken.

Hello,

I’m unable to print some pdfs on my Hyperbola 3.0 system.
Some background :

cups is installed, service enabled and working
system-config-printer is installed and my printer has been correctly added.

I can print most pdfs and text files but recently with a pdf, it fails to print it.* And system-config-printer returned the following error (see capture) :

Printer "EPSON XP-620-Series" requires the '/usr/lib/cups/filters/epson-escpr-wrapper' but it is not currently installed.

Currently, “epson-escpr-wrapper” is installed but it is in :

/usr/libexec/cups/filters/epson-escpr-wrapper

Looking at source code of system-config-printer, it expects that wrapper to be installed in “/usr/lib/” so I tried to symlink that “epson-escpr-wrapper” to “/usr/lib/cups/filters” but it doesn’t work..

*With a Debian system and the exact same configuration, the “problematic” pdf prints just fine so it is not an issue with the pdf.

About that distro, Elementary OS is semi-libre/free, Ubuntu based, long term support, but does not comply with the GNU Free System Distributibution Guidelines (FSDG). To either rebrand or remove existing non-FSDG compliant distro icon files.

The following affected files are present in this list:

• /usr/share/icons/elementary/places/16/distributor-logo.svg
• /usr/share/icons/elementary/places/24/distributor-logo.svg
• /usr/share/icons/elementary/places/32/distributor-logo.svg
• /usr/share/icons/elementary/places/48/distributor-logo.svg
• /usr/share/icons/elementary/places/64/distributor-logo.svg
• /usr/share/icons/elementary/places/128/distributor-logo.svg
• /usr/share/icons/elementary/places/symbolic/distributor-logo-symbolic.svg

I’m writing here about the package Conky. It is the useful widget of system monitor into your desktop, but there are some serious issues:

Config variables

• distribution outputs the string “Arch Linux” instead of “Hyperbola GNU/Linux-libre”.
• eve requires users to use API for non-libre/free video game EVE Online, and should be removed.
• All Beep Media Player (BMPx) related variables (including bmpx_album, bmpx_artist, bmpx_bitrate, bmpx_title, bmpx_track and bmpx_uri) are obselete and useless, and should be removed because the package BMPx isn’t present on Arch and Hyperbola official repositories but Arch User Repository (AUR).
• [For Milky Way version 0.4.x only] All PulseAudio related variables (including if_pa_sink_muted, pa_sink_volume, pa_sink_volumebar, pa_sink_description, pa_card_name and pa_card_active_profile) are no longer used, and should be removed due replaced the default audio server with sndio.

Manual

• Contains non-FDSG compliant distros.
• Contains vague terminology.
• Requires users to use API for non-libre/free weather network service(s) (including The Weather Channel).

osdbattery is (probably) useless and broken so Conky did compete because It is still unmaintained and unsupported over 14 years ago (last released version 1.4 on August 23, 2005), and should be removed per anti-abandonware rule at the packaging guidelines.

Also, the default config file contains non-libre/free Microsoft font Verdana as X11 font format property in font variable.

I know that upgrading Qt is not a trivial task, but would it be possible to do this anyway? Qt 5.8 has issues that other versions do not have. See for example the discussion here about Projecteur, a very useful tool. Hyperbola seems to be the only Linux distribution unable to run it, just because of Qt 5.8:

https://github.com/jahnf/Projecteur/issues/26

The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.

https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/

[Critical] https://security-tracker.debian.org/tracker/CVE-2019-18934

smartmontools 6.5-1.hyperbola1

Error while trying to update smart-drivedb :

anon@test[~] update-smart-drivedb

External Link/usr/bin/update-smart-drivedb: download from branches/RELEASE_6_5_DRIVEDB failed (curl: exit 23) /usr/bin/update-smart-drivedb: download from trunk failed (curl: exit 23)

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.

Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984

Affected are for example LXDE in general, icedove, iceweasel and many more!