|
Any | Bug Report | Very High | Critical | [grub] remove the "placeholder" entry in /etc/grub.d/20 ... | Closed | |
Task Description
Description:
Additional info:
/etc/grub.d/20_linux_xen
----
- module ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
+ module ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
----
$ pacman -Si grub
Repository : core
Name : grub
Version : 2:2.02-1.hyperbola3
Description : GNU GRand Unified Bootloader (2), (Hyperbola rebranded)
Architecture : x86_64
URL : https://www.gnu.org/software/grub/
Licenses : GPL3
Groups : None
Provides : grub-common grub-bios grub-emu grub-efi-x86_64
Depends On : sh xz gettext device-mapper
Optional Deps : freetype2: For grub-mkfont usage
fuse: For grub-mount usage
dosfstools: For grub-mkrescue FAT FS and EFI support
efibootmgr: For grub-install EFI support
libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue
os-prober: To detect other OSes when generating grub.cfg in BIOS systems
mtools: For grub-mkrescue FAT FS and EFI support
xen: For Xen Dom0 support
xen-docs: For Xen documentation
Conflicts With : grub-common grub-bios grub-emu grub-efi-x86_64 grub-legacy
Replaces : grub-common grub-bios grub-emu grub-efi-x86_64
Download Size : 6.17 MiB
Installed Size : 39.31 MiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 20 Nov 2017 06:35:41 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Stable | Bug Report | Very Low | Critical | [gtk-2] Severe problems with GTK2-applications | Closed | |
Task Description
Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.
Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984
Affected are for example LXDE in general, icedove, iceweasel and many more!
|
|
Any | Feature Request | Medium | Critical | [hostapd] add 802.11r support | Closed | |
Task Description
Description:
In External Linkhttps://git.hyperbola.info:50100/packages/community.git/tree/hostapd/config an option is missing to support 802.11r:
Adding “CONFIG_IEEE80211R=y”
Additional info: * hostapd 2.6
|
|
Any | Bug Report | Low | Critical | [hostapd] fails to start at boot when using openvwitch ... | Closed | |
Task Description
Hostapd is failing at boot with :
Starting hostapd ... Configuration file: /etc/hostapd/hostapd.conf ovs-vsctl: unix:/run/openvswitch/db.sock: database connection failed (No such file or directory)
Hostapd should start “after ovs-vswitchd”
If I add it to /etc/init.d/hostapd, I don’t have the issue anymore
|
|
Stable | Bug Report | Very Low | Critical | [hypervideo] YouTube's DRM has prevented this software ... | Closed | |
Task Description
With the recent update to hypervideo, my workflow is broken as I can’t archive several youtube channels with hypervideo, the error is always the following :
WARNING: unable to extract html5 player; please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.
[youtube] {22} signature length 44.40, html5 player None
ERROR: Signature extraction failed: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
video_id, player_url, s
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
(caused by ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL",)); please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
video_id, player_url, s
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
video_id, player_url, s
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/hypervideo/YoutubeDL.py", line 792, in extract_info
ie_result = ie.extract(url)
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/common.py", line 508, in extract
ie_result = self._real_extract(url)
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1806, in _real_extract
encrypted_sig, video_id, player_url, age_gate)
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1204, in _decrypt_signature
'Signature extraction failed: ' + tb, cause=e)
hypervideo.utils.ExtractorError: Signature extraction failed: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1194, in _decrypt_signature
video_id, player_url, s
File "/usr/lib/python3.6/site-packages/hypervideo/extractor/youtube.py", line 1127, in _extract_signature_function
raise ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL", expected=True)
hypervideo.utils.ExtractorError: YouTube's DRM has prevented this software from obtaining the video URL
(caused by ExtractorError("YouTube's DRM has prevented this software from obtaining the video URL",)); please report this issue on https://issues.hyperbola.info/ . Make sure you are using the latest version; type 'pacman -Sy hypervideo' as root. Be sure to call hypervideo with the --verbose flag and include its complete output.
|
|
Any | Security Issue | Very High | Critical | [iceweasel-uxp-noscript] Zero-day bypass and script exe ... | Closed | |
Task Description
Description:
NoScript zero-day allows script execution even with scripts blocked by default.
https://www.zdnet.com/article/exploit-vendor-drops-tor-browser-zero-day-on-twitter/
https://twitter.com/ma1/status/1039163003034324992
Additional info: * package version(s) < 5.1.8.7
Steps to reproduce: Set the Content-Type of your html/js page to “text/html;json” and enjoy full JS pwnage”
|
|
Testing | Bug Report | Medium | Critical | [iceweasel-uxp-ublock-origin] Can't add filters and/or ... | Closed | |
Task Description
I can’t update filters or update with iceweasel-uxp-ublock-origin. When I toggle the additional filters list, it is empty.
|
|
Stable | Bug Report | Very High | Critical | [iceweasel-uxp] Broken addons with latest update | Closed | |
Task Description
Some addons are currently broken with latest iceweasel-uxp (iceweasel-uxp 52.9.20190926-1)
DownThemAll Save to Wayback Machine Self-Destructing Cookies (and probably others)
g4jc suggested to drop PGO as it could be the culprit.
https://forums.hyperbola.info/viewtopic.php?pid=1149#p1149
Regarding addons, I'm fairly certain flipping the switch on PGO (which makes the browser faster at the expense of wrecking code) is the culprit. We were warned not to use it, and this is planned to be rolled back.
However, Hyperbot has to be scheduled to rebuild the packages and I do not set it's schedule. Will advise.
|
|
Stable | Security Issue | Very High | Critical | [iceweasel-uxp] Issue with HTTPS websites | Closed | |
Task Description
With latest iceweasel-uxp, I can’t connect to some HTTPS websites :
For example :
https://pkgs.fedoraproject.org/ is an example
SEC_ERROR_UNKNOWN_ISSUER
|
|
Testing | Bug Report | Very Low | Critical | [iceweasel-uxp] missing extensions | Closed | |
Task Description
Hello,
I can’t manually install some extensions I was using successfully with iceweasel-esr (52.9.x) previously. Notably :
https-everywhere https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/ watch-with-mpv https://addons.mozilla.org/en-US/firefox/addon/watch-with-mpv/ tampermonkey https://addons.mozilla.org/en-US/firefox/addon/tampermonkey/ Save URL to Wayback Machine https://addons.mozilla.org/en-US/firefox/addon/save-url-to-wayback-machine
How to install them with iceweasel-uxp ?
|
|
Any | Security Issue | High | Critical | [irssi] IRSSI-SA-2018-02 Irssi Security Advisory | Closed | |
Task Description
Multiple vulnerabilities have been located in Irssi.
Access remote: yes
References links:
|
|
Any | Replace Request | Very High | Critical | [kernel-firmware] split out firmware projects from linu ... | Closed | |
Task Description
Since Linux 4.14, the in-tree kernel firmware was dropped[0][1], and Hyperbola uses linux-libre-lts-firmware from 4.9 which still supports that firmware.
However, I’d like to request upgrading to the new libre replacement of linux-firmware.git: linux-libre-firmware[2][3].
This version has no LTS releases (well, firmwares commonly don’t have LTS versions and the in-tree firmware was always the same in post-4.9 generations), but it has the same firmwares as Linux-libre-lts plus some others.
This is the list of firmware files in linux-libre-lts-firmware and its dependencies:
linux-libre-lts-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
ath9k-htc-firmware
---
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
openfwwf
---
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
And here are the firmware files of the new linux-libre-firmware:
linux-libre-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
/usr/lib/firmware/carl9170-1.fw
/usr/lib/firmware/cis/3CCFEM556.cis
/usr/lib/firmware/cis/3CXEM556.cis
/usr/lib/firmware/cis/COMpad2.cis
/usr/lib/firmware/cis/COMpad4.cis
/usr/lib/firmware/cis/DP83903.cis
/usr/lib/firmware/cis/LA-PCM.cis
/usr/lib/firmware/cis/MT5634ZLX.cis
/usr/lib/firmware/cis/NE2K.cis
/usr/lib/firmware/cis/PCMLM28.cis
/usr/lib/firmware/cis/PE-200.cis
/usr/lib/firmware/cis/PE520.cis
/usr/lib/firmware/cis/RS-COM-2P.cis
/usr/lib/firmware/cis/SW_555_SER.cis
/usr/lib/firmware/cis/SW_7xx_SER.cis
/usr/lib/firmware/cis/SW_8xx_SER.cis
/usr/lib/firmware/cis/tamarack.cis
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
/usr/lib/firmware/isci/isci_firmware.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
/usr/lib/firmware/usbdux_firmware.bin
/usr/lib/firmware/usbduxfast_firmware.bin
/usr/lib/firmware/usbduxsigma_firmware.bin
It has openfwwf and ath9k-htc-firmware included, plus some others. If actual versions of Hyperbola don’t get the update at least consider it for future releases. You can get the new PKGBUILD[4] and its new build dependencies at Parabola’s abslibre.git libre tree[5]
The new dependencies are:
Sources:
[0] https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.14-Migrates-Out-FW [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38923a068c10fc36ca8f596d650d095ce390b85 [2] https://jxself.org/firmware/ [3] https://jxself.org/git/?p=linux-libre-firmware.git [4] https://git.parabola.nu/abslibre.git/tree/libre/linux-libre-firmware [5] https://git.parabola.nu/abslibre.git/tree/libre
Updated Note:
Since Linux-libre-firmware contains a lot of independent firmware, tools and assembly projects, it should be built from its official tarball separately and create a group called kernel-firmware to follow the our packaging guidelines. Tools and assembly projects shouldn’t be included in kernel-firmware since those ones are firmware dependencies.
|
|
Stable | Freedom Issue | Very Low | Critical | [keybase] Complete removal of tool | Closed | |
Task Description
There is only the source code of the client available and since years nothing more happened. With keybase joining “Zoom” nothing more seems to happen. Look also here in the forum: https://forums.hyperbola.info/viewtopic.php?id=368
|
|
Any | Freedom Issue | Very High | Critical | [kodi] contains youtube-dl which runs non-free scripts | Closed | |
Task Description
Please replace by avideo, preferably by a release which receives updates so that it can still function within kodi (the non-LTS version).
Replace by LTS version of avideo to follow Hyperbola Packaging Guidelines.
|
|
Any | Security Issue | Very High | Critical | [libarchive] CVE-2019-18408 | Closed | |
Task Description
https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/
https://security-tracker.debian.org/tracker/CVE-2019-18408
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
Task Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation
https://security-tracker.debian.org/tracker/CVE-2019-2201
Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
|
|
Any | Privacy Issue | Very High | Critical | [libqtelegram-ae] only useful with Telegram service | Closed | |
Task Description
Description: libqtelegram-ae is Telegram library written in Qt based on telegram-cli code. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si libqtelegram-ae
Repository : community
Name : libqtelegram-ae
Version : 3:6.1-4
Description : Telegram library written in Qt based on telegram-cli code
Architecture : x86_64
URL : https://launchpad.net/libqtelegram
Licenses : GPL3
Groups : None
Provides : None
Depends On : qt5-base qt5-multimedia
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 431.27 KiB
Installed Size : 1999.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Wed 05 Apr 2017 07:16:39 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [libreoffice*] contains Google API keys | Closed | |
Task Description
Libreoffice contains Google API keys which affects privacy.
|
|
Any | Security Issue | Very High | Critical | [libressl] add package as OpenSSL replacement and defau ... | Closed | |
Task Description
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
It was forked from the OpenSSL in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL, [4] [5] [6] [7] with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. [8]
As LibreSSL follow the same goals than Hyperbola Packaging Guidelines in stability and security concerns, it should be the default provider of SSL and TLS protocols for Hyperbola Project.
|
|
Any | Security Issue | Very High | Critical | [libssh] CVE-2018-10933 | Closed | |
Task Description
Description: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.
Additional info: * package version(s) : extra/libssh 0.7.5-1
CVE
|
|
Any | Bug Report | High | Critical | [light-locker] returns error while tries load shared li ... | Closed | |
Task Description
Description: The light-locker package returns error while tries load shared library libsystemd.so.0.
Additional info: * package version(s): light-locker-1.6.0-3
Steps to reproduce:
Install the package:
$ sudo pacman -S light-locker
Run it:
$ light-locker
Then, you get the following message:
light-locker: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory
|
|
Any | Bug Report | High | Critical | [links][elinks] segmentation fault after start by termi ... | Closed | |
Task Description
Description:
Additional info: * package version(s)
links 2.14-2
elinks 0.13-18
* config and/or log files etc.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4295e43 in strchrnul () from /usr/lib/libc.so.6
[New Thread 0x7ffff4dfb700 (LWP 8393)]
Thread 1 "elinks" received signal SIGSEGV, Segmentation fault.
0x00007ffff5fa3e43 in strchrnul () from /usr/lib/libc.so.6
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [linux-libre-lts*] Meltdown & Spectre Vulnerability | Closed | |
Task Description
Multiple CVEs. Unprivileged programs can gain access to a hardware bug in the CPU, and thereby initiate memory dumps and other low-level attacks.
|
|
Any | Implementation Request | Very High | Critical | [linux-libre-lts-server] add "Linux-libre" kernel adapt ... | Closed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Any | Bug Report | Very High | Critical | [linux-libre-lts] spinlock not released on kernel by i9 ... | Closed | |
Task Description
Description:
With the latest release of the kernel, xwindow does not start anymore. I had to revert to 4.9.143.
Additional info: * package version(s): linux-libre-lts-4.9.150_gnu-0-x86_64.pkg.tar.xz
Steps to reproduce:
Upgrade to the following: - linux-libre-lts-4.9.150_gnu-0-x86_64.pkg.tar.xz - linux-libre-lts-headers-4.9.150_gnu-0-x86_64.pkg.tar.xz - acpi_call-lts-1.1.0-42.hyperbola34.6-x86_64.pkg.tar.xz
And try to start xwindow
|
|
Stable | Security Issue | Very Low | Critical | [lts-kernel][sec] filter /dev/mem access & restrict acc ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [luminancehdr] depends on non-free qt5-webengine | Closed | |
|
|
Stable | Bug Report | Medium | Critical | [lynis] Unable to run audit on remote target because of ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [man-pages] contains nonfree POSIX manual pages | Closed | |
|
|
Any | Security Issue | Very High | Critical | [midori] unmaintained and unsupportable | Closed | |
|
|
Stable | Bug Report | Medium | Critical | [mkinitcpio] crc32c_generic module missing with regular ... | Closed | |
|
|
Any | Bug Report | Very Low | Critical | [msmtp] needs libressl | Closed | |
|
|
Testing | Bug Report | Very Low | Critical | [msmtp] needs libressl | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mupdf] multiple security issues | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mutt] CVE-2018-14354 | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] "net.lo" initscript is forced to load in "boo ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [netifrc] add net_macsec and net_veth init scripts | Closed | |
|
|
Any | Bug Report | Very High | Critical | [netifrc] fix "net_veth" and "net_macsec" initscripts | Closed | |
|
|
Any | Backport Request | Very High | Critical | [netifrc] update package to 0.6.0 backport | Closed | |
|
|
Any | Security Issue | Very High | Critical | [networkmanager] CVE-2018-1111: DHCP client script code ... | Closed | |
|
|
Any | Security Issue | High | Critical | [octopi] uploads system logs to ptpb.pw without confirm ... | Closed | |
|
|
Stable | Replace Request | Very Low | Critical | [opendkim] includes dependencies for systemd | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openldap] 2.4.44 multiple security issues | Closed | |
|
|
Any | Feature Request | Very Low | Critical | [openldap] needs OpenRC init script | Closed | |
|
|
Stable | Bug Report | Very High | Critical | [openrc] Cowardly refusing to concatenate a logfile int ... | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [openrc] Google in init.d and conf.d configuration (ne ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add "newinstance" mount parameter in "devpts" ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add chroot init config and script files | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add hidepid support in /proc filesystem. | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] fix "chroot" initscript | Closed | |
|