|
Testing | Freedom Issue | Very Low | Critical | [Hyperbola GNU/Linux-libre 0.4] [lumina-core] has some ... | Closed | |
Task Description
The list contains some icons before being removed for displaying non-libre and trademark-related stuffs, which may infringe the GNU Free System Distribution Guidelines and Hyperbola Packaging Guidelines.
/usr/share/icons/material-design-{dark,light}/scalable/applications/:
Icons that are libre apps but has problematic issues:
nodejs.svg
npm.svg
umbraco.svg
Icons that are non-libre apps:
Icons that are non-libre games:
black-mesa.svg
minecraft.svg
Icons that are non-libre network services:
amazon.svg
appnet.svg (discontinued)
basecamp.svg
bing.svg
bitbucket.svg
blogger.svg
deviantart.svg
disqus.svg
dribbble.svg
dropbox.svg
ebay.svg
etsy.svg
facebook.svg
flattr.svg
foursquare.svg
github.svg
gmail.svg
google-drive.svg
google-maps.svg
google-photos.svg
google-play.svg
google-plus.svg (discontinued)
google-translate.svg
google-wallet.svg (discontinued, now as Google Pay)
instagram.svg
jsfiddle.svg
lastfm.svg
linkedin.svg
linode.svg
mixcloud.svg
onedrive.svg
pandora.svg
pinterest.svg
rdio.svg (discontinued)
reddit.svg
soundcloud.svg
spotify.svg
stackexchange.svg
stackoverflow.svg
telegram.svg
tumblr.svg
twitch.svg
twitter.svg
vimeo.svg
vine.svg (discontinued)
vk.svg
wechat.svg
xing.svg
yelp.svg
youtube.svg
Icons that are non-FSDG operating systems:
Icons that are non-libre operating systems:
Icons that are trademarked brands and products:
Icons that are trademarked characters:
|
|
Any | Implementation Request | Very High | Critical | [linux-libre-lts-server] add "Linux-libre" kernel adapt ... | Closed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Stable | Implementation Request | Medium | Critical | [strongswan] add new package | Closed | |
Task Description
Description:
Package strongSwan is missing. Can it please be added to relevant repository? The package’s presence is critical for using IKEv2 in VPN.
Additional info:
* Source: Please see added link
Steps to reproduce:
N/A
|
|
Testing | Implementation Request | High | Critical | [xlsfonts] Missing package needs to be added for xenoca ... | Closed | |
Task Description
Description: Package xlsfonts is missing and should absolutely being added also within groups for ‘xenocara-apps’ and ‘xorg-apps’.
|
|
Testing | Privacy Issue | Very High | Critical | [abiword] remove AltaVista's Babel Fish translator supp ... | Closed | |
Task Description
Abiword supports the defunct AltaVista’s Babel Fish translator which queries are redirected to the main Yahoo! page.
...
build() {
cd $pkgname-$pkgver
./configure --prefix=/usr \
--enable-shared \
--disable-static \
--enable-clipart \
--enable-templates \
--enable-plugins="aiksaurus applix **babelfish** bmp clarisworks collab docbook \
eml epub freetranslation garble gdict gimp goffice grammar \
hancom hrtext iscii kword latex loadbindings mathview mht \
mif mswrite opendocument openwriter openxml opml ots paint \
passepartout pdb pdf presentation psion s5 sdw t602 urldict \
wikipedia wmf wml wordperfect wpg xslfo" \
--enable-introspection
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
make
}
...
|
|
Any | Privacy Issue | Very High | Critical | [libreoffice*] contains Google API keys | Closed | |
Task Description
Libreoffice contains Google API keys which affects privacy.
|
|
Any | Privacy Issue | Very High | Critical | [openrc] Google in init.d and conf.d configuration (ne ... | Closed | |
Task Description
/etc/init.d/net-online
-----
Line #62
ping_test_host="${ping_test_host:-google.com}"
_____
/etc/conf.d/net-online
-----
# The default is google.com.
|
|
Any | Privacy Issue | High | Critical | [deepin-desktop-base] Check for CNZZ Spyware | Closed | |
Task Description
As per a recent discovery, we should check if our deepin is affected by the CNZZ spyware in the AppStore. https://www.youtube.com/watch?v=v25Dy66AtNI
We also shouldn’t use the AppStore if it exists, due to non-free apps.
Known files: > usr/share/dbus-1/system-services/com.deepin.daemon.Apps.service > etc/appstore.json
|
|
Any | Privacy Issue | Very High | Critical | [purple-facebook] only useful with Facebook service | Closed | |
Task Description
Description:
community/purple-facebook 0.9.3-1
Facebook protocol plugin for libpurple
It is up to maintainers to decide of course. IMHO I would remove this one as it uses proprietary network Facebook, exclusively, and even mentioning the word in the package.
See: https://www.gnu.org/distros/free-system-distribution-guidelines.html
A free system distribution must not steer users towards obtaining any nonfree information for practical use, or encourage them to do so.
|
|
Any | Privacy Issue | Very High | Critical | [cutegram] only useful with Telegram service | Closed | |
Task Description
Description: Cutegram is a Telegram client. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si cutegram
Repository : community
Name : cutegram
Version : 2.7.1-3
Description : A different telegram client from Aseman team
Architecture : x86_64
URL : http://aseman.co/en/products/cutegram/
Licenses : GPL
Groups : None
Provides : cutegram
Depends On : qt5-imageformats qt5-webkit telegramqml>=0.9.1 libqtelegram-ae>=3:6.1
Optional Deps : gst-plugins-bad: audio support
gst-plugins-good: audio and notification sound
Conflicts With : cutegram-git sigram-git sigram cutegram
Replaces : cutegram-cn
Download Size : 12.03 MiB
Installed Size : 17.07 MiB
Packager : Jiachen Yang <farseerfc@gmail.com>
Build Date : Mon 25 Jan 2016 05:59:04 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [libqtelegram-ae] only useful with Telegram service | Closed | |
Task Description
Description: libqtelegram-ae is Telegram library written in Qt based on telegram-cli code. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si libqtelegram-ae
Repository : community
Name : libqtelegram-ae
Version : 3:6.1-4
Description : Telegram library written in Qt based on telegram-cli code
Architecture : x86_64
URL : https://launchpad.net/libqtelegram
Licenses : GPL3
Groups : None
Provides : None
Depends On : qt5-base qt5-multimedia
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 431.27 KiB
Installed Size : 1999.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Wed 05 Apr 2017 07:16:39 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telegram-qt] only useful with Telegram service | Closed | |
Task Description
Description: TelegramQt is a Telegram binding for Qt. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telegram-qt
Repository : community
Name : telegram-qt
Version : 0.1.0-2
Description : Qt bindings for the Telegram protocol
Architecture : x86_64
URL : https://github.com/Kaffeine/telegram-qt
Licenses : GPL
Groups : None
Provides : None
Depends On : qt5-base
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 204.80 KiB
Installed Size : 747.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Sat 18 Feb 2017 06:49:55 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telegramqml] only useful with Telegram service | Closed | |
Task Description
Description: TelegramQML are Telegram API tools for QtQml and Qml. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telegramqml
Repository : community
Name : telegramqml
Version : 0.9.2-2
Description : Telegram API tools for QtQml and Qml
Architecture : x86_64
URL : https://github.com/Aseman-Land/TelegramQML
Licenses : GPL
Groups : None
Provides : None
Depends On : qt5-webkit qt5-imageformats qt5-graphicaleffects qt5-quickcontrols libqtelegram-ae
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 401.03 KiB
Installed Size : 1905.00 KiB
Packager : Jiachen Yang <farseerfc@gmail.com>
Build Date : Mon 25 Jan 2016 05:46:59 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-morse] only useful with Telegram service | Closed | |
Task Description
Description: Telepathy-Morse is a Qt-based Telegram connection manager for the Telepathy framework. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.
Additional info:
$ pacman -Si telepathy-morse
Repository : community
Name : telepathy-morse
Version : 0.1.0-1
Description : Telepathy Connection Manager for the Telegram network
Architecture : x86_64
URL : https://github.com/TelepathyQt/telepathy-morse
Licenses : GPL
Groups : None
Provides : None
Depends On : telepathy-qt5 telegram-qt
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 90.80 KiB
Installed Size : 351.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Fri 16 Sep 2016 11:49:33 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-kde-accounts-kcm] recommends Telepathy-Morse ... | Closed | |
Task Description
Description: telepathy-kde-accounts-kcm contains the telepathy-morse package in its optdepends array. It should be removed since Telepathy-Morse provides support for Telegram, a nonfree server-side service that requires accounts tied to telephone numbers.
Additional info:
$ pacman -Si telepathy-kde-accounts-kcm
Repository : extra
Name : telepathy-kde-accounts-kcm
Version : 17.04.0-1
Description : KCM Module for configuring Telepathy Instant Messaging Accounts
Architecture : x86_64
URL : https://community.kde.org/Real-Time_Communication_and_Collaboration
Licenses : GPL
Groups : kde-applications kdenetwork telepathy-kde
Provides : None
Depends On : telepathy-qt kaccounts-providers
Optional Deps : telepathy-gabble: XMPP/Jabber accounts support
telepathy-haze: account types supported by Pidgin/libpurple
telepathy-morse: Telegram accounts support
telepathy-salut: link-local XMPP account support
Conflicts With : None
Replaces : None
Download Size : 334.86 KiB
Installed Size : 2111.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Sat 15 Apr 2017 06:47:59 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Privacy Issue | Very Low | Critical | [bleachbit] needs to be adapted to UXP applications | Closed | |
Task Description
The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.
|
|
Any | Replace Request | Very High | Critical | [dnscrypt-proxy] update package to 2.x following backpo ... | Closed | |
Task Description
Since DNSCrypt-Proxy project has been abandoned [0] , DNSCrypt-Proxy 2 [1] should be used as its source replacement, however DNSCrypt-Proxy 2 contains support for unsafe and dangerous for privacy protocols such as Google. [2] [3] [4] Also, it contains Google recommendation and support through its parental control servers and public resolvers lists [5] [6]
Therefore DNSCrypt-Proxy 2 requires be re-forked by us first to follow our social contract.
|
|
Any | Replace Request | Very High | Critical | [kernel-firmware] split out firmware projects from linu ... | Closed | |
Task Description
Since Linux 4.14, the in-tree kernel firmware was dropped[0][1], and Hyperbola uses linux-libre-lts-firmware from 4.9 which still supports that firmware.
However, I’d like to request upgrading to the new libre replacement of linux-firmware.git: linux-libre-firmware[2][3].
This version has no LTS releases (well, firmwares commonly don’t have LTS versions and the in-tree firmware was always the same in post-4.9 generations), but it has the same firmwares as Linux-libre-lts plus some others.
This is the list of firmware files in linux-libre-lts-firmware and its dependencies:
linux-libre-lts-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
ath9k-htc-firmware
---
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
openfwwf
---
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
And here are the firmware files of the new linux-libre-firmware:
linux-libre-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
/usr/lib/firmware/carl9170-1.fw
/usr/lib/firmware/cis/3CCFEM556.cis
/usr/lib/firmware/cis/3CXEM556.cis
/usr/lib/firmware/cis/COMpad2.cis
/usr/lib/firmware/cis/COMpad4.cis
/usr/lib/firmware/cis/DP83903.cis
/usr/lib/firmware/cis/LA-PCM.cis
/usr/lib/firmware/cis/MT5634ZLX.cis
/usr/lib/firmware/cis/NE2K.cis
/usr/lib/firmware/cis/PCMLM28.cis
/usr/lib/firmware/cis/PE-200.cis
/usr/lib/firmware/cis/PE520.cis
/usr/lib/firmware/cis/RS-COM-2P.cis
/usr/lib/firmware/cis/SW_555_SER.cis
/usr/lib/firmware/cis/SW_7xx_SER.cis
/usr/lib/firmware/cis/SW_8xx_SER.cis
/usr/lib/firmware/cis/tamarack.cis
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
/usr/lib/firmware/isci/isci_firmware.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
/usr/lib/firmware/usbdux_firmware.bin
/usr/lib/firmware/usbduxfast_firmware.bin
/usr/lib/firmware/usbduxsigma_firmware.bin
It has openfwwf and ath9k-htc-firmware included, plus some others. If actual versions of Hyperbola don’t get the update at least consider it for future releases. You can get the new PKGBUILD[4] and its new build dependencies at Parabola’s abslibre.git libre tree[5]
The new dependencies are:
Sources:
[0] https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.14-Migrates-Out-FW [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38923a068c10fc36ca8f596d650d095ce390b85 [2] https://jxself.org/firmware/ [3] https://jxself.org/git/?p=linux-libre-firmware.git [4] https://git.parabola.nu/abslibre.git/tree/libre/linux-libre-firmware [5] https://git.parabola.nu/abslibre.git/tree/libre
Updated Note:
Since Linux-libre-firmware contains a lot of independent firmware, tools and assembly projects, it should be built from its official tarball separately and create a group called kernel-firmware to follow the our packaging guidelines. Tools and assembly projects shouldn’t be included in kernel-firmware since those ones are firmware dependencies.
|
|
Any | Replace Request | Defer | Critical | [bzr] replace deprecated GNU Bazaar to Brezy | Closed | |
Task Description
Description:
replace deprecated GNU Bazaar to Brezy for Canis Major
Additional info:
bzr 2.7.0-2
GNU Bazaar will be unmaintained (for now, there are only bug fixes)
GNU Bazaar only supports Python 2.
-
-
-
Note: It needs a provide: bazaar and brezy
Steps to reproduce:
|
|
Any | Replace Request | High | Critical | [python2] replace deprecated Python 2 to Tauthon | Closed | |
Task Description
Description:
replace deprecated Python 2 to Tauthon for Canis Major
Additional info:
Steps to reproduce:
|
|
Stable | Replace Request | Very Low | Critical | [spamassassin] includes dependencies for systemd | Closed | |
Task Description
Description: The package spamassassin has no further init-script for OpenRC and instead includes service-definitions for systemd
Additional info: * package version(s) 3.4.1-7
|
|
Stable | Replace Request | Very Low | Critical | [opendkim] includes dependencies for systemd | Closed | |
Task Description
Description: The package opendkim has no further init-script for OpenRC and instead includes service-definitions for systemd
Additional info: * package version(s) 2.10.3-4
|
|
Any | Security Issue | Very High | Critical | [gnome-mplayer] [gecko-mediaplayer] [gmtk] remove unsec ... | Closed | |
Task Description
Remove “gnome-mplayer”, “gecko-mediaplayer” and “gmtk” are unsecured/abandonware packages(released in 2014) “gecko-mediaplayer” uses deprecated/unsecured NPAPI[0] and XULRunner[1][2] apis
$ pacman -Si gnome-mplayer Repository : community Name : gnome-mplayer Version : 1.0.9-4 Description : A simple MPlayer GUI. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gnomemplayer Licenses : GPL Groups : None Provides : None Depends On : mplayer dbus-glib libnotify gmtk Optional Deps : None Conflicts With : None Replaces : None Download Size : 343.29 KiB Installed Size : 1461.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:45:38 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si gecko-mediaplayer Repository : community Name : gecko-mediaplayer Version : 1.0.9-3 Description : Browser plugin that uses gnome-mplayer to play media in a web browser. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gecko-mediaplayer Licenses : GPL Groups : None Provides : None Depends On : gnome-mplayer>=1.0.9 dbus-glib gmtk curl Optional Deps : None Conflicts With : None Replaces : None Download Size : 80.92 KiB Installed Size : 598.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:36:31 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si gmtk Repository : community Name : gmtk Version : 1.0.9-3 Description : Common functions for gnome-mplayer and gecko-mediaplayer. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gmtk Licenses : GPL Groups : None Provides : None Depends On : glib2 gtk3 dconf Optional Deps : None Conflicts With : None Replaces : None Download Size : 73.85 KiB Installed Size : 246.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:50:49 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap [1]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [2]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | Very High | Critical | [freewrl] remove unsecure "libFreeWRLplugin.so" | Closed | |
Task Description
Remove “libFreeWRLplugin.so”, uses deprecated/unsecure NPAPI[0] and XULRunner[1][2] apis
$ pacman -Si freewrl Repository : community Name : freewrl Version : 1:2.3.3-1 Description : VRML viewer Architecture : x86_64 URL : http://freewrl.sourceforge.net/ Licenses : GPL Groups : None Provides : None Depends On : java-runtime libxaw glew freeglut curl freetype2 imlib2 sox unzip imagemagick libxml2 ttf-bitstream-vera lesstif js185 glu openal
freealut
Optional Deps : None Conflicts With : None Replaces : None Download Size : 583.49 KiB Installed Size : 2060.00 KiB Packager : Sergej Pupykin <pupykin.s+arch@gmail.com> Build Date : Mon 19 Dec 2016 10:31:49 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ sudo pacman -Ql freewrl freewrl /usr/ freewrl /usr/bin/ freewrl /usr/bin/freewrl freewrl /usr/bin/freewrl_msg freewrl /usr/bin/freewrl_snd freewrl /usr/include/ freewrl /usr/include/FreeWRLEAI/ freewrl /usr/include/FreeWRLEAI/EAIHeaders.h freewrl /usr/include/FreeWRLEAI/EAI_C.h freewrl /usr/include/FreeWRLEAI/GeneratedHeaders.h freewrl /usr/include/FreeWRLEAI/X3DNode.h freewrl /usr/include/libFreeWRL.h freewrl /usr/lib/ freewrl /usr/lib/libFreeWRL.so freewrl /usr/lib/libFreeWRL.so.2 freewrl /usr/lib/libFreeWRL.so.2.3.3 freewrl /usr/lib/libFreeWRLEAI.so freewrl /usr/lib/libFreeWRLEAI.so.2 freewrl /usr/lib/libFreeWRLEAI.so.2.3.3 freewrl /usr/lib/mozilla/ freewrl /usr/lib/mozilla/plugins/ freewrl /usr/lib/mozilla/plugins/libFreeWRLplugin.so freewrl /usr/lib/pkgconfig/ freewrl /usr/lib/pkgconfig/libFreeWRL.pc freewrl /usr/lib/pkgconfig/libFreeWRLEAI.pc freewrl /usr/share/ freewrl /usr/share/applications/ freewrl /usr/share/applications/freewrl.desktop freewrl /usr/share/man/ freewrl /usr/share/man/man1/ freewrl /usr/share/man/man1/freewrl.1.gz freewrl /usr/share/pixmaps/ freewrl /usr/share/pixmaps/freewrl.png
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap [1]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [2]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | Very High | Critical | [xulrunner] unmaintained and unsupportable | Closed | |
Task Description
Remove “xulrunner”[0][1] is unsecure/abandonware package
$ pacman -Si xulrunner Repository : community Name : xulrunner Version : 41.0.2-10 Description : Mozilla Runtime Environment Architecture : x86_64 URL : http://wiki.mozilla.org/XUL:Xul_Runner Licenses : MPL GPL LGPL Groups : None Provides : None Depends On : gtk2 mozilla-common nss>3.18 libxt hunspell startup-notification mime-types dbus-glib libpulse libevent libvpx icu python2 Optional Deps : None Conflicts With : None Replaces : xulrunner-oss Download Size : 47.38 MiB Installed Size : 171.99 MiB Packager : Evangelos Foutras evangelos@foutrelis.com Build Date : Wed 26 Apr 2017 03:10:07 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [1]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | Very High | Critical | [midori] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [w3m] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [pam] pam_unix2 is orphaned and dead upstream | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wpa_supplicant] vulnerable to KRAK attack | Closed | |
|
|
Any | Security Issue | Very High | Critical | [dillo] enable IPv6, SSL/TLS and threaded DNS support | Closed | |
|
|
Any | Security Issue | Very High | Critical | [linux-libre-lts*] Meltdown & Spectre Vulnerability | Closed | |
|
|
Any | Security Issue | Very High | Critical | [libressl] add package as OpenSSL replacement and defau ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [avahi] blacklist package since it's a zeroconf impleme ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [electrum] JSONRPC vulnerability | Closed | |
|
|
Any | Security Issue | High | Critical | [irssi] IRSSI-SA-2018-02 Irssi Security Advisory | Closed | |
|
|
Any | Security Issue | High | Critical | [python2] heap-overflow vulnerability CVE-2018-1000030 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mupdf] multiple security issues | Closed | |
|
|
Any | Security Issue | High | Critical | [geth] possible denial of service attacks "DoS Attack" | Closed | |
|
|
Any | Security Issue | Very High | Critical | [xen] multiple security issues: CVE-2018-10472, CVE-201 ... | Closed | |
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wget] - GNU Wget Cookie Injection CVE-2018-0494 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [networkmanager] CVE-2018-1111: DHCP client script code ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openrc] use procps-ng's "sysctl" by default instead of ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openrc] remove dangerous "local" init script | Closed | |
|
|
Any | Security Issue | Very High | Critical | [znc] CVE-2018-14055: privilege escalation & CVE-2018-1 ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wesnoth] CVE-2018-1999023 - Code Injection vulnerabili ... | Closed | |
|
|
Stable | Security Issue | Very High | Critical | [iceweasel-uxp] Issue with HTTPS websites | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openssh] CVE-2018-15473 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [dropbear] CVE-2018-15599 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mutt] CVE-2018-14354 | Closed | |
|