Packages

Category Task Type Priority Severity Summary Status  asc Progress
AnyFreedom IssueMediumMedium[filesystem] Review of permissionsUnconfirmed
0%
Task Description

Description: Packages leaves warnings about installation being within difference of the filesystem. So the package filesystem should get another review in time and warnings get therefore a solution.

StableBug ReportVery LowVery Low[fail2ban] update dovecot failregex to support verbose ...Unconfirmed
0%
Task Description

Description:
The /etc/fail2ban/filter.d/dovecot.conf file has a failregex with the following:

^%(__prefix_line)s(?:auth|auth-worker\(\d+\)): (?:pam|passwd-file)\(\S+,<HOST>\): unknown user\s*$

and works with things like:

Month day time hostname dovecot: auth: passwd-file(user@domain.com,IP): unknown user

but with verbosity enabled in Dovecot, this output looks like this:

Month day time hostname dovecot: auth: passwd-file(user@domain.com,IP): unknown user (given password: password)

and in this case it doesn’t work, but it does if we fix the failregex if we replace it with:

^%(__prefix_line)s(?:auth|auth-worker\(\d+\)): (?:pam|passwd-file)\(\S+,<HOST>\): unknown user( \(given password: \S*\))?\s*$

with this new expression, it works with and without verbosity

And regarding postfix, to make it work correctly I “backported” some pieces from newest failregex:

/etc/fail2ban/postfixr-rbl.conf:

^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: [45]54 [45]\.7\.1 Service unavailable; Client host \[\S+\] blocked using .* from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$

/etc/fail2ban/postfix.conf: (second failregex)

^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 45[04] 4\.7\.1 Client host rejected: cannot find your (reverse )?hostname, (\[\S*\]); from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$

I can create a patch if you want. Note that I haven’t tested all filters, some others may also need some rework

Additional info:
* fail2ban-0.9.6-2.hyperbola3

AnyBug ReportLowMedium[cryptsetup] when dmcrypt start, the "/" filesystem, m...Assigned
0%
Task Description

When dmcrypt service start, the “/” filesystem is remounted, mtab is updated and bootmisc is recording the login users, by waiting time scheduling:

* root: waiting for dmcrypt (50 seconds)
* root: timed out waiting for dmcrypt
* Remounting root filesystem read/write ...
* Remounting filesystems ...
* mtab: waiting for dmcrypt (50 seconds)
* mtab: timed out waiting for dmcrypt
* Updating /etc/mtab ...
* Creating mtab symbolic link
* bootmisc: waiting to dmcrypt (50 seconds)
* bootmisc: timed out waiting for dmcrypt
* Creating user login records ...

These features on dmcrypt service are useless and these lines print above filesystem passphrase order (the printed line), those ones break printed console and print the pressed keyboard digit when I’m setting up password.
Sometimes this breaks services startup, and I need press “enter” consecutively to allow run the services.

StableBug ReportVery LowVery Low[spamassassin] has different directory permissions than...Deferred
0%
Task Description

Description:
The /usr/sbin directory in spamassassin has permissions 755
https://git.hyperbola.info:50100/packages/extra.git/tree/spamassassin/PKGBUILD#n88

And ‘filesystem’ sets it to 750
https://git.hyperbola.info:50100/packages/core.git/tree/filesystem/PKGBUILD#n135

So when installing spamassassin, pacman throws a warning

warning: directory permissions differ on /usr/sbin/
filesystem: 750  package: 755

Additional info:
* spamassassin 3.4.2-1.hyperbola2

StableBug ReportVery LowVery Low[postfix] has different directory permissions than 'fil...Deferred
0%
Task Description

Description:
The /usr/sbin directory in postfix has permissions 755
https://git.hyperbola.info:50100/packages/extra.git/tree/postfix/PKGBUILD#n115

And ‘filesystem’ sets it to 750
https://git.hyperbola.info:50100/packages/core.git/tree/filesystem/PKGBUILD#n135

So when installing postfix, pacman throws a warning

warning: directory permissions differ on /usr/sbin/
filesystem: 750  package: 755

Additional info:
* postfix-3.2.2-1.hyperbola6

AnySecurity IssueVery HighCritical [networkmanager] CVE-2018-1111: DHCP client script code ...Closed
100%
Task Description

A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager which is configured to obtain network configuration using the DHCP protocol.

AnyFeature RequestVery LowCritical [openldap] needs OpenRC init script Closed
100%
Task Description

pacman -Si openldap
Repository : core
Name : openldap
Version : 2.4.44-4.hyperbola3
Description : Lightweight Directory Access Protocol (LDAP) client and

                server, with OpenRC support

Architecture : x86_64
URL : https://www.openldap.org/ Licenses : custom
Groups : None
Provides : None
Depends On : libldap>=2.4.44 libltdl unixodbc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 1282.52 KiB
Installed Size : 3990.00 KiB
Packager : André Silva emulatorman@hyperbola.info Build Date : Wed 21 Feb 2018 08:09:38 PM CET
Validated By : MD5 Sum SHA-256 Sum Signature

pacman -Ql openldap | grep /usr/lib/
openldap /usr/lib/
openldap /usr/lib/openldap/
openldap /usr/lib/openldap/accesslog-2.4.so.2
openldap /usr/lib/openldap/accesslog-2.4.so.2.10.7
openldap /usr/lib/openldap/accesslog.so
openldap /usr/lib/openldap/auditlog-2.4.so.2
openldap /usr/lib/openldap/auditlog-2.4.so.2.10.7
openldap /usr/lib/openldap/auditlog.so
openldap /usr/lib/openldap/collect-2.4.so.2
openldap /usr/lib/openldap/collect-2.4.so.2.10.7
openldap /usr/lib/openldap/collect.so
openldap /usr/lib/openldap/constraint-2.4.so.2
openldap /usr/lib/openldap/constraint-2.4.so.2.10.7
openldap /usr/lib/openldap/constraint.so
openldap /usr/lib/openldap/dds-2.4.so.2
openldap /usr/lib/openldap/dds-2.4.so.2.10.7
openldap /usr/lib/openldap/dds.so
openldap /usr/lib/openldap/deref-2.4.so.2
openldap /usr/lib/openldap/deref-2.4.so.2.10.7
openldap /usr/lib/openldap/deref.so
openldap /usr/lib/openldap/dyngroup-2.4.so.2
openldap /usr/lib/openldap/dyngroup-2.4.so.2.10.7
openldap /usr/lib/openldap/dyngroup.so
openldap /usr/lib/openldap/dynlist-2.4.so.2
openldap /usr/lib/openldap/dynlist-2.4.so.2.10.7
openldap /usr/lib/openldap/dynlist.so
openldap /usr/lib/openldap/memberof-2.4.so.2
openldap /usr/lib/openldap/memberof-2.4.so.2.10.7
openldap /usr/lib/openldap/memberof.so
openldap /usr/lib/openldap/nssov.so
openldap /usr/lib/openldap/nssov.so.0
openldap /usr/lib/openldap/nssov.so.0.0.0
openldap /usr/lib/openldap/pcache-2.4.so.2
openldap /usr/lib/openldap/pcache-2.4.so.2.10.7
openldap /usr/lib/openldap/pcache.so
openldap /usr/lib/openldap/ppolicy-2.4.so.2
openldap /usr/lib/openldap/ppolicy-2.4.so.2.10.7
openldap /usr/lib/openldap/ppolicy.so
openldap /usr/lib/openldap/refint-2.4.so.2
openldap /usr/lib/openldap/refint-2.4.so.2.10.7
openldap /usr/lib/openldap/refint.so
openldap /usr/lib/openldap/retcode-2.4.so.2
openldap /usr/lib/openldap/retcode-2.4.so.2.10.7
openldap /usr/lib/openldap/retcode.so
openldap /usr/lib/openldap/rwm-2.4.so.2
openldap /usr/lib/openldap/rwm-2.4.so.2.10.7
openldap /usr/lib/openldap/rwm.so
openldap /usr/lib/openldap/seqmod-2.4.so.2
openldap /usr/lib/openldap/seqmod-2.4.so.2.10.7
openldap /usr/lib/openldap/seqmod.so
openldap /usr/lib/openldap/sssvlv-2.4.so.2
openldap /usr/lib/openldap/sssvlv-2.4.so.2.10.7
openldap /usr/lib/openldap/sssvlv.so
openldap /usr/lib/openldap/syncprov-2.4.so.2
openldap /usr/lib/openldap/syncprov-2.4.so.2.10.7
openldap /usr/lib/openldap/syncprov.so
openldap /usr/lib/openldap/translucent-2.4.so.2
openldap /usr/lib/openldap/translucent-2.4.so.2.10.7
openldap /usr/lib/openldap/translucent.so
openldap /usr/lib/openldap/unique-2.4.so.2
openldap /usr/lib/openldap/unique-2.4.so.2.10.7
openldap /usr/lib/openldap/unique.so
openldap /usr/lib/openldap/valsort-2.4.so.2
openldap /usr/lib/openldap/valsort-2.4.so.2.10.7
openldap /usr/lib/openldap/valsort.so
openldap /usr/lib/slapd

StableSecurity IssueVery HighCritical [iceweasel-uxp] Issue with HTTPS websites Closed
100%
Task Description

With latest iceweasel-uxp, I can’t connect to some HTTPS websites :

For example :

https://pkgs.fedoraproject.org/ is an example

SEC_ERROR_UNKNOWN_ISSUER

AnySecurity IssueVery LowCritical [toxcore] Memory leak bug Closed
100%
Task Description

Description:
https://blog.tox.chat/2018/10/memory-leak-bug-and-new-toxcore-release-fixing-it/

The bug is fixed in TokTok c-toxcore v0.2.8. The bug is also fixed in the master branch of irungentoo’s toxcore, in commit bf69b54f64003d160d759068f4816b2d9b2e1e21. As a general reminder, if you are still using irungentoo’s toxcore, we strongly encourage you to switch to using TokTok c-toxcore instead as it’s a lot more actively developed and maintained.

AnyBug ReportVery LowCritical [msmtp] needs libressl Closed
100%
Task Description

Description:

I may be wrong for I did not migrate to 0.3 as of yet, but I think that `msmtp` has been forgotten and needs to be recompiled with `libressl`.

Please remove this report if I am mistaken.

TestingBug ReportVery LowCritical [msmtp] needs libressl Closed
100%
Task Description

Description:

I may be wrong for I did not migrate to 0.3 as of yet, but I think that `msmtp` has been forgotten and needs to be recompiled with `libressl`.

Please remove this report if I am mistaken.

StableSecurity IssueVery LowCritical [lts-kernel][sec] filter /dev/mem access & restrict acc ...Closed
100%
Task Description

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

AnySecurity IssueVery LowCritical [opensmtpd] CVE-2020-8794 Closed
100%
Task Description

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

Contents

Summary
Analysis
...
Acknowledgments

Summary

We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This
vulnerability, an out-of-bounds read introduced in December 2015 (commit
80c6a60c, “when peer outputs a multi-line response ...”), is exploitable
remotely and leads to the execution of arbitrary shell commands: either
as root, after May 2018 (commit a8e22235, “switch smtpd to new
grammar”); or as any non-root user, before May 2018.

Because this vulnerability resides in OpenSMTPD’s client-side code
(which delivers mail to remote SMTP servers), we must consider two
different scenarios:

- Client-side exploitation: This vulnerability is remotely exploitable

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

- Server-side exploitation: First, the attacker must connect to the

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

We developed a simple exploit for this vulnerability and successfully
tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the
first vulnerable release), Debian 10 (stable), Debian 11 (testing), and
Fedora 31.

The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”

TestingBug ReportHighHigh [gnome-shell] error while loading shared libraries Closed
100%
Task Description

$ gnome-shell
gnome-shell: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory

AnyUpdate RequestMediumHigh Make Knock patch for Linux-libre 4.14 LTS Closed
100%
Task Description

The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x

However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x

This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.

Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases

AnyBug ReportHighHigh [gnupg] WARNING: Tor is not properly configured Closed
100%
Task Description

Explicit error

when executing the command:

$ gpg --receive-keys [key]

output:

gpg: WARNING: Tor is not properly configured
gpg: Failed key server reception: Denied permission

when executing the command [disable service Tor]:

$ gpg --receive-keys [key]

output:

gpg: WARNING: Tor is not running
gpg: recepción del servidor de claves fallida: Conexión rehusada

Possible solution

These are the patches from debian that may be causing the problem, we must check:

  • 0016-gpg-Print-a-warning-on-Tor-problems.patch
  • 0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch

References:
- http://daniel.gnoutcheff.name/2017-02-05-gpg-ipv6-tor-error/

Package information:

$ pacman -Ql gnupg
gnupg /usr/
gnupg /usr/bin/
gnupg /usr/bin/addgnupghome
gnupg /usr/bin/applygnupgdefaults
gnupg /usr/bin/dirmngr
gnupg /usr/bin/dirmngr-client
gnupg /usr/bin/gpg
gnupg /usr/bin/gpg-agent
gnupg /usr/bin/gpg-connect-agent
gnupg /usr/bin/gpg2
gnupg /usr/bin/gpgconf
gnupg /usr/bin/gpgparsemail
gnupg /usr/bin/gpgscm
gnupg /usr/bin/gpgsm
gnupg /usr/bin/gpgtar
gnupg /usr/bin/gpgv
gnupg /usr/bin/gpgv2
gnupg /usr/bin/kbxutil
gnupg /usr/bin/symcryptrun
gnupg /usr/bin/watchgnupg
gnupg /usr/lib/
gnupg /usr/lib/gnupg/
gnupg /usr/lib/gnupg/dirmngr_ldap
gnupg /usr/lib/gnupg/gpg-check-pattern
gnupg /usr/lib/gnupg/gpg-preset-passphrase
gnupg /usr/lib/gnupg/gpg-protect-tool
gnupg /usr/lib/gnupg/gpg-wks-client
gnupg /usr/lib/gnupg/scdaemon
gnupg /usr/share/
gnupg /usr/share/doc/
gnupg /usr/share/doc/gnupg/
gnupg /usr/share/doc/gnupg/DCO
gnupg /usr/share/doc/gnupg/DETAILS
gnupg /usr/share/doc/gnupg/FAQ
gnupg /usr/share/doc/gnupg/HACKING
gnupg /usr/share/doc/gnupg/KEYSERVER
gnupg /usr/share/doc/gnupg/OpenPGP
gnupg /usr/share/doc/gnupg/README
gnupg /usr/share/doc/gnupg/TRANSLATE
gnupg /usr/share/doc/gnupg/examples/
gnupg /usr/share/doc/gnupg/examples/README
gnupg /usr/share/doc/gnupg/examples/debug.prf
gnupg /usr/share/doc/gnupg/examples/gpgconf.conf
gnupg /usr/share/doc/gnupg/examples/pwpattern.list
gnupg /usr/share/doc/gnupg/examples/scd-event
gnupg /usr/share/doc/gnupg/examples/trustlist.txt
gnupg /usr/share/doc/gnupg/examples/vsnfd.prf
gnupg /usr/share/gnupg/
gnupg /usr/share/gnupg/distsigkey.gpg
gnupg /usr/share/gnupg/help.be.txt
gnupg /usr/share/gnupg/help.ca.txt
gnupg /usr/share/gnupg/help.cs.txt
gnupg /usr/share/gnupg/help.da.txt
gnupg /usr/share/gnupg/help.de.txt
gnupg /usr/share/gnupg/help.el.txt
gnupg /usr/share/gnupg/help.eo.txt
gnupg /usr/share/gnupg/help.es.txt
gnupg /usr/share/gnupg/help.et.txt
gnupg /usr/share/gnupg/help.fi.txt
gnupg /usr/share/gnupg/help.fr.txt
gnupg /usr/share/gnupg/help.gl.txt
gnupg /usr/share/gnupg/help.hu.txt
gnupg /usr/share/gnupg/help.id.txt
gnupg /usr/share/gnupg/help.it.txt
gnupg /usr/share/gnupg/help.ja.txt
gnupg /usr/share/gnupg/help.nb.txt
gnupg /usr/share/gnupg/help.pl.txt
gnupg /usr/share/gnupg/help.pt.txt
gnupg /usr/share/gnupg/help.pt_BR.txt
gnupg /usr/share/gnupg/help.ro.txt
gnupg /usr/share/gnupg/help.ru.txt
gnupg /usr/share/gnupg/help.sk.txt
gnupg /usr/share/gnupg/help.sv.txt
gnupg /usr/share/gnupg/help.tr.txt
gnupg /usr/share/gnupg/help.txt
gnupg /usr/share/gnupg/help.zh_CN.txt
gnupg /usr/share/gnupg/help.zh_TW.txt
gnupg /usr/share/gnupg/sks-keyservers.netCA.pem
gnupg /usr/share/info/
gnupg /usr/share/info/gnupg.info-1.gz
gnupg /usr/share/info/gnupg.info-2.gz
gnupg /usr/share/info/gnupg.info.gz
gnupg /usr/share/locale/
gnupg /usr/share/locale/ca/
gnupg /usr/share/locale/ca/LC_MESSAGES/
gnupg /usr/share/locale/ca/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/cs/
gnupg /usr/share/locale/cs/LC_MESSAGES/
gnupg /usr/share/locale/cs/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/da/
gnupg /usr/share/locale/da/LC_MESSAGES/
gnupg /usr/share/locale/da/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/de/
gnupg /usr/share/locale/de/LC_MESSAGES/
gnupg /usr/share/locale/de/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/el/
gnupg /usr/share/locale/el/LC_MESSAGES/
gnupg /usr/share/locale/el/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/en@boldquot/
gnupg /usr/share/locale/en@boldquot/LC_MESSAGES/
gnupg /usr/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/en@quot/
gnupg /usr/share/locale/en@quot/LC_MESSAGES/
gnupg /usr/share/locale/en@quot/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/eo/
gnupg /usr/share/locale/eo/LC_MESSAGES/
gnupg /usr/share/locale/eo/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/es/
gnupg /usr/share/locale/es/LC_MESSAGES/
gnupg /usr/share/locale/es/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/et/
gnupg /usr/share/locale/et/LC_MESSAGES/
gnupg /usr/share/locale/et/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/fi/
gnupg /usr/share/locale/fi/LC_MESSAGES/
gnupg /usr/share/locale/fi/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/fr/
gnupg /usr/share/locale/fr/LC_MESSAGES/
gnupg /usr/share/locale/fr/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/gl/
gnupg /usr/share/locale/gl/LC_MESSAGES/
gnupg /usr/share/locale/gl/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/hu/
gnupg /usr/share/locale/hu/LC_MESSAGES/
gnupg /usr/share/locale/hu/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/id/
gnupg /usr/share/locale/id/LC_MESSAGES/
gnupg /usr/share/locale/id/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/it/
gnupg /usr/share/locale/it/LC_MESSAGES/
gnupg /usr/share/locale/it/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/ja/
gnupg /usr/share/locale/ja/LC_MESSAGES/
gnupg /usr/share/locale/ja/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/nb/
gnupg /usr/share/locale/nb/LC_MESSAGES/
gnupg /usr/share/locale/nb/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/pl/
gnupg /usr/share/locale/pl/LC_MESSAGES/
gnupg /usr/share/locale/pl/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/pt/
gnupg /usr/share/locale/pt/LC_MESSAGES/
gnupg /usr/share/locale/pt/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/ro/
gnupg /usr/share/locale/ro/LC_MESSAGES/
gnupg /usr/share/locale/ro/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/ru/
gnupg /usr/share/locale/ru/LC_MESSAGES/
gnupg /usr/share/locale/ru/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/sk/
gnupg /usr/share/locale/sk/LC_MESSAGES/
gnupg /usr/share/locale/sk/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/sv/
gnupg /usr/share/locale/sv/LC_MESSAGES/
gnupg /usr/share/locale/sv/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/tr/
gnupg /usr/share/locale/tr/LC_MESSAGES/
gnupg /usr/share/locale/tr/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/uk/
gnupg /usr/share/locale/uk/LC_MESSAGES/
gnupg /usr/share/locale/uk/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/zh_CN/
gnupg /usr/share/locale/zh_CN/LC_MESSAGES/
gnupg /usr/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/locale/zh_TW/
gnupg /usr/share/locale/zh_TW/LC_MESSAGES/
gnupg /usr/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
gnupg /usr/share/man/
gnupg /usr/share/man/man1/
gnupg /usr/share/man/man1/dirmngr-client.1.gz
gnupg /usr/share/man/man1/gpg-agent.1.gz
gnupg /usr/share/man/man1/gpg-connect-agent.1.gz
gnupg /usr/share/man/man1/gpg-preset-passphrase.1.gz
gnupg /usr/share/man/man1/gpg-wks-client.1.gz
gnupg /usr/share/man/man1/gpg-wks-server.1.gz
gnupg /usr/share/man/man1/gpg.1.gz
gnupg /usr/share/man/man1/gpgconf.1.gz
gnupg /usr/share/man/man1/gpgparsemail.1.gz
gnupg /usr/share/man/man1/gpgsm.1.gz
gnupg /usr/share/man/man1/gpgv.1.gz
gnupg /usr/share/man/man1/scdaemon.1.gz
gnupg /usr/share/man/man1/symcryptrun.1.gz
gnupg /usr/share/man/man1/watchgnupg.1.gz
gnupg /usr/share/man/man7/
gnupg /usr/share/man/man7/gnupg.7.gz
gnupg /usr/share/man/man8/
gnupg /usr/share/man/man8/addgnupghome.8.gz
gnupg /usr/share/man/man8/applygnupgdefaults.8.gz
gnupg /usr/share/man/man8/dirmngr.8.gz
AnySecurity IssueVery LowHigh Iceweasel ESR request, Closed
100%
Task Description

from the, forums I have heard you plan to base your new iceweasel version from basilisk when firefox switches to web extensions completely. I am concerned about this because noscript and many other addons will no longer support legacy after this point...

I really think you are doing a disservice if you do this. I think we should personally fix the leaks that mozilla makes, the way trisquel 8 does it. I have heard they know how to fix those leaks. Or, another way forward would be to find a way that involves forking firefox esr 60 and correcting the bugs with the help of tcpdump.

Its madness to fork from basilisk because without noscript webextensions and other such addons, any benefits you get will be very small compared to what you have lost in the process.

I doubt you want to have two different versions of iceweasel esr, one that is with webext and one without. But please don’t try to use basilisk as the base for iceweasel.

I really think its a bad idea long term. Do I dislike mozilla’s new plan? Yes... of course. But do I think using basilisk will solve it? Not unless mozilla angers enough people to make their addons for basilisk instead... Which I really, really doubt very highly.

Please hear this request and don’t just close it. Rather, instead discuss it for a long time. Without noscript, firefox is immensely insecure. And Firefox’s legacy noscript version will die in the future. In the NEAR FUTURE I MIGHT ADD

Of course, there are other firefox addons I want that are webext. So yeah... Nano Adblocker, Privacy Settings, Privacy Possum/Privacy Badger, Viewtube, Decentraleyes to name a few.

AnyBug ReportHighHigh [openRC] cowardly refusing to concatenate a logfile int ...Closed
100%
Task Description

Message error:

Cowardly refusing to concatenate a logfile into self.

Please change rc_log_path to something other than /var/log/rc.log to get rid of this message
AnyBug ReportVery LowHigh Desite "noauto" specified in /etc/fstab all devices get ...Closed
100%
Task Description

Description:

I have tried all combinations, but despite “noauto” specified in /etc/fstab all devices get mounted at boot.

Who can help me, not to mount a device during boot?

AnyImplementation RequestVery LowHigh [glom]: should depend on libgda Closed
100%
Task Description

Description:

glom cannot run without libgda, so it should depend on libgda package

AnyBug ReportVery LowHigh [openrc] scripts in /etc/local.d seem ignored Closed
100%
Task Description

Description:

Since the latest update of openrc, I am under the impression that the scripts in /etc/local.d are not executed anymore upon boot or shutdown. rc.log shows nothing though.

Additional info:
* openrc 0.28-18

Steps to reproduce:

Write a dummy script which says hello in /etc/local.d, make it executable and see that it is discarded.

StableFreedom IssueVery LowHigh [iceweasel-uxp] Replace all default Firefox bookmarks f ...Closed
100%
Task Description

Sometimes I ran Iceweasel-UXP with installed language packs (i18n), but the different bookmarks appeared from Firefox by default.

StableBug ReportVery LowHigh java cacerts file is empty Closed
100%
Task Description

/etc/ssl/certs/java/cacerts has 0 entries, resulting in ssl handshake errors in java applications.

Package versions:
* ca-certificates 20170307-1
* ca-certificates-utils 20170307-1

AnyBug ReportHighHigh [firetools] doesn't show up as being sandboxed in sandb ...Closed
100%
Task Description

Neither iceweasel-uxp, nor icedove nor hexchat, nor vlc show up as being sandboxed in sandbox list.

I also check and see that firejail isn’t running also.

I think it might be wise to upgrade firetools. and also to make sure hardened packages such as icedove-hardened/iceweasel-uxp-hardened work properly.

This should be considered a high level priority due to firetools being a security application. Wouldn’t you say?

AnyBug ReportVery LowHigh [icedove-uxp] does not import from existing installatio ...Closed
100%
Task Description

It behaves like a clean installation, does not import the configurations and data from a existing installation of icedove.

The wizard import does not work too. It returns the message:

No application to import data from found.

A workaround

it copy the directory ~/.icedove to ~/.mozilla/thunderbird:

cp --recursive --verbose ~/.icedove/ ~/.mozilla/thunderbird/
AnyUpdate RequestVery LowHigh [proj]: please update to latest version Closed
100%
AnySecurity IssueVery LowHigh [octopi] requires su Closed
100%
AnyBug ReportVery LowHigh [kdelibs4support] XDG_RUNTIME_DIR not set Closed
100%
AnyBug ReportVery LowHigh [blueman] org.freedesktop.DBus.Error.NameHasNoOwner Closed
100%
AnyBug ReportVery LowHigh error: extract: not overwriting dir with file /usr/loca ...Closed
100%
AnyBug ReportVery LowHigh tp_smapi not working with most recent libre kerne; Closed
100%
StableBug ReportVery LowHigh problems with kdenetwork-kopete and kaccounts-intergrat ...Closed
100%
AnyBug ReportLowHigh [kaccounts-integration] option to add NextCloud/OwnClou ...Closed
100%
AnyBug ReportLowHigh [kdenetwork-kopete] clicking to add an Jabber Account o ...Closed
100%
AnyBug ReportVery LowHigh mach package command crashes and fails to build the pac ...Closed
100%
StableFreedom IssueVery LowHigh GNU Privacy Assistant (GPA) Closed
100%
AnyBug ReportVery LowHigh groff: package not built with URW fonts properly or suc ...Closed
100%
AnyImplementation RequestVery LowHigh Add MPTCP (MultiPath TCP) to Hyperbola Closed
100%
StableBug ReportVery LowHigh [gufw] error response to PolicyKit daemon Closed
100%
StableBug ReportVery LowHigh [firewalld] Failed to read file "/proc/sys/net/netfilte ...Closed
100%
StableBug ReportVery LowHigh [vlc] DVB : cache_block stream error: cannot pre fill b ...Closed
100%
AnyBug ReportVery LowHigh [vhba] Kernel module could not be loaded Closed
100%
AnyBug ReportVery LowHigh [rubyripper] GUI doesn't work Closed
100%
AnyFreedom IssueVery LowHigh Synergy en teclado en español no tiene tildes ni ñ Closed
100%
AnyUpdate RequestVery LowMedium [mesa] needs update Closed
100%
StableBug ReportVery LowMedium [kodi-addons-visualization] addons don't work Closed
100%
AnyImplementation RequestVery LowMedium [sway] needs OpenRC init script  Closed
100%
AnyImplementation RequestVery LowMedium Qemu Documentation Request Closed
100%
AnyImplementation RequestVery LowMedium bitlbee plugins Closed
100%
AnyPrivacy IssueVery LowMedium [avahi] avahi publishes the hostname by default Closed
100%
Showing tasks 1 - 50 of 1517 Page 1 of 31

Available keyboard shortcuts

Tasklist

Task Details

Task Editing