|
Any | Drop Request | Low | Low | [wine*] remove unstable and staging packages | Closed | |
Task Description
$ pacman -Si wine
Repository : multilib
Name : wine
Version : 2.7-1
Description : A compatibility layer for running Windows programs
Architecture : x86_64
URL : http://www.winehq.com
Licenses : LGPL
Groups : None
Provides : bin32-wine=2.7 wine-wow64=2.7
Depends On : fontconfig lib32-fontconfig lcms2 lib32-lcms2 libxml2 lib32-libxml2 libxcursor lib32-libxcursor libxrandr lib32-libxrandr libxdamag
e lib32-libxdamage libxi lib32-libxi gettext lib32-gettext freetype2 lib32-freetype2 glu lib32-glu libsm lib32-libsm gcc-libs lib32-gcc-libs libp
cap lib32-libpcap desktop-file-utils
Optional Deps : giflib
lib32-giflib
libpng
lib32-libpng
libldap
lib32-libldap
gnutls
lib32-gnutls
mpg123
lib32-mpg123
openal
lib32-openal
v4l-utils
lib32-v4l-utils
libpulse
lib32-libpulse
alsa-plugins
lib32-alsa-plugins
alsa-lib
lib32-alsa-lib
libjpeg-turbo
lib32-libjpeg-turbo
libxcomposite
lib32-libxcomposite
libxinerama
lib32-libxinerama
ncurses
lib32-ncurses
opencl-icd-loader
lib32-opencl-icd-loader
libxslt
lib32-libxslt
gst-plugins-base-libs
lib32-gst-plugins-base-libs
cups
samba
dosbox
Conflicts With : bin32-wine wine-wow64
Replaces : bin32-wine
Download Size : 48.95 MiB
Installed Size : 387.66 MiB
Packager : Sven-Hendrik Haase <sh@lutzhaase.com>
Build Date : Sun 30 Apr 2017 09:09:05 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si wine-staging
Repository : multilib
Name : wine-staging
Version : 2.7-1
Description : A compatibility layer for running Windows programs - Staging branch
Architecture : x86_64
URL : http://www.wine-staging.com
Licenses : LGPL
Groups : None
Provides : wine=2.7 wine-wow64=2.7
Depends On : attr lib32-attr fontconfig lib32-fontconfig lcms2 lib32-lcms2 libxml2 lib32-libxml2 libxcursor lib32-libxcursor libxrandr lib32-libxrandr libxdamage lib32-libxdamage libxi lib32-libxi gettext lib32-gettext freetype2 lib32-freetype2 glu lib32-glu libsm lib32-libsm gcc-libs lib32-gcc-libs libpcap lib32-libpcap desktop-file-utils
Optional Deps : giflib
lib32-giflib
libpng
lib32-libpng
libldap
lib32-libldap
gnutls
lib32-gnutls
mpg123
lib32-mpg123
openal
lib32-openal
v4l-utils
lib32-v4l-utils
libpulse
lib32-libpulse
alsa-plugins
lib32-alsa-plugins
alsa-lib
lib32-alsa-lib
libjpeg-turbo
lib32-libjpeg-turbo
libxcomposite
lib32-libxcomposite
libxinerama
lib32-libxinerama
ncurses
lib32-ncurses
opencl-icd-loader
lib32-opencl-icd-loader
libxslt
lib32-libxslt
libva
lib32-libva
gtk3
lib32-gtk3
gst-plugins-base-libs
lib32-gst-plugins-base-libs
vulkan-icd-loader
lib32-vulkan-icd-loader
cups
samba
dosbox
Conflicts With : wine wine-wow64
Replaces : None
Download Size : 42.36 MiB
Installed Size : 404.19 MiB
Packager : Felix Yan <felixonmars@archlinux.org>
Build Date : Thu 04 May 2017 02:16:56 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ss wine-staging-nine
Repository : multilib
Name : wine-staging-nine
Version : 2.7-1
Description : A compatibility layer for running Windows programs - Staging branch with the gallium-nine patches
Architecture : x86_64
URL : http://www.wine-staging.com
Licenses : LGPL
Groups : None
Provides : wine=2.7 wine-wow64=2.7 wine-staging=2.7
Depends On : attr lib32-attr fontconfig lib32-fontconfig lcms2 lib32-lcms2 libxml2 lib32-libxml2 libxcursor lib32-libxcursor libxrandr lib32-libxrandr libxdamage lib32-libxdamage libxi lib32-libxi gettext lib32-gettext freetype2 lib32-freetype2 glu lib32-glu libsm lib32-libsm gcc-libs lib32-gcc-libs libpcap lib32-libpcap desktop-file-utils
Optional Deps : giflib
lib32-giflib
libpng
lib32-libpng
libldap
lib32-libldap
gnutls
lib32-gnutls
mpg123
lib32-mpg123
openal
lib32-openal
v4l-utils
lib32-v4l-utils
libpulse
lib32-libpulse
alsa-plugins
lib32-alsa-plugins
alsa-lib
lib32-alsa-lib
libjpeg-turbo
lib32-libjpeg-turbo
libxcomposite
lib32-libxcomposite
libxinerama
lib32-libxinerama
ncurses
lib32-ncurses
opencl-icd-loader
lib32-opencl-icd-loader
libxslt
lib32-libxslt
libva
lib32-libva
gtk3
lib32-gtk3
gst-plugins-base-libs
lib32-gst-plugins-base-libs
vulkan-icd-loader
lib32-vulkan-icd-loader
cups
samba
dosbox
Conflicts With : wine wine-wow64 wine-staging
Replaces : None
Download Size : 42.42 MiB
Installed Size : 404.60 MiB
Packager : Laurent Carlier <lordheavym@gmail.com>
Build Date : Thu 04 May 2017 04:46:19 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | High | High | [which] adapt package in accordance with the Hyperbola ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Security Issue | Very High | Critical | [wget] - GNU Wget Cookie Injection CVE-2018-0494 | Closed | |
Task Description
An external attacker is able to inject arbitrary cookie values cookie jar file, adding new or replacing existing cookie values. http://openwall.com/lists/oss-security/2018/05/06/1
Fixed in GNU Wget 1.19.5 or later.
|
|
Any | Bug Report | Medium | Critical | [wesnoth]: prevents upgrade of Hyperbola, colliding fil ... | Closed | |
Task Description
Description:
I have tried to upgrade hyperbola.
Critical upgrades cannot be installed when wesnoth is installed, there are conflicting files
Steps to reproduce:
:: Proceed with installation? [Y/n] y
:: Retrieving packages...
arch-keyring-201808... 1605.2 KiB 617K/s 00:03 [#########] 100%
hyperbola-keyring-2... 215.9 KiB 635K/s 00:00 [#########] 100%
linux-libre-lts-4.9... 59.6 MiB 749K/s 01:22 [#########] 100%
openvpn-2.4.6-1.hyp... 402.2 KiB 1149K/s 00:00 [#########] 100%
iceweasel-uxp-52.9.... 39.8 MiB 839K/s 00:49 [#########] 100%
libgdm-3.24.1-1.hyp... 57.3 KiB 1912K/s 00:00 [#########] 100%
ntp-4.2.8.p11-2.hyp... 1798.4 KiB 833K/s 00:02 [#########] 100%
sddm-0.14.0-2.hyper... 3.2 MiB 770K/s 00:04 [#########] 100%
lxdm-0.5.3-4.hyperb... 98.4 KiB 984K/s 00:00 [#########] 100%
tp_smapi-lts-0.43-1... 26.6 KiB 2.60M/s 00:00 [#########] 100%
wesnoth-data-1.14.4... 395.1 MiB 745K/s 09:03 [#########] 100%
wesnoth-1.14.4-1.hy... 5.5 MiB 616K/s 00:09 [#########] 100%
(12/12) checking keys in keyring [#########] 100%
(12/12) checking package integrity [#########] 100%
(12/12) loading package files [#########] 100%
(12/12) checking for file conflicts [#########] 100%
error: failed to commit transaction (conflicting files)
/usr/share/icons/hicolor/128x128/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/16x16/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/256x256/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/32x32/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/512x512/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/64x64/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/metainfo/wesnoth.appdata.xml exists in both 'wesnoth-data' and 'wesnoth'
Errors occurred, no packages were upgraded.
|
|
Any | Feature Request | Very High | High | [wesnoth] contains systemd unit files | Closed | |
Task Description
Description:
The Arch version of Wesnoth from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required or add OpenRC init scripts to replace it.
Additional info: * package version(s) * config and/or log files etc.
Repository : community
Name : wesnoth
Version : 1.12.6-4
Description : A turn-based strategy game on a fantasy world
Architecture : x86_64
URL : http://www.wesnoth.org/
Licenses : GPL
Groups : None
Provides : None
Depends On : sdl_ttf sdl_net sdl_mixer sdl_image fribidi boost-libs pango lua52 wesnoth-data dbus python2
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 4.97 MiB
Installed Size : 22.86 MiB
Packager : Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
Build Date : Mon 02 Jan 2017 07:52:21 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
/usr/lib/systemd/system/wesnothd.service is owned by wesnoth 1.12.6-4
/usr/lib/tmpfiles.d/wesnothd.conf is owned by wesnoth 1.12.6-4
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [wesnoth] CVE-2018-1999023 - Code Injection vulnerabili ... | Closed | |
Task Description
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.
https://security-tracker.debian.org/tracker/CVE-2018-1999023
Upstream patch: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318
|
|
Any | Bug Report | Very High | Critical | [warsow] the package is not compiled from source | Closed | |
Task Description
The package is not compiled from source
|
|
Any | Freedom Issue | Very High | Critical | [warsow] contains Steam support | Closed | |
Task Description
Warsow contains a library called steamlib which is built from the source. It’s useful only for Steam support which is nonfree software.
|
|
Any | Freedom Issue | Very High | Critical | [warsow-data] the package contains nonfree assets (CC B ... | Closed | |
Task Description
The package contains nonfree assets: data0_000_nonfree_21.pk3 data0_000_nonfree_21pure.pk3 tex_000_nonfree.pk3
|
|
Any | Security Issue | Very High | Critical | [w3m] unmaintained and unsupportable | Closed | |
Task Description
w3m is an unmaintained and unsuportable software, the latest release was 0.5.3 (2011)[0][1][2][3]
$ pacman -Qi w3m Name : w3m Version : 0.5.3.git20170102-2 Description : Text-based Web browser, as well as pager Architecture : x86_64 URL : http://w3m.sourceforge.net/ Licenses : custom Groups : None Provides : None Depends On : openssl gc ncurses gpm Optional Deps : imlib2: for graphics support [installed] Required By : None Optional For : None Conflicts With : None Replaces : None Installed Size : 1784.00 KiB Packager : Jan de Groot jgc@archlinux.org Build Date : Sat 04 Mar 2017 07:12:38 PM -03 Install Date : Tue 12 Sep 2017 03:43:25 AM -03 Install Reason : Explicitly installed Install Script : No Validated By : Signature
[0]:https://sourceforge.net/projects/w3m/files/w3m/ [1]:https://security.archlinux.org/package/w3m [2]:https://tracker.debian.org/pkg/w3m [3]:https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/w3m
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2018-11529 | Closed | |
Task Description
Description:
Additional info: * package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2017-17670 | Closed | |
Task Description
Description:
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Additional info: * package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Stable | Bug Report | Medium | Critical | [virt-manager] Failed to initialize a valid firewall ba ... | Closed | |
Task Description
[virt-manager] Failed to initialize a valid firewall backend
I cannot start any virtual machine with current virt-manager. The error message is the following :
Failed to initialize a valid firewall backend
My username is in “kvm” group.
The only modification to the libvirt config files I made are in /etc/libvirt/qemu.conf
[...]
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
#user = "root"
user = "david"
[...]
The libvirtd service is enabled (and start without error) Also, the optional dependencies are correctly installed :
ebtables: required for default NAT networking [installed]
dnsmasq: required for default NAT/DHCP for guests [installed]
bridge-utils: for bridged networking [installed]
This was working fine previously (with 0.2.9) so I don’t know why this isn’t working anymore. As said previously, my config hasn’t changed.
|
|
Any | Feature Request | Very High | High | [vino] contains systemd unit file | Closed | |
Task Description
Description:
The Arch version of Vino from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required. OpenRC init script replacement isn’t possible here because Vino is using a systemd unit file adapted for users instead of system users.
Additional info:
$ pacman -Si vino
Repository : extra
Name : vino
Version : 3.22.0-1.hyperbola1
Description : A VNC server for the GNOME desktop
Architecture : x86_64
URL : https://wiki.gnome.org/Projects/Vino
Licenses : GPL
Groups : gnome
Provides : None
Depends On : libnotify libxtst libsm telepathy-glib gtk3 libsecret avahi gnutls
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 368.24 KiB
Installed Size : 2723.00 KiB
Packager : Scott Adams <haricot@hyperbola.info>
Build Date : Fri 09 Jun 2017 02:01:33 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
/usr/lib/systemd/user/vino-server.service is owned by vino 3.22.0-1.hyperbola1
Steps to reproduce:
|
|
Stable | Bug Report | High | Critical | [vhba-module-lts] modprobe: ERROR: could not insert 'vh ... | Closed | |
Task Description
filename: /lib/modules/4.9.77-gnu-1-lts/extramodules/vhba.ko
license: GPL
description: Virtual SCSI HBA
version: 20161009
author: Chia-I Wu
srcversion: E5A3E6F70DFD436A6B1C8D6
depends: scsi_mod
vermagic: 4.9.27-gnu-1-lts SMP mod_unload modversions
Can’t insert module vhba
Error :
modprobe: ERROR: could not insert ‘vhba’: Exec format error
|
|
Any | Feature Request | High | High | [vhba-module-lts] adapt package in accordance with the ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Freedom Issue | Very High | Critical | [vdrift-data] contains nonfree car and track models | Closed | |
Task Description
The package contains nonfree car and track models
|
|
Stable | Bug Report | Medium | Critical | [v4l-utils] Error in `dvbv5-scan': double free or corru ... | Closed | |
Task Description
With : v4l-utils 1.12.3-1.hyperbola1
dvb5-scan utility currently segfaults with rtl2832
*** Error in `dvbv5-scan': double free or corruption (fasttop): 0x000000000090be90 ***
======= Backtrace: =========
/lib/libc.so.6(+0x727ad)[0x7f4f9a9657ad]
/lib/libc.so.6(+0x78e6f)[0x7f4f9a96be6f]
/lib/libc.so.6(+0x796ce)[0x7f4f9a96c6ce]
/usr/lib/libdvbv5.so.0(free_dvb_dev+0x13)[0x7f4f9acafa53]
/usr/lib/libdvbv5.so.0(dvb_dev_free_devices+0x28)[0x7f4f9acafaf8]
/usr/lib/libdvbv5.so.0(dvb_dev_free+0x4e)[0x7f4f9acafe2e]
dvbv5-scan[0x401729]
/lib/libc.so.6(__libc_start_main+0xf1)[0x7f4f9a9135a1]
dvbv5-scan[0x4019fa]
This seems to have been fixed, see :
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
I don’t know if a patch is available for it though..
|
|
Any | Bug Report | High | Critical | [utox] package needs rebuilding | Closed | |
Task Description
I get this error when trying to run it:
$ utox utox: error while loading shared libraries: libtoxencryptsave.so.1: cannot open shared object file: No such file or directory
|
|
Any | Freedom Issue | Very Low | Low | [util-linux]: referring to kernel Linux when it should ... | Closed | |
Task Description
core/util-linux 2.29.2-2.hyperbola2 (base base-devel) [installed]
Miscellaneous system utilities for Linux, with eudev and libeudev support
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Description is referring to operating system, and not to the kernel itself (Linux). It shall be amended.
|
|
Any | Feature Request | High | High | [util-linux] adapt package in accordance with the Hyper ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Security Issue | Very High | Critical | [util-linux] CVE-2018-7738 | Closed | |
Task Description
Description: In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
https://blog.grimm-co.com/post/malicious-command-execution-via-bash-completion-cve-2018-7738/
|
|
Any | Feature Request | High | High | [util-linux-debug] adapt package in accordance with the ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [usbutils] adapt package in accordance with the Hyperbo ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | Medium | Medium | [usbmuxd] needs OpenRC init script | Closed | |
Task Description
$ pacman -Si usbmuxd Repository : extra Name : usbmuxd Version : 1.1.0-2 Description : USB Multiplex Daemon Architecture : x86_64 URL : http://marcansoft.com/blog/iphonelinux/usbmuxd/ Licenses : GPL2 GPL3 Groups : None Provides : None Depends On : libimobiledevice Optional Deps : None Conflicts With : None Replaces : None Download Size : 28.93 KiB Installed Size : 70.00 KiB Packager : Jan de Groot jgc@archlinux.org Build Date : Tue 03 Mar 2015 06:35:18 AM -02 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql usbmuxd usbmuxd /usr/ usbmuxd /usr/bin/ usbmuxd /usr/bin/usbmuxd usbmuxd /usr/lib/ usbmuxd /usr/lib/systemd/ usbmuxd /usr/lib/systemd/system/ usbmuxd /usr/lib/systemd/system/usbmuxd.service usbmuxd /usr/lib/udev/ usbmuxd /usr/lib/udev/rules.d/ usbmuxd /usr/lib/udev/rules.d/39-usbmuxd.rules usbmuxd /usr/share/ usbmuxd /usr/share/man/ usbmuxd /usr/share/man/man1/ usbmuxd /usr/share/man/man1/usbmuxd.1.gz
|
|
Any | Feature Request | High | High | [usbduxsigma-lts-firmware] adapt package in accordance ... | Closed | |
|
|
Any | Feature Request | High | High | [usbduxfast-lts-firmware] adapt package in accordance w ... | Closed | |
|
|
Any | Feature Request | High | High | [usbduxd-lts-firmware] adapt package in accordance with ... | Closed | |
|
|
Any | Feature Request | Very High | High | [umurmur] needs OpenRC init script and contains systemd ... | Closed | |
|
|
Any | Feature Request | High | High | [tzdata] adapt package in accordance with the Hyperbola ... | Closed | |
|
|
Any | Feature Request | Medium | Medium | [tuntox] needs OpenRC init script | Closed | |
|
|
Any | Feature Request | Very High | High | [tracker] contains systemd unit files | Closed | |
|
|
Any | Feature Request | High | High | [traceroute] adapt package in accordance with the Hyper ... | Closed | |
|
|
Stable | Bug Report | Medium | High | [tp_smapi] not working with most recent libre kernel | Closed | |
|
|
Any | Feature Request | High | High | [tp_smapi-lts] adapt package in accordance with the Hyp ... | Closed | |
|
|
Any | Security Issue | Medium | High | [toxcore] vulnerability affecting versions < 0.2.3 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [toxcore] Memory leak - Remote DDoS vunerability | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [torcs-data] contains nonfree car models | Closed | |
|
|
Any | Bug Report | High | High | [tlp] remove systemd support | Closed | |
|
|
Any | Feature Request | Medium | Medium | [tlp] needs OpenRC init script | Closed | |
|
|
Any | Feature Request | Very High | High | [timidity++] contains systemd unit file | Closed | |
|
|
Any | Feature Request | Medium | Medium | [tigervnc] needs OpenRC init scripts | Closed | |
|
|
Any | Implementation Request | Very Low | Low | [thinkfan] add package | Closed | |
|
|
Any | Feature Request | High | High | [thin-provisioning-tools] adapt package in accordance w ... | Closed | |
|
|
Any | Feature Request | High | High | [texinfo] adapt package in accordance with the Hyperbol ... | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-morse] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-kde-accounts-kcm] recommends Telepathy-Morse ... | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telegramqml] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telegram-qt] only useful with Telegram service | Closed | |
|
|
Any | Backport Request | Very High | High | [tcpreplay] update package to 4.2.6 backport | Closed | |
|