|
Any | Freedom Issue | Very High | Critical | [warsow] contains Steam support | Closed | |
Task Description
Warsow contains a library called steamlib which is built from the source. It’s useful only for Steam support which is nonfree software.
|
|
Any | Feature Request | Medium | Medium | [create_ap] needs OpenRC init script | Closed | |
Task Description
pacman -Si
Dépôt : community
Nom : create_ap
Version : 0.4.6-1
Description : A shell script to create a NATed/Bridged Software Access Point
Architecture : any
URL : https://github.com/oblique/create_ap
Licences : BSD
Groupes : --
Fournit : --
Dépend de : bash hostapd iproute2 iw dnsmasq iptables util-linux procps-ng
Dépendances opt. : haveged: boost low entropy
Est en conflit avec : --
Remplace : --
Taille du téléchargement : 17,61 KiB
Taille installée : 63,00 KiB
Paqueteur : NicoHood <nicohood@archlinux.org>
Compilé le : sam. 11 févr. 2017 10:53:08 CET
Validé par : Somme MD5 Somme SHA-256 Signature
pacman -Ql
create_ap /etc/
create_ap /etc/create_ap.conf
create_ap /usr/
create_ap /usr/bin/
create_ap /usr/bin/create_ap
create_ap /usr/lib/
create_ap /usr/lib/systemd/
create_ap /usr/lib/systemd/system/
create_ap /usr/lib/systemd/system/create_ap.service
create_ap /usr/share/
create_ap /usr/share/bash-completion/
create_ap /usr/share/bash-completion/completions/
create_ap /usr/share/bash-completion/completions/create_ap
create_ap /usr/share/doc/
create_ap /usr/share/doc/create_ap/
create_ap /usr/share/doc/create_ap/README.md
create_ap /usr/share/licenses/
create_ap /usr/share/licenses/create_ap/
create_ap /usr/share/licenses/create_ap/LICENSE
|
|
Any | Feature Request | Medium | Medium | [iperf] needs OpenRC init script | Closed | |
Task Description
pacman -Si
Nom : iperf
Version : 2.0.9-1
Description : A tool to measure maximum TCP bandwidth
Architecture : x86_64
URL : https://sourceforge.net/projects/iperf2/
Licences : custom
Groupes : --
Fournit : --
Dépend de : gcc-libs
Dépendances opt. : --
Requis par : --
Optionnel pour : --
Est en conflit avec : --
Remplace : --
Taille installée : 88,00 KiB
Paqueteur : Sébastien Luttringer <seblu@seblu.net>
Compilé le : dim. 09 oct. 2016 14:14:34 CEST
Installé le : ven. 04 mai 2018 17:13:21 CEST
Motif d’installation : Explicitement installé
Script d’installation : Oui
Validé par : Signature
pacman -Ql
iperf /usr/
iperf /usr/bin/
iperf /usr/bin/iperf
iperf /usr/lib/
iperf /usr/lib/systemd/
iperf /usr/lib/systemd/system/
iperf /usr/lib/systemd/system/iperf-tcp.service
iperf /usr/lib/systemd/system/iperf-udp.service
iperf /usr/share/
iperf /usr/share/licenses/
iperf /usr/share/licenses/iperf/
iperf /usr/share/licenses/iperf/LICENSE
iperf /usr/share/man/
iperf /usr/share/man/man1/
iperf /usr/share/man/man1/iperf.1.gz
|
|
Any | Feature Request | Medium | Medium | [gammu] needs OpenRC init script | Closed | |
Task Description
pacman -Si
Dépôt : community
Nom : gammu
Version : 1.38.2-1
Description : GNU All Mobile Management Utilities
Architecture : x86_64
URL : http://wammu.eu/gammu/
Licences : GPL
Groupes : --
Fournit : --
Dépend de : glib2 bluez-libs curl libmariadbclient postgresql-libs libusb
libgudev
Dépendances opt. : dialog: support for the gammu-config script
python2: for python bindings
Est en conflit avec : --
Remplace : --
Taille du téléchargement : 1167,86 KiB
Taille installée : 4798,00 KiB
Paqueteur : Jaroslav Lichtblau <svetlemodry@archlinux.org>
Compilé le : mar. 11 avril 2017 15:16:32 CEST
Validé par : Somme MD5 Somme SHA-256 Signature
pacman -Ql gammu | grep /usr/lib/
gammu /usr/lib/
gammu /usr/lib/libGammu.so
gammu /usr/lib/libGammu.so.8
gammu /usr/lib/libGammu.so.8.1.38.2
gammu /usr/lib/libgsmsd.so
gammu /usr/lib/libgsmsd.so.8
gammu /usr/lib/libgsmsd.so.8.1.38.2
gammu /usr/lib/pkgconfig/
gammu /usr/lib/pkgconfig/gammu-smsd.pc
gammu /usr/lib/pkgconfig/gammu.pc
gammu /usr/lib/systemd/
gammu /usr/lib/systemd/system/
gammu /usr/lib/systemd/system/gammu-smsd.service
|
|
Any | Security Issue | Very High | Critical | [xen] multiple security issues: CVE-2018-10472, CVE-201 ... | Closed | |
Task Description
http://openwall.com/lists/oss-security/2018/04/30/1 http://openwall.com/lists/oss-security/2018/04/30/1 An attacker supplying a crafted CDROM image can read any file (or device node) on the dom0 filesystem with the permissions of the qemu devicemodel process. (The virtual CDROM device is read-only, so no data can be written.)
http://openwall.com/lists/oss-security/2018/04/30/2 A malicious or buggy guest may cause a hypervisor crash, resulting in a Denial of Service (DoS) affecting the entire host.
http://openwall.com/lists/oss-security/2018/05/11/1 A malicious unprivileged device model can cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time.
http://openwall.com/lists/oss-security/2018/05/11/2
[critical] A malicious or buggy HVM guest may cause a hypervisor crash, resulting in a Denial of Service (DoS) affecting the entire host. Privilege escalation, or information leaks, cannot be excluded.
Patches provided by upstream.
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
Task Description
https://security-tracker.debian.org/tracker/CVE-2018-1088
http://openwall.com/lists/oss-security/2018/04/18/1
https://bugs.debian.org/896128
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Upstream patches: https://review.gluster.org/#/c/19899/1..2
Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2
|
|
Any | Security Issue | Very High | Critical | [wget] - GNU Wget Cookie Injection CVE-2018-0494 | Closed | |
Task Description
An external attacker is able to inject arbitrary cookie values cookie jar file, adding new or replacing existing cookie values. http://openwall.com/lists/oss-security/2018/05/06/1
Fixed in GNU Wget 1.19.5 or later.
|
|
Any | Bug Report | Medium | High | [postgresql] creating directory Permission denied | Closed | |
Task Description
In the File postgresql.install
the output is:
==> requires datadir /var/lib/data
==> run as user postgres: 'initdb -D /var/lib/data'
when it should be:
==> requires datadir /var/lib/postgres/data
==> run as user postgres: 'initdb -D /var/lib/postgres/data'
It may be necessary to change:
local datadir = "/var/lib/data"
to
local datadir = "/var/lib/postgres/data"
The comand for default fails:
creating directory /var/lib/data... initdb: could not create directory "/var/lib/data": Permission denied
|
|
Any | Freedom Issue | Very High | Critical | [rust][cargo] trademark agreement affects user freedom | Closed | |
Task Description
Uses that require explicit approval
Distributing a modified version of the Rust programming language or the Cargo package manager and calling it Rust or Cargo requires explicit, written permission from the Rust core team. We will usually allow these uses as long as the modifications are (1) relatively small and (2) very clearly communicated to end-users.
Selling t-shirts, hats, and other artwork or merchandise requires explicit, written permission from the Rust core team. We will usually allow these uses as long as (1) it is clearly communicated that the merchandise is not in any way an official part of the Rust project and (2) it is clearly communicated whether profits benefit the Rust project.
Using the Rust trademarks within another trademark requires written permission from the Rust core team except as described above.
Since it violates the freedom to redistribute without “explicit” approval, this is a freedom issue.
|
|
Any | Drop Request | Very High | Critical | [cgmanager] unmaintained and unsupportable | Closed | |
Task Description
The CGManager project has been deprecated in favor of using the kernel’s CGroup Namespace or lxcfs’ simulated cgroupfs.
See https://s3hh.wordpress.com/2016/06/18/whither-cgmanager/ for details.
|
|
Any | Drop Request | Very High | Critical | [pm-utils] unmaintained and unsupportable | Closed | |
Task Description
pm-utils is no longer maintained from a long time . Therefore, it should be removed from repos since Hyperbola contains an amendment about anti-abandonware through its packaging guidelines .
|
|
Any | Bug Report | Low | Medium | [samba] wrong permissions on /etc/conf.d folder | Closed | |
Task Description
Latest samba has wrong permissions on /etc/conf.d folder, that is 644 whereas it should be 755.
|
|
Any | Freedom Issue | Very High | Critical | [pacman] uses "Linux" term instead of "GNU/Linux" in it ... | Closed | |
Task Description
The man page of pacman says:
DESCRIPTION
Pacman is a package management utility that tracks installed packages on a Linux
system
And I propose to change “Linux system” to “GNU/Linux system”.
|
|
Any | Freedom Issue | Very High | Critical | [xmind] is probably directing users to proprietary soft ... | Closed | |
Task Description
xmind when installed is showing that “this version is not licensed”, so that cannot be right. Even though there is GPL license on Github, that vague information in the software can and is wrongly understood:
Further it is asking for license key to get the “Pro” version.
Thus xmind is pointing to proprietary software.
That means xmind shall be removed from Hyperbola immediately as such as it is now cannot be in the fully free GNU distribution.
|
|
Any | Bug Report | Low | Low | [x11vnc] service contains error: "Service 'x11vnc' need ... | Closed | |
Task Description
x11vnc service has been imported from Gentoo, however it forces use xdm service when it should be optional since there are users don’t like use xdm to run DMs. Also, Hyperbola contains another services alternatives such as gdm, lightdm, lxdm, sddm and slim to run directly without xdm.
|
|
Any | Feature Request | Medium | Medium | [glusterfs] needs OpenRC init script | Closed | |
Task Description
Contains systemd unit files:
/usr/lib/systemd/
/usr/lib/systemd/system/
/usr/lib/systemd/system/glusterd.service
/usr/lib/systemd/system/glustereventsd.service
/usr/lib/systemd/system/glusterfssharedstorage.service
/usr/lib/tmpfiles.d/
/usr/lib/tmpfiles.d/glusterfs.conf
$ pacman -Si glusterfs
Repository : community
Name : glusterfs
Version : 1:3.10.1-1
Description : Is a cluster file-system capable of scaling to several peta-bytes.
Architecture : x86_64
URL : http://www.gluster.org/
Licenses : GPL2 LGPL3
Groups : None
Provides : None
Depends On : fuse python2 libxml2 libaio liburcu attr which
Optional Deps : rpcbind: NFS
glib2: qemu-block
Conflicts With : None
Replaces : None
Download Size : 3.14 MiB
Installed Size : 14.80 MiB
Packager : Sergej Pupykin <pupykin.s+arch@gmail.com>
Build Date : Fri 07 Apr 2017 06:29:27 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Freedom Issue | Very High | Critical | [luminancehdr] depends on non-free qt5-webengine | Closed | |
Task Description
Please repackage or replace with free software which provides similar functionality such as MacroFusion (which is available in the AUR).
The package cannot be installed. Here is the terminal output:
$ sudo pacman -S luminancehdr
resolving dependencies...
warning: cannot resolve "qt5-webengine", a dependency of "luminancehdr"
:: The following package cannot be upgraded due to unresolvable dependencies:
luminancehdr
:: Do you want to skip the above package for this upgrade? [y/N] y
looking for conflicting packages...
there is nothing to do
|
|
Any | Freedom Issue | Very High | Critical | [bluegriffon] contains support to nonfree "Extended Fea ... | Closed | |
Task Description
BlueGriffon contains support to nonfree “Extended Features”
$ pacman -Qi bluegriffon
Name : bluegriffon
Version : 2.3.1-2
Description : The next-generation Web Editor based on the rendering engine of Firefox
Architecture : x86_64
URL : http://bluegriffon.org/
Licenses : MPL GPL LGPL
Groups : None
Provides : None
Depends On : alsa-lib desktop-file-utils dbus-glib gtk2 gtk3 hunspell mozilla-common nss libevent libvpx libxt python2 startup-notification
Optional Deps : None
Required By : None
Optional For : None
Conflicts With : None
Replaces : None
Installed Size : 120.72 MiB
Packager : Evangelos Foutras <evangelos@foutrelis.com>
Build Date : Tue 25 Apr 2017 12:22:30 PM -03
Install Date : Wed 08 Nov 2017 12:46:24 AM -03
Install Reason : Explicitly installed
Install Script : No
Validated By : Signature
|
|
Any | Feature Request | Medium | Medium | [iperf3] needs OpenRC init script | Closed | |
Task Description
$ pacman -Si iperf3
Repository : community
Name : iperf3
Version : 3.1.7-1
Description : Internet Protocol bandwidth measuring tool
Architecture : x86_64
URL : https://github.com/esnet/iperf
Licenses : BSD
Groups : None
Provides : None
Depends On : glibc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 62.46 KiB
Installed Size : 181.00 KiB
Packager : Timothy Redaelli <timothy.redaelli@gmail.com>
Build Date : Fri 10 Mar 2017 01:06:09 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql iperf3
iperf3 /usr/
iperf3 /usr/bin/
iperf3 /usr/bin/iperf3
iperf3 /usr/include/
iperf3 /usr/include/iperf_api.h
iperf3 /usr/lib/
iperf3 /usr/lib/libiperf.so
iperf3 /usr/lib/libiperf.so.0
iperf3 /usr/lib/libiperf.so.0.0.0
iperf3 /usr/share/
iperf3 /usr/share/licenses/
iperf3 /usr/share/licenses/iperf3/
iperf3 /usr/share/licenses/iperf3/LICENSE
iperf3 /usr/share/man/
iperf3 /usr/share/man/man1/
iperf3 /usr/share/man/man1/iperf3.1.gz
iperf3 /usr/share/man/man3/
iperf3 /usr/share/man/man3/libiperf.3.gz
|
|
Any | Freedom Issue | Medium | Low | [java-rhino] vague terminology "Open Source" in descrip ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/java-rhino 1.7.7.1-1.hyperbola1
Open-source implementation of JavaScript written entirely in Java - JAR
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free-software implementation of JavaScript written entirely in Java - JAR
|
|
Any | Freedom Issue | Medium | Low | [openslp] vague terminology "Open Source" in descriptio ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/openslp 2.0.0-2.hyperbola1
Open-source implementation of Service Location Protocol, with OpenRC support
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free-software implementation of Service Location Protocol, with OpenRC support
|
|
Any | Freedom Issue | Medium | Low | [rhino] vague terminology "Open Source" in description ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/rhino 1.7.7.1-1
Open-source implementation of JavaScript written entirely in Java
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free-software implementation of JavaScript written entirely in Java
|
|
Any | Freedom Issue | Medium | Low | [rhino-javadoc] vague terminology "Open Source" in desc ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/rhino-javadoc 1.7.7.1-1.hyperbola1
Open-source implementation of JavaScript written entirely in Java - Javadoc
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free-software implementation of JavaScript written entirely in Java - Javadoc
|
|
Any | Freedom Issue | Medium | Low | [luminancehdr] vague terminology "Open Source" in descr ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
community/luminancehdr 2.5.0-2
Open source graphical user interface application that aims to provide a workflow for HDR imaging
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free software graphical user interface application that aims to provide a workflow for HDR imaging
|
|
Any | Freedom Issue | Medium | Low | [bogofilter] vague terminology "Commercial" in descript ... | Closed | |
Task Description
This package contains vague terminology “Commercial”:
extra/bogofilter 1.2.4-2.hyperbola2
A fast Bayesian spam filtering tool, without noncommercial files
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Commercial”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Commercial”.
eg.
A fast Bayesian spam filtering tool, without nonfree files
|
|
Any | Privacy Issue | Very High | Critical | [purple-facebook] only useful with Facebook service | Closed | |
|
|
Any | Freedom Issue | Very Low | Low | [iceweasel-no-resource-uri-leak]: using "contents" in d ... | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [linux-atm]: using term "under Linux" in vague sense | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [man-pages]: using term "Linux" | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [net-tools]: using word "Linux" in vague manner | Closed | |
|
|
Any | Freedom Issue | Very Low | Low | [util-linux]: referring to kernel Linux when it should ... | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [cutegram] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [libqtelegram-ae] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telegram-qt] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telegramqml] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-morse] only useful with Telegram service | Closed | |
|
|
Any | Privacy Issue | Very High | Critical | [telepathy-kde-accounts-kcm] recommends Telepathy-Morse ... | Closed | |
|
|
Any | Bug Report | High | Critical | [light-locker] returns error while tries load shared li ... | Closed | |
|
|
Any | Security Issue | Very Low | Low | [gnupg-stable]: shall be upgraded to mitigate risks wit ... | Closed | |
|
|
Any | Security Issue | Very High | High | [gnupg] CVE-2018-12020 | Closed | |
|
|
Any | Bug Report | Medium | Medium | [ppp] Couldn't open the /dev/ppp device: No such file o ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [grub] remove the "placeholder" entry in /etc/grub.d/20 ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] rename "chroot-nspawn" keyword to "chroot+unsh ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [eudev] rename "systemd-nspawn" keyword to "chroot+unsh ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] please remove "mtab", "modules-load" and "swcl ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openrc] use procps-ng's "sysctl" by default instead of ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] set "devfs" init script to run before than any ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] add "newinstance" mount parameter in "devpts" ... | Closed | |
|