Packages

Warsow contains a library called steamlib which is built from the source. It’s useful only for Steam support which is nonfree software.

pacman -Si

Dépôt                    : community
Nom                      : create_ap
Version                  : 0.4.6-1
Description              : A shell script to create a NATed/Bridged Software Access Point
Architecture             : any
URL                      : https://github.com/oblique/create_ap
Licences                 : BSD
Groupes                  : --
Fournit                  : --
Dépend de                : bash  hostapd  iproute2  iw  dnsmasq  iptables  util-linux  procps-ng
Dépendances opt.         : haveged: boost low entropy
Est en conflit avec      : --
Remplace                 : --
Taille du téléchargement : 17,61 KiB
Taille installée         : 63,00 KiB
Paqueteur                : NicoHood <nicohood@archlinux.org>
Compilé le               : sam. 11 févr. 2017 10:53:08 CET
Validé par               : Somme MD5  Somme SHA-256  Signature

pacman -Ql

create_ap /etc/
create_ap /etc/create_ap.conf
create_ap /usr/
create_ap /usr/bin/
create_ap /usr/bin/create_ap
create_ap /usr/lib/
create_ap /usr/lib/systemd/
create_ap /usr/lib/systemd/system/
create_ap /usr/lib/systemd/system/create_ap.service
create_ap /usr/share/
create_ap /usr/share/bash-completion/
create_ap /usr/share/bash-completion/completions/
create_ap /usr/share/bash-completion/completions/create_ap
create_ap /usr/share/doc/
create_ap /usr/share/doc/create_ap/
create_ap /usr/share/doc/create_ap/README.md
create_ap /usr/share/licenses/
create_ap /usr/share/licenses/create_ap/
create_ap /usr/share/licenses/create_ap/LICENSE

pacman -Si

Nom                      : iperf
Version                  : 2.0.9-1
Description              : A tool to measure maximum TCP bandwidth
Architecture             : x86_64
URL                      : https://sourceforge.net/projects/iperf2/
Licences                 : custom
Groupes                  : --
Fournit                  : --
Dépend de                : gcc-libs
Dépendances opt.         : --
Requis par               : --
Optionnel pour           : --
Est en conflit avec      : --
Remplace                 : --
Taille installée         : 88,00 KiB
Paqueteur                : Sébastien Luttringer <seblu@seblu.net>
Compilé le               : dim. 09 oct. 2016 14:14:34 CEST
Installé le              : ven. 04 mai 2018 17:13:21 CEST
Motif d’installation     : Explicitement installé
Script d’installation    : Oui
Validé par               : Signature

pacman -Ql

iperf /usr/
iperf /usr/bin/
iperf /usr/bin/iperf
iperf /usr/lib/
iperf /usr/lib/systemd/
iperf /usr/lib/systemd/system/
iperf /usr/lib/systemd/system/iperf-tcp.service
iperf /usr/lib/systemd/system/iperf-udp.service
iperf /usr/share/
iperf /usr/share/licenses/
iperf /usr/share/licenses/iperf/
iperf /usr/share/licenses/iperf/LICENSE
iperf /usr/share/man/
iperf /usr/share/man/man1/
iperf /usr/share/man/man1/iperf.1.gz

pacman -Si

Dépôt                    : community
Nom                      : gammu
Version                  : 1.38.2-1
Description              : GNU All Mobile Management Utilities
Architecture             : x86_64
URL                      : http://wammu.eu/gammu/
Licences                 : GPL
Groupes                  : --
Fournit                  : --
Dépend de                : glib2  bluez-libs  curl  libmariadbclient  postgresql-libs  libusb
                           libgudev
Dépendances opt.         : dialog: support for the gammu-config script
                           python2: for python bindings
Est en conflit avec      : --
Remplace                 : --
Taille du téléchargement : 1167,86 KiB
Taille installée         : 4798,00 KiB
Paqueteur                : Jaroslav Lichtblau <svetlemodry@archlinux.org>
Compilé le               : mar. 11 avril 2017 15:16:32 CEST
Validé par               : Somme MD5  Somme SHA-256  Signature

pacman -Ql gammu | grep /usr/lib/

gammu /usr/lib/
gammu /usr/lib/libGammu.so
gammu /usr/lib/libGammu.so.8
gammu /usr/lib/libGammu.so.8.1.38.2
gammu /usr/lib/libgsmsd.so
gammu /usr/lib/libgsmsd.so.8
gammu /usr/lib/libgsmsd.so.8.1.38.2
gammu /usr/lib/pkgconfig/
gammu /usr/lib/pkgconfig/gammu-smsd.pc
gammu /usr/lib/pkgconfig/gammu.pc
gammu /usr/lib/systemd/
gammu /usr/lib/systemd/system/
gammu /usr/lib/systemd/system/gammu-smsd.service

http://openwall.com/lists/oss-security/2018/04/30/1 http://openwall.com/lists/oss-security/2018/04/30/1 An attacker supplying a crafted CDROM image can read any file (or
device node) on the dom0 filesystem with the permissions of the qemu
devicemodel process. (The virtual CDROM device is read-only, so
no data can be written.)

http://openwall.com/lists/oss-security/2018/04/30/2 A malicious or buggy guest may cause a hypervisor crash, resulting in
a Denial of Service (DoS) affecting the entire host.

http://openwall.com/lists/oss-security/2018/05/11/1 A malicious unprivileged device model can cause a Denial of Service
(DoS) affecting the entire host. Specifically, it may prevent use of a
physical CPU for an indeterminate period of time.

http://openwall.com/lists/oss-security/2018/05/11/2

[critical]
A malicious or buggy HVM guest may cause a hypervisor crash, resulting
in a Denial of Service (DoS) affecting the entire host. Privilege
escalation, or information leaks, cannot be excluded.

Patches provided by upstream.

https://security-tracker.debian.org/tracker/CVE-2018-1088

http://openwall.com/lists/oss-security/2018/04/18/1

https://bugs.debian.org/896128

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Upstream patches: https://review.gluster.org/#/c/19899/1..2

Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2

An external attacker is able to inject arbitrary cookie values cookie jar file,
adding new or replacing existing cookie values.
http://openwall.com/lists/oss-security/2018/05/06/1

Fixed in GNU Wget 1.19.5 or later.

In the File postgresql.install

the output is:

    ==> requires datadir /var/lib/data
    ==> run as user postgres: 'initdb -D /var/lib/data'

when it should be:

    ==> requires datadir /var/lib/postgres/data
    ==> run as user postgres: 'initdb -D /var/lib/postgres/data'

It may be necessary to change:

local datadir = "/var/lib/data"

to

local datadir = "/var/lib/postgres/data"

The comand for default fails:

creating directory /var/lib/data... initdb: could not create directory "/var/lib/data": Permission denied

Uses that require explicit approval
Distributing a modified version of the Rust programming language or the Cargo package manager and calling it Rust or Cargo requires explicit, written permission from the Rust core team. We will usually allow these uses as long as the modifications are (1) relatively small and (2) very clearly communicated to end-users.
Selling t-shirts, hats, and other artwork or merchandise requires explicit, written permission from the Rust core team. We will usually allow these uses as long as (1) it is clearly communicated that the merchandise is not in any way an official part of the Rust project and (2) it is clearly communicated whether profits benefit the Rust project.
Using the Rust trademarks within another trademark requires written permission from the Rust core team except as described above.

Since it violates the freedom to redistribute without “explicit” approval, this is a freedom issue.

The CGManager project has been deprecated in favor of using the kernel’s CGroup Namespace or lxcfs’ simulated cgroupfs.

See https://s3hh.wordpress.com/2016/06/18/whither-cgmanager/ for details.

pm-utils is no longer maintained from a long time . Therefore, it should be removed from repos since Hyperbola contains an amendment about anti-abandonware through its packaging guidelines .

Latest samba has wrong permissions on /etc/conf.d folder, that is 644 whereas it should be 755.

The man page of pacman says:

DESCRIPTION
        Pacman is a package management utility that tracks installed packages on a Linux
        system

And I propose to change “Linux system” to “GNU/Linux system”.

xmind when installed is showing that “this version is not licensed”, so that cannot be right. Even though there is GPL license on Github, that vague information in the software can and is wrongly understood:

Further it is asking for license key to get the “Pro” version.

Thus xmind is pointing to proprietary software.

That means xmind shall be removed from Hyperbola immediately as such as it is now cannot be in the fully free GNU distribution.

x11vnc service has been imported from Gentoo, however it forces use xdm service when it should be optional since there are users don’t like use xdm to run DMs. Also, Hyperbola contains another services alternatives such as gdm, lightdm, lxdm, sddm and slim to run directly without xdm.

Contains systemd unit files:

/usr/lib/systemd/
/usr/lib/systemd/system/
/usr/lib/systemd/system/glusterd.service
/usr/lib/systemd/system/glustereventsd.service
/usr/lib/systemd/system/glusterfssharedstorage.service
/usr/lib/tmpfiles.d/
/usr/lib/tmpfiles.d/glusterfs.conf

$ pacman -Si glusterfs
Repository      : community
Name            : glusterfs
Version         : 1:3.10.1-1
Description     : Is a cluster file-system capable of scaling to several peta-bytes.
Architecture    : x86_64
URL             : http://www.gluster.org/
Licenses        : GPL2  LGPL3
Groups          : None
Provides        : None
Depends On      : fuse  python2  libxml2  libaio  liburcu  attr  which
Optional Deps   : rpcbind: NFS
                  glib2: qemu-block
Conflicts With  : None
Replaces        : None
Download Size   : 3.14 MiB
Installed Size  : 14.80 MiB
Packager        : Sergej Pupykin <pupykin.s+arch@gmail.com>
Build Date      : Fri 07 Apr 2017 06:29:27 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Please repackage or replace with free software which provides similar functionality such as MacroFusion (which is available in the AUR).

The package cannot be installed. Here is the terminal output:

$ sudo pacman -S luminancehdr
resolving dependencies...
warning: cannot resolve "qt5-webengine", a dependency of "luminancehdr"
:: The following package cannot be upgraded due to unresolvable dependencies:
      luminancehdr

:: Do you want to skip the above package for this upgrade? [y/N] y
looking for conflicting packages...
 there is nothing to do

BlueGriffon contains support to nonfree “Extended Features”

$ pacman -Qi bluegriffon
Name            : bluegriffon
Version         : 2.3.1-2
Description     : The next-generation Web Editor based on the rendering engine of Firefox
Architecture    : x86_64
URL             : http://bluegriffon.org/
Licenses        : MPL  GPL  LGPL
Groups          : None
Provides        : None
Depends On      : alsa-lib  desktop-file-utils  dbus-glib  gtk2  gtk3  hunspell  mozilla-common  nss  libevent  libvpx  libxt  python2  startup-notification
Optional Deps   : None
Required By     : None
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 120.72 MiB
Packager        : Evangelos Foutras <evangelos@foutrelis.com>
Build Date      : Tue 25 Apr 2017 12:22:30 PM -03
Install Date    : Wed 08 Nov 2017 12:46:24 AM -03
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

$ pacman -Si iperf3
Repository      : community
Name            : iperf3
Version         : 3.1.7-1
Description     : Internet Protocol bandwidth measuring tool
Architecture    : x86_64
URL             : https://github.com/esnet/iperf
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : glibc
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 62.46 KiB
Installed Size  : 181.00 KiB
Packager        : Timothy Redaelli <timothy.redaelli@gmail.com>
Build Date      : Fri 10 Mar 2017 01:06:09 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

$ pacman -Ql iperf3
iperf3 /usr/
iperf3 /usr/bin/
iperf3 /usr/bin/iperf3
iperf3 /usr/include/
iperf3 /usr/include/iperf_api.h
iperf3 /usr/lib/
iperf3 /usr/lib/libiperf.so
iperf3 /usr/lib/libiperf.so.0
iperf3 /usr/lib/libiperf.so.0.0.0
iperf3 /usr/share/
iperf3 /usr/share/licenses/
iperf3 /usr/share/licenses/iperf3/
iperf3 /usr/share/licenses/iperf3/LICENSE
iperf3 /usr/share/man/
iperf3 /usr/share/man/man1/
iperf3 /usr/share/man/man1/iperf3.1.gz
iperf3 /usr/share/man/man3/
iperf3 /usr/share/man/man3/libiperf.3.gz

This package contains vague terminology “Open Source”:

extra/java-rhino 1.7.7.1-1.hyperbola1
    Open-source implementation of JavaScript written entirely in Java - JAR

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free-software implementation of JavaScript written entirely in Java - JAR

This package contains vague terminology “Open Source”:

extra/openslp 2.0.0-2.hyperbola1
    Open-source implementation of Service Location Protocol, with OpenRC support

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free-software implementation of Service Location Protocol, with OpenRC support

This package contains vague terminology “Open Source”:

extra/rhino 1.7.7.1-1
    Open-source implementation of JavaScript written entirely in Java

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free-software implementation of JavaScript written entirely in Java

This package contains vague terminology “Open Source”:

extra/rhino-javadoc 1.7.7.1-1.hyperbola1
    Open-source implementation of JavaScript written entirely in Java - Javadoc

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free-software implementation of JavaScript written entirely in Java - Javadoc

This package contains vague terminology “Open Source”:

community/luminancehdr 2.5.0-2
    Open source graphical user interface application that aims to provide a workflow for HDR imaging

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free software graphical user interface application that aims to provide a workflow for HDR imaging

This package contains vague terminology “Commercial”:

extra/bogofilter 1.2.4-2.hyperbola2
    A fast Bayesian spam filtering tool, without noncommercial files

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Commercial”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Commercial”.

eg.

A fast Bayesian spam filtering tool, without nonfree files