Packages

Description:

From official PHP page, our php 7.1 is out of support and security

Our package :
https://www.hyperbola.info/packages/extra/x86_64/php/

PHP page :
https://www.php.net/supported-versions.php

Description:

PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.

Additional info:
* package version(s)

$ pacman -Si php
Repositorio               : extra
Nombre                    : php
Versión                   : 7.1.4-3.hyperbola3
Descripción               : A general-purpose scripting language that is especially suited to web development, without systemd support
Arquitectura              : x86_64
URL                       : http://www.php.net
Licencias                 : PHP
Grupos                    : Nada
Provee                    : php-ldap=7.1.4
Depende de                : libxml2  curl  libzip  pcre
Dependencias opcionales   : Nada
En conflicto con          : php-ldap
Remplaza a                : php-ldap
Tamaño de la descarga     : 3,02 MiB
Tamaño de la instalación  : 15,94 MiB
Encargado                 : André Silva <emulatorman@hyperbola.info>
Fecha de creación         : mié 27 dic 2017 19:15:03 -05
Validado por              : Suma MD5  Suma SHA-256  Firma

* config and/or log files etc.

Last update of php be v7.1.x is v7.1.23:

- https://secure.php.net/ChangeLog-7.php#7.1.23

Patch availabble from v7.1.5
https://bugs.php.net/bug.php?id=74544

Steps to reproduce:

- Install php

$ service php-fpm start
 * service: No such file or directory

$ pacman -Ql php-fpm | less

php-fpm /etc/
php-fpm /etc/init.d/
php-fpm /etc/init.d/php-fpm
php-fpm /etc/php/
php-fpm /etc/php/php-fpm.conf
php-fpm /etc/php/php-fpm.d/
php-fpm /etc/php/php-fpm.d/www.conf
php-fpm /usr/
php-fpm /usr/bin/
php-fpm /usr/bin/php-fpm
php-fpm /usr/lib/
php-fpm /usr/lib/tmpfiles.d/
php-fpm /usr/lib/tmpfiles.d/php-fpm.conf
php-fpm /usr/share/
php-fpm /usr/share/man/
php-fpm /usr/share/man/man8/
php-fpm /usr/share/man/man8/php-fpm.8.gz
php-fpm /usr/share/php/
php-fpm /usr/share/php/fpm/
php-fpm /usr/share/php/fpm/status.html

Possibly the problem is the removal of runscript.
runscript conflicted in [minicom] with [openrc], detailed in https://issues.hyperbola.info/index.php?do=details&task_id=122 and was removed in openrc https://git.hyperbola.info:50100/packages/core.git/tree/openrc/PKGBUILD#n137

Package information

$ pacman -Ql php-fpm
php-fpm /etc/
php-fpm /etc/init.d/
php-fpm /etc/init.d/php-fpm
php-fpm /etc/php/
php-fpm /etc/php/php-fpm.conf
php-fpm /etc/php/php-fpm.d/
php-fpm /etc/php/php-fpm.d/www.conf
php-fpm /usr/
php-fpm /usr/bin/
php-fpm /usr/bin/php-fpm
php-fpm /usr/lib/
php-fpm /usr/lib/tmpfiles.d/
php-fpm /usr/lib/tmpfiles.d/php-fpm.conf
php-fpm /usr/share/
php-fpm /usr/share/man/
php-fpm /usr/share/man/man8/
php-fpm /usr/share/man/man8/php-fpm.8.gz
php-fpm /usr/share/php/
php-fpm /usr/share/php/fpm/
php-fpm /usr/share/php/fpm/status.html

Bug information

$ sudo service php-fpm start
 * Starting PHP FastCGI Process Manager ...
[ERROR] unable to bind listening socket for address '/run/php-fpm/php-fpm.sock': No such file or directory (2)
[ERROR] FPM initialization failed
 * start-stop-daemon: failed to start `/usr/bin/php-fpm'

                                                                                    [ !! ]
 * ERROR: php-fpm failed to start

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si perl-net-ssleay
Repository      : extra
Name            : perl-net-ssleay
Version         : 1.81-1
Description     : Perl extension for using OpenSSL
Architecture    : x86_64
URL             : http://search.cpan.org/dist/Net-SSLeay/
Licenses        : custom:BSD
Groups          : None
Provides        : net-ssleay
Depends On      : openssl  perl>=5.24  perl<5.25
Optional Deps   : None
Conflicts With  : None
Replaces        : net-ssleay
Download Size   : 203.96 KiB
Installed Size  : 744.00 KiB
Packager        : Antonio Rojas <arojas@archlinux.org>
Build Date      : Wed 03 May 2017 02:24:28 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

$ pacman -Si pcsclite
Repository : community
Name : pcsclite
Version : 1.8.20-1.hyperbola1
Description : PC/SC Architecture smartcard middleware library, without systemd support
Architecture : x86_64
URL : https://alioth.debian.org/projects/pcsclite/ Licenses : BSD
Groups : None
Provides : None
Depends On : python2
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 91.46 KiB
Installed Size : 362.00 KiB
Packager : André Silva emulatorman@hyperbola.info Build Date : Tue 29 Aug 2017 03:18:32 PM CEST
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql pcsclite
pcsclite /usr/
pcsclite /usr/bin/
pcsclite /usr/bin/pcsc-spy
pcsclite /usr/bin/pcscd
pcsclite /usr/include/
pcsclite /usr/include/PCSC/
pcsclite /usr/include/PCSC/debuglog.h
pcsclite /usr/include/PCSC/ifdhandler.h
pcsclite /usr/include/PCSC/pcsclite.h
pcsclite /usr/include/PCSC/reader.h
pcsclite /usr/include/PCSC/winscard.h
pcsclite /usr/include/PCSC/wintypes.h
pcsclite /usr/lib/
pcsclite /usr/lib/libpcsclite.so
pcsclite /usr/lib/libpcsclite.so.1
pcsclite /usr/lib/libpcsclite.so.1.0.0
pcsclite /usr/lib/libpcscspy.so
pcsclite /usr/lib/libpcscspy.so.0
pcsclite /usr/lib/libpcscspy.so.0.0.0
pcsclite /usr/lib/pcsc/
pcsclite /usr/lib/pcsc/drivers/
pcsclite /usr/lib/pkgconfig/
pcsclite /usr/lib/pkgconfig/libpcsclite.pc
pcsclite /usr/lib/systemd/
pcsclite /usr/lib/systemd/system/
pcsclite /usr/lib/systemd/system/pcscd.service
pcsclite /usr/lib/systemd/system/pcscd.socket
pcsclite /usr/share/
pcsclite /usr/share/licenses/
pcsclite /usr/share/licenses/pcsclite/
pcsclite /usr/share/licenses/pcsclite/LICENSE
pcsclite /usr/share/man/
pcsclite /usr/share/man/man1/
pcsclite /usr/share/man/man1/pcsc-spy.1.gz
pcsclite /usr/share/man/man5/
pcsclite /usr/share/man/man5/reader.conf.5.gz
pcsclite /usr/share/man/man8/
pcsclite /usr/share/man/man8/pcscd.8.gz

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

pam_unix2 was removed from Debian Jessie because it’s buggy and unmaintained [0]

It’s included inside pam package and should be removed since it doesn’t comes from official source. Also the original upstream FTP directory (ftp://ftp.suse.com/people/kukuk/pam/pam_unix2) has disappeared.

[0]:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628848

$ pacman -Si pam
Repository : core
Name : pam
Version : 1.3.0-1
Description : PAM (Pluggable Authentication Modules) library
Architecture : x86_64
URL : http://linux-pam.org Licenses : GPL2
Groups : None
Provides : None
Depends On : glibc cracklib libtirpc pambase
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 609.71 KiB
Installed Size : 2980.00 KiB
Packager : Tobias Powalowski tpowa@archlinux.org Build Date : Thu 09 Jun 2016 02:44:03 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql pam > pam_fileslist.txt

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

The man page of pacman says:

DESCRIPTION
        Pacman is a package management utility that tracks installed packages on a Linux
        system

And I propose to change “Linux system” to “GNU/Linux system”.

Rebuild package against libressl, since it makedepends on openssl and openssl-1.0.

$ pacman -Si pacman
Repository      : core
Name            : pacman
Version         : 5.0.1-5.hyperbola3
Description     : A library-based package manager with dependency support
Architecture    : x86_64
URL             : http://www.archlinux.org/pacman/
Licenses        : GPL
Groups          : base  base-devel
Provides        : pacman-contrib
Depends On      : bash  glibc  libarchive  curl  gpgme  pacman-mirrorlist  arch-keyring  hyperbola-keyring
Optional Deps   : cron: run specified programs at scheduled times and related tools
Conflicts With  : pacman-contrib
Replaces        : pacman-contrib
Download Size   : 736.71 KiB
Installed Size  : 5055.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Wed 01 Nov 2017 04:27:26 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

$ pacman -Si pacman
Repository : core
Name : pacman
Version : 5.0.1-5.hyperbola2
Description : A library-based package manager with dependency support
Architecture : x86_64
URL : http://www.archlinux.org/pacman/ Licenses : GPL Groups : base base-devel
Provides : pacman-contrib
Depends On : bash glibc libarchive curl gpgme pacman-mirrorlist archlinux-keyring hyperbola-keyring
Optional Deps : cron: run specified programs at scheduled times and related tools
Conflicts With : pacman-contrib
Replaces : pacman-contrib
Download Size : 736.57 KiB
Installed Size : 5055.00 KiB
Packager : André Silva emulatorman@hyperbola.info Build Date : Mon 24 Jul 2017 04:03:17 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql pacman > pacman_fileslist.txt

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

This morning while I was working on my X200, I noticed that my CPU was kept 100% busy for a long time by some process which was obvioulsy eating up the battery life. The culprit was pacman-key, triggered by logrotate.

To stop this, I did ‘chmod -x /etc/cron.daily/pacman-key’ and I rebooted.

Later on, it was impossible to install a new package as it was impossible to get over the step marked as “checking keys in keyring...”

So I tried to do again ‘pacman-key –refresh-keys’: the overall process took more than an hour—behind a fast and robust internet connection. I finally got three lines, saying that about 1,000 keys were updated but I never got the prompt back. So I hit Ctrl-C.

At the time of writing, I am still trying to refresh the keys—a quite desperate attempt, if I may say so.

Although I tagged this report as a “Feature request”, it is in my opinion of quite some importance. I understand very well the absolute necessity to always have the keys updated, but in this particular case, with so many keys and so frequent updates, I begin to wonder if losses are not beginning to prevail over benefits.

Unless I am doing something wrong or missing something I should do?

Any help would be strongly appreciated.

Robert

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

$ pacman -Si packagekit
Repository : community
Name : packagekit
Version : 1.1.5-1
Description : A system designed to make installation and updates of packages easier
Architecture : x86_64
URL : http://www.packagekit.org/ Licenses : GPL Groups : None
Provides : None
Depends On : dbus-glib pacman>=5.0.0 polkit shared-mime-info sqlite
Optional Deps : networkmanager: detect connection status

                bash-completion: command completion in bash

Conflicts With : None
Replaces : None
Download Size : 877.20 KiB
Installed Size : 5758.00 KiB
Packager : Christian Hesse arch@eworm.de Build Date : Tue 17 Jan 2017 09:37:33 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql packagekit > packagekit_fileslist.txt

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .