|
Any | Update Request | Medium | High | [php] is out of date/support | Closed | |
Task Description
Description:
From official PHP page, our php 7.1 is out of support and security
Our package : https://www.hyperbola.info/packages/extra/x86_64/php/
PHP page : https://www.php.net/supported-versions.php
|
|
Any | Security Issue | Very High | Critical | [php] CVE-2017-9120 | Closed | |
Task Description
Description:
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
Additional info: * package version(s)
$ pacman -Si php
Repositorio : extra
Nombre : php
Versión : 7.1.4-3.hyperbola3
Descripción : A general-purpose scripting language that is especially suited to web development, without systemd support
Arquitectura : x86_64
URL : http://www.php.net
Licencias : PHP
Grupos : Nada
Provee : php-ldap=7.1.4
Depende de : libxml2 curl libzip pcre
Dependencias opcionales : Nada
En conflicto con : php-ldap
Remplaza a : php-ldap
Tamaño de la descarga : 3,02 MiB
Tamaño de la instalación : 15,94 MiB
Encargado : André Silva <emulatorman@hyperbola.info>
Fecha de creación : mié 27 dic 2017 19:15:03 -05
Validado por : Suma MD5 Suma SHA-256 Firma
* config and/or log files etc.
Last update of php be v7.1.x is v7.1.23:
- https://secure.php.net/ChangeLog-7.php#7.1.23
Patch availabble from v7.1.5 https://bugs.php.net/bug.php?id=74544
Steps to reproduce:
- Install php
|
|
Stable | Bug Report | High | High | [php-fpm] service: No such file or directory | Closed | |
Task Description
$ service php-fpm start
* service: No such file or directory
$ pacman -Ql php-fpm | less
php-fpm /etc/
php-fpm /etc/init.d/
php-fpm /etc/init.d/php-fpm
php-fpm /etc/php/
php-fpm /etc/php/php-fpm.conf
php-fpm /etc/php/php-fpm.d/
php-fpm /etc/php/php-fpm.d/www.conf
php-fpm /usr/
php-fpm /usr/bin/
php-fpm /usr/bin/php-fpm
php-fpm /usr/lib/
php-fpm /usr/lib/tmpfiles.d/
php-fpm /usr/lib/tmpfiles.d/php-fpm.conf
php-fpm /usr/share/
php-fpm /usr/share/man/
php-fpm /usr/share/man/man8/
php-fpm /usr/share/man/man8/php-fpm.8.gz
php-fpm /usr/share/php/
php-fpm /usr/share/php/fpm/
php-fpm /usr/share/php/fpm/status.html
Possibly the problem is the removal of runscript. runscript conflicted in [minicom] with [openrc], detailed in https://issues.hyperbola.info/index.php?do=details&task_id=122 and was removed in openrc https://git.hyperbola.info:50100/packages/core.git/tree/openrc/PKGBUILD#n137
|
|
Any | Bug Report | Low | High | [php-fpm] service fails to start | Closed | |
Task Description
Package information
$ pacman -Ql php-fpm
php-fpm /etc/
php-fpm /etc/init.d/
php-fpm /etc/init.d/php-fpm
php-fpm /etc/php/
php-fpm /etc/php/php-fpm.conf
php-fpm /etc/php/php-fpm.d/
php-fpm /etc/php/php-fpm.d/www.conf
php-fpm /usr/
php-fpm /usr/bin/
php-fpm /usr/bin/php-fpm
php-fpm /usr/lib/
php-fpm /usr/lib/tmpfiles.d/
php-fpm /usr/lib/tmpfiles.d/php-fpm.conf
php-fpm /usr/share/
php-fpm /usr/share/man/
php-fpm /usr/share/man/man8/
php-fpm /usr/share/man/man8/php-fpm.8.gz
php-fpm /usr/share/php/
php-fpm /usr/share/php/fpm/
php-fpm /usr/share/php/fpm/status.html
Bug information
$ sudo service php-fpm start
* Starting PHP FastCGI Process Manager ...
[ERROR] unable to bind listening socket for address '/run/php-fpm/php-fpm.sock': No such file or directory (2)
[ERROR] FPM initialization failed
* start-stop-daemon: failed to start `/usr/bin/php-fpm'
[ !! ]
* ERROR: php-fpm failed to start
|
|
Any | Feature Request | High | High | [perl] adapt package in accordance with the Hyperbola P ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [perl-net-ssleay] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si perl-net-ssleay
Repository : extra
Name : perl-net-ssleay
Version : 1.81-1
Description : Perl extension for using OpenSSL
Architecture : x86_64
URL : http://search.cpan.org/dist/Net-SSLeay/
Licenses : custom:BSD
Groups : None
Provides : net-ssleay
Depends On : openssl perl>=5.24 perl<5.25
Optional Deps : None
Conflicts With : None
Replaces : net-ssleay
Download Size : 203.96 KiB
Installed Size : 744.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Wed 03 May 2017 02:24:28 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | Medium | Medium | [pcsclite] needs OpenRC init script | Closed | |
Task Description
$ pacman -Si pcsclite Repository : community Name : pcsclite Version : 1.8.20-1.hyperbola1 Description : PC/SC Architecture smartcard middleware library, without systemd support Architecture : x86_64 URL : https://alioth.debian.org/projects/pcsclite/ Licenses : BSD Groups : None Provides : None Depends On : python2 Optional Deps : None Conflicts With : None Replaces : None Download Size : 91.46 KiB Installed Size : 362.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Tue 29 Aug 2017 03:18:32 PM CEST Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql pcsclite pcsclite /usr/ pcsclite /usr/bin/ pcsclite /usr/bin/pcsc-spy pcsclite /usr/bin/pcscd pcsclite /usr/include/ pcsclite /usr/include/PCSC/ pcsclite /usr/include/PCSC/debuglog.h pcsclite /usr/include/PCSC/ifdhandler.h pcsclite /usr/include/PCSC/pcsclite.h pcsclite /usr/include/PCSC/reader.h pcsclite /usr/include/PCSC/winscard.h pcsclite /usr/include/PCSC/wintypes.h pcsclite /usr/lib/ pcsclite /usr/lib/libpcsclite.so pcsclite /usr/lib/libpcsclite.so.1 pcsclite /usr/lib/libpcsclite.so.1.0.0 pcsclite /usr/lib/libpcscspy.so pcsclite /usr/lib/libpcscspy.so.0 pcsclite /usr/lib/libpcscspy.so.0.0.0 pcsclite /usr/lib/pcsc/ pcsclite /usr/lib/pcsc/drivers/ pcsclite /usr/lib/pkgconfig/ pcsclite /usr/lib/pkgconfig/libpcsclite.pc pcsclite /usr/lib/systemd/ pcsclite /usr/lib/systemd/system/ pcsclite /usr/lib/systemd/system/pcscd.service pcsclite /usr/lib/systemd/system/pcscd.socket pcsclite /usr/share/ pcsclite /usr/share/licenses/ pcsclite /usr/share/licenses/pcsclite/ pcsclite /usr/share/licenses/pcsclite/LICENSE pcsclite /usr/share/man/ pcsclite /usr/share/man/man1/ pcsclite /usr/share/man/man1/pcsc-spy.1.gz pcsclite /usr/share/man/man5/ pcsclite /usr/share/man/man5/reader.conf.5.gz pcsclite /usr/share/man/man8/ pcsclite /usr/share/man/man8/pcscd.8.gz
|
|
Any | Feature Request | High | High | [pcre] adapt package in accordance with the Hyperbola P ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [pcnet-cs-firmware] adapt package in accordance with th ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [pcmciautils] adapt package in accordance with the Hype ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [pciutils] adapt package in accordance with the Hyperbo ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [patch] adapt package in accordance with the Hyperbola ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [pambase] adapt package in accordance with the Hyperbol ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Security Issue | Very High | Critical | [pam] pam_unix2 is orphaned and dead upstream | Closed | |
Task Description
pam_unix2 was removed from Debian Jessie because it’s buggy and unmaintained [0]
It’s included inside pam package and should be removed since it doesn’t comes from official source. Also the original upstream FTP directory (ftp://ftp.suse.com/people/kukuk/pam/pam_unix2) has disappeared.
[0]:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628848
$ pacman -Si pam Repository : core Name : pam Version : 1.3.0-1 Description : PAM (Pluggable Authentication Modules) library Architecture : x86_64 URL : http://linux-pam.org Licenses : GPL2 Groups : None Provides : None Depends On : glibc cracklib libtirpc pambase Optional Deps : None Conflicts With : None Replaces : None Download Size : 609.71 KiB Installed Size : 2980.00 KiB Packager : Tobias Powalowski tpowa@archlinux.org Build Date : Thu 09 Jun 2016 02:44:03 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql pam > pam_fileslist.txt
|
|
Any | Feature Request | High | High | [pam] adapt package in accordance with the Hyperbola Pa ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Freedom Issue | Very High | Critical | [pacman] uses "Linux" term instead of "GNU/Linux" in it ... | Closed | |
Task Description
The man page of pacman says:
DESCRIPTION
Pacman is a package management utility that tracks installed packages on a Linux
system
And I propose to change “Linux system” to “GNU/Linux system”.
|
|
Any | Feature Request | High | High | [pacman] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it makedepends on openssl and openssl-1.0.
$ pacman -Si pacman
Repository : core
Name : pacman
Version : 5.0.1-5.hyperbola3
Description : A library-based package manager with dependency support
Architecture : x86_64
URL : http://www.archlinux.org/pacman/
Licenses : GPL
Groups : base base-devel
Provides : pacman-contrib
Depends On : bash glibc libarchive curl gpgme pacman-mirrorlist arch-keyring hyperbola-keyring
Optional Deps : cron: run specified programs at scheduled times and related tools
Conflicts With : pacman-contrib
Replaces : pacman-contrib
Download Size : 736.71 KiB
Installed Size : 5055.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Wed 01 Nov 2017 04:27:26 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Testing | Feature Request | Medium | Medium | [pacman] add cron job support | Closed | |
Task Description
$ pacman -Si pacman Repository : core Name : pacman Version : 5.0.1-5.hyperbola2 Description : A library-based package manager with dependency support Architecture : x86_64 URL : http://www.archlinux.org/pacman/ Licenses : GPL Groups : base base-devel Provides : pacman-contrib Depends On : bash glibc libarchive curl gpgme pacman-mirrorlist archlinux-keyring hyperbola-keyring Optional Deps : cron: run specified programs at scheduled times and related tools Conflicts With : pacman-contrib Replaces : pacman-contrib Download Size : 736.57 KiB Installed Size : 5055.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Mon 24 Jul 2017 04:03:17 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql pacman > pacman_fileslist.txt
|
|
Any | Feature Request | High | High | [pacman] adapt package in accordance with the Hyperbola ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [pacman-mirrorlist] adapt package in accordance with th ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | Critical | [pacman-key][cronie][fcron] eating up hardware resource ... | Closed | |
Task Description
This morning while I was working on my X200, I noticed that my CPU was kept 100% busy for a long time by some process which was obvioulsy eating up the battery life. The culprit was pacman-key, triggered by logrotate.
To stop this, I did ‘chmod -x /etc/cron.daily/pacman-key’ and I rebooted.
Later on, it was impossible to install a new package as it was impossible to get over the step marked as “checking keys in keyring...”
So I tried to do again ‘pacman-key –refresh-keys’: the overall process took more than an hour—behind a fast and robust internet connection. I finally got three lines, saying that about 1,000 keys were updated but I never got the prompt back. So I hit Ctrl-C.
At the time of writing, I am still trying to refresh the keys—a quite desperate attempt, if I may say so.
Although I tagged this report as a “Feature request”, it is in my opinion of quite some importance. I understand very well the absolute necessity to always have the keys updated, but in this particular case, with so many keys and so frequent updates, I begin to wonder if losses are not beginning to prevail over benefits.
Unless I am doing something wrong or missing something I should do?
Any help would be strongly appreciated.
Robert
|
|
Any | Feature Request | High | High | [pacman-debug] adapt package in accordance with the Hyp ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | Medium | Medium | [packagekit] needs OpenRC init scripts | Closed | |
Task Description
$ pacman -Si packagekit Repository : community Name : packagekit Version : 1.1.5-1 Description : A system designed to make installation and updates of packages easier Architecture : x86_64 URL : http://www.packagekit.org/ Licenses : GPL Groups : None Provides : None Depends On : dbus-glib pacman>=5.0.0 polkit shared-mime-info sqlite Optional Deps : networkmanager: detect connection status
bash-completion: command completion in bash
Conflicts With : None Replaces : None Download Size : 877.20 KiB Installed Size : 5758.00 KiB Packager : Christian Hesse arch@eworm.de Build Date : Tue 17 Jan 2017 09:37:33 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql packagekit > packagekit_fileslist.txt
|
|
Any | Feature Request | High | High | [p11-kit] adapt package in accordance with the Hyperbol ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [ostree] adapt package in accordance with the Hyperbola ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Stable | Feature Request | Medium | Medium | [openvswitch] needs OpenRC init script | Closed | |
|
|
Any | Bug Report | Low | Critical | [openvswitch-lts] netifrc fails to start openvwitch int ... | Closed | |
|
|
Any | Feature Request | High | High | [openvpn] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [openvpn] adapt package in accordance with the Hyperbol ... | Closed | |
|
|
Any | Feature Request | Medium | Medium | [openvas-scanner] needs OpenRC init script | Closed | |
|
|
Any | Feature Request | High | High | [openssh] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [openssh] adapt package in accordance with the Hyperbol ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openssh] CVE-2018-15473 | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [openslp] vague terminology "Open Source" in descriptio ... | Closed | |
|
|
Any | Feature Request | High | High | [openslp] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [openresolv] adapt package in accordance with the Hyper ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openrc] use procps-ng's "sysctl" by default instead of ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] some init scripts are forced to load in certai ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] set "devfs" init script to run before than any ... | Closed | |
|
|
Any | Feature Request | Low | Very Low | [openrc] services should be added to runlevels through ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] run "sysctl" initscript after "net" initscript | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] rename "procfs" init script to "binfmt_misc", ... | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] rename "chroot-nspawn" keyword to "chroot+unsh ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [openrc] remove dangerous "local" init script | Closed | |
|
|
Any | Feature Request | Very High | Critical | [openrc] please remove "mtab", "modules-load" and "swcl ... | Closed | |
|
|
Any | Bug Report | Very High | High | [openrc] needs a minor fix | Closed | |
|
|
Any | Feature Request | Very High | High | [openrc] minor fix in /proc mount option | Closed | |
|
|
Any | Bug Report | Very High | Critical | [openrc] fix "chroot" initscript | Closed | |
|
|
Any | Bug Report | Very Low | Low | [openrc] agetty.tty loads in default runlevel only and ... | Closed | |
|