|
Any | Freedom Issue | Very Low | Low | [bsd-games]: referring to kernel name, instead of opera ... | Closed | |
Task Description
community/bsd-games 2.17-17
Linux port of the collection of BSD command line games
See:
https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Description is referring to operating system, and not to the kernel itself (Linux). It shall be amended.
|
|
Any | Freedom Issue | Very Low | Low | [btchip-udev]: referring to kernel name, instead of ope ... | Closed | |
Task Description
community/btchip-udev 2-1
* Udev rules to connect BTChip wallet to your linux box
See:
https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Description is referring to operating system, and not to the kernel itself (Linux). It shall be amended.
|
|
Any | Feature Request | High | High | [btrfs-progs] adapt package in accordance with the Hype ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Bug Report | Medium | Medium | [btrfs-progs] contains systemd unit files | Closed | |
Task Description
]$ pacman -Si btrfs-progs
Repository : core
Name : btrfs-progs
Version : 4.10.2-1
Description : Btrfs filesystem utilities
Architecture : x86_64
URL : https://btrfs.wiki.kernel.org Licenses : GPL2
Groups : None
Provides : btrfs-progs-unstable
Depends On : glibc libutil-linux e2fsprogs lzo zlib
Optional Deps : None
Conflicts With : btrfs-progs-unstable
Replaces : btrfs-progs-unstable
Download Size : 603.00 KiB
Installed Size : 4022.00 KiB
Packager : Sébastien Luttringer seblu@seblu.net Build Date : Fri 31 Mar 2017 08:20:32 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql btrfs-progs
btrfs-progs /usr/
btrfs-progs /usr/bin/
btrfs-progs /usr/bin/btrfs
btrfs-progs /usr/bin/btrfs-convert
btrfs-progs /usr/bin/btrfs-debug-tree
btrfs-progs /usr/bin/btrfs-find-root
btrfs-progs /usr/bin/btrfs-image
btrfs-progs /usr/bin/btrfs-map-logical
btrfs-progs /usr/bin/btrfs-select-super
btrfs-progs /usr/bin/btrfs-zero-log
btrfs-progs /usr/bin/btrfsck
btrfs-progs /usr/bin/btrfstune
btrfs-progs /usr/bin/fsck.btrfs
btrfs-progs /usr/bin/mkfs.btrfs
btrfs-progs /usr/include/
btrfs-progs /usr/include/btrfs/
btrfs-progs /usr/include/btrfs/btrfs-list.h
btrfs-progs /usr/include/btrfs/btrfsck.h
btrfs-progs /usr/include/btrfs/crc32c.h
btrfs-progs /usr/include/btrfs/ctree.h
btrfs-progs /usr/include/btrfs/extent-cache.h
btrfs-progs /usr/include/btrfs/extent_io.h
btrfs-progs /usr/include/btrfs/ioctl.h
btrfs-progs /usr/include/btrfs/kerncompat.h
btrfs-progs /usr/include/btrfs/list.h
btrfs-progs /usr/include/btrfs/radix-tree.h
btrfs-progs /usr/include/btrfs/rbtree.h
btrfs-progs /usr/include/btrfs/send-stream.h
btrfs-progs /usr/include/btrfs/send-utils.h
btrfs-progs /usr/include/btrfs/send.h
btrfs-progs /usr/include/btrfs/sizes.h
btrfs-progs /usr/include/btrfs/version.h
btrfs-progs /usr/lib/
btrfs-progs /usr/lib/initcpio/
btrfs-progs /usr/lib/initcpio/hooks/
btrfs-progs /usr/lib/initcpio/hooks/btrfs
btrfs-progs /usr/lib/initcpio/install/
btrfs-progs /usr/lib/initcpio/install/btrfs
btrfs-progs /usr/lib/libbtrfs.so
btrfs-progs /usr/lib/libbtrfs.so.0
btrfs-progs /usr/lib/libbtrfs.so.0.1
btrfs-progs /usr/lib/systemd/
btrfs-progs /usr/lib/systemd/system/
btrfs-progs /usr/lib/systemd/system/btrfs-scrub@.service
btrfs-progs /usr/lib/systemd/system/btrfs-scrub@.timer
btrfs-progs /usr/lib/udev/
btrfs-progs /usr/lib/udev/rules.d/
btrfs-progs /usr/lib/udev/rules.d/64-btrfs-dm.rules
btrfs-progs /usr/share/
btrfs-progs /usr/share/bash-completion/
btrfs-progs /usr/share/bash-completion/completions/
btrfs-progs /usr/share/bash-completion/completions/btrfs
btrfs-progs /usr/share/man/
btrfs-progs /usr/share/man/man5/
btrfs-progs /usr/share/man/man5/btrfs.5.gz
btrfs-progs /usr/share/man/man8/
btrfs-progs /usr/share/man/man8/btrfs-balance.8.gz
btrfs-progs /usr/share/man/man8/btrfs-check.8.gz
btrfs-progs /usr/share/man/man8/btrfs-convert.8.gz
btrfs-progs /usr/share/man/man8/btrfs-debug-tree.8.gz
btrfs-progs /usr/share/man/man8/btrfs-device.8.gz
btrfs-progs /usr/share/man/man8/btrfs-filesystem.8.gz
btrfs-progs /usr/share/man/man8/btrfs-find-root.8.gz
btrfs-progs /usr/share/man/man8/btrfs-image.8.gz
btrfs-progs /usr/share/man/man8/btrfs-inspect-internal.8.gz
btrfs-progs /usr/share/man/man8/btrfs-map-logical.8.gz
btrfs-progs /usr/share/man/man8/btrfs-property.8.gz
btrfs-progs /usr/share/man/man8/btrfs-qgroup.8.gz
btrfs-progs /usr/share/man/man8/btrfs-quota.8.gz
btrfs-progs /usr/share/man/man8/btrfs-receive.8.gz
btrfs-progs /usr/share/man/man8/btrfs-replace.8.gz
btrfs-progs /usr/share/man/man8/btrfs-rescue.8.gz
btrfs-progs /usr/share/man/man8/btrfs-restore.8.gz
btrfs-progs /usr/share/man/man8/btrfs-scrub.8.gz
btrfs-progs /usr/share/man/man8/btrfs-select-super.8.gz
btrfs-progs /usr/share/man/man8/btrfs-send.8.gz
btrfs-progs /usr/share/man/man8/btrfs-show-super.8.gz
btrfs-progs /usr/share/man/man8/btrfs-subvolume.8.gz
btrfs-progs /usr/share/man/man8/btrfs-zero-log.8.gz
btrfs-progs /usr/share/man/man8/btrfs.8.gz
btrfs-progs /usr/share/man/man8/btrfsck.8.gz
btrfs-progs /usr/share/man/man8/btrfstune.8.gz
btrfs-progs /usr/share/man/man8/fsck.btrfs.8.gz
btrfs-progs /usr/share/man/man8/mkfs.btrfs.8.gz
|
|
Any | Security Issue | High | High | [busybox] CVE-2017-16544: autocompletion vulnerability | Closed | |
Task Description
Package: https://www.hyperbola.info/packages/community/x86_64/busybox/
https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
Patch: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
|
|
Any | Feature Request | High | High | [bzip2] adapt package in accordance with the Hyperbola ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | Very High | High | [bzr] needs OpenRC init script (bzr serve) | Closed | |
Task Description
Description:
Additional info:
Note: needs a provide: bazaar
Steps to reproduce:
|
|
Any | Replace Request | Defer | Critical | [bzr] replace deprecated GNU Bazaar to Brezy | Closed | |
Task Description
Description:
replace deprecated GNU Bazaar to Brezy for Canis Major
Additional info:
bzr 2.7.0-2
GNU Bazaar will be unmaintained (for now, there are only bug fixes)
GNU Bazaar only supports Python 2.
-
-
-
Note: It needs a provide: bazaar and brezy
Steps to reproduce:
|
|
Any | Freedom Issue | Medium | Low | [bzrtp] vague terminology "Open Source" in description ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
community/bzrtp 1.0.5-1
Opensource implementation of ZRTP keys exchange protocol
According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free software implementation of ZRTP keys exchange protocol
|
|
Any | Feature Request | High | High | [ca-certificates-cacert] adapt package in accordance wi ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [ca-certificates-mozilla] adapt package in accordance w ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [ca-certificates-utils] adapt package in accordance wit ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [ca-certificates] adapt package in accordance with the ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Stable | Update Request | Very Low | Medium | [cantarell-fonts] update package version to 0.111 | Closed | |
Task Description
Prior version 0.0.25 and below are outdated.
Since version 0.100 and later, there are some changes being redesigned from scratch, added three new weights (including extra bold, light and thin) but not italic or oblique styles, AppStream metadata translations from contributors, and more.
See the version history releases for more details: https://gitlab.gnome.org/GNOME/cantarell-fonts/raw/master/NEWS
|
|
Any | Feature Request | High | High | [carl9170-firmware] adapt package in accordance with th ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Freedom Issue | Very High | Critical | [cataclysm-dda] uses CC BY-SA for software | Closed | |
Task Description
Cataclysm-DDA contains a problematic license[0][1][2] for software.
Uses “Creative Commons Attribution-ShareAlike 3.0 Unported License”.
$ pacman -Si cataclysm-dda
Repository : community
Name : cataclysm-dda
Version : 0.C-3
Description : A post-apocalyptic roguelike.
Architecture : x86_64
URL : http://en.cataclysmdda.com/ Licenses : CCPL:by-sa
Groups : None
Provides : None
Depends On : ncurses lua
Optional Deps : sdl2_image: for tiles
sdl2_ttf: for tiles
freetype2: for tiles
sdl2_mixer: for tiles
Conflicts With : None
Replaces : None
Download Size : 19.33 MiB
Installed Size : 53.32 MiB
Packager : Felix Yan felixonmars@archlinux.org Build Date : Mon 07 Dec 2015 03:14:02 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://github.com/CleverRaven/Cataclysm-DDA/blob/master/LICENSE.txt [1]:https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software [2]:https://www.gnu.org/licenses/license-list.html#ccbysa
|
|
Any | Bug Report | Medium | High | [cdemu-daemon] Malfunctioning service | Closed | |
Task Description
The daemon is not working and the following error-message occurs when trying to starting up:
cdemu: Daemon: D-Bus: failed to get proxy for 'org.freedesktop.DBus' on session bus: Cannot autolaunch D-Bus without X11 $DISPLAY!
Daemon initialization and start failed!
|
|
Any | Bug Report | Medium | Medium | [cdemu-daemon] error: failed to prepare transaction (co ... | Closed | |
Task Description
cdemu-daemon requires a specific version of vhba-module. Since we are using vhba-module-lts with vhba-module in provides array but without a specific version, it generates the issue. Removing that specific version solves it.
# pacman -S cdemu-daemon
resolving dependencies...
warning: cannot resolve "vhba-module>=20140629", a dependency of "cdemu-daemon"
:: The following package cannot be upgraded due to unresolvable dependencies:
cdemu-daemon
:: Do you want to skip the above package for this upgrade? [y/N]
error: failed to prepare transaction (could not satisfy dependencies)
:: cdemu-daemon: requires vhba-module>=20140629
|
|
Any | Privacy Issue | Very Low | Medium | [certbot-dns-luadns] LuaDNS service depends in non-free ... | Closed | |
Task Description
According to their documentation:
In order to use LuaDNS service you’ll need a LuaDNS account and a Git repository.
Sign up for a free LuaDNS account here: https://api.luadns.com/signup
Currently we are supporting the following Git hosting services: > GitHub > Bitbucket
GitHub, as everybody knows, was acquired by Microsoft last year (2018)
https://news.microsoft.com/2018/06/04/microsoft-to-acquire-github-for-7-5-billion/
And Bitbucket, like GitHub, is a centralized non-free git service.
There are other packages made for GitHub which haven’t been removed, but as you were deleting the certbot-dns-* packages that depended on a US-based DNS provider company, I thought you may wanted to know this.
|
|
Any | Update Request | Very High | Critical | [certbot] update package to support ACMEv2 and Wildcard | Closed | |
Task Description
Since certbot v0.22.0[0] there’s support for ACMEv2 and Wildcard. This is an important update since wildcard SSL certificates can make server security and maintaince easier by supporting all subdomains of a base domain.
Debian Stretch (stable) uses certbot 0.10.2 but there’s 0.23.0 in stretch-backports repository[1]. So I’d like to request an update or a backport of certbot and its dependencies.
These are the actual packages versions from Hyperbola and Arch:
certbot (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
python-acme (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
python-configargparse (0.12.0-1) / Hyperbola version ⇒ (0.11.0-2) [=]
python-parsedatetime (2.4-1) / Hyperbola version ⇒ (2.3-1) [x]
python-pbr (4.0.2-1) / Hyperbola version ⇒ (3.0.0-1) [<]
python-pytz (2018.4-1) / Hyperbola version ⇒ (2017.2-1) [<]
python-zope-component (4.4.1-1) / Hyperbola version ⇒ (4.3.0-2) [=]
python-zope-event (4.3.0-1) / Hyperbola version ⇒ (4.2.0-2) [=]
NOTE: packages marked with an “[x]” means that the pkg has Debian Stretch backports of the proposed updated version. The “[=]” means that Debian has no backports but uses the same version of the pkg as Hyperbola. The [<] means the Debian Version lower than Hyperbola’s Version.
The packages that may get the update should be only the ones marked with an [x], if we follow the Debian Stretch devel. If certbot gets the update, then the following Arch packages need to be added for obtaining wildcard certificates throught the DNS challenge:
certbot-dns-cloudflare
certbot-dns-cloudxns
certbot-dns-digitalocean
certbot-dns-dnsimple
certbot-dns-dnsmadeeasy
certbot-dns-luadns
certbot-dns-nsone
certbot-dns-rfc2136
certbot-dns-route53
I ommited certbot-dns-google since it’s not compatible with the Hyperbola Packaging Guidelines.
[0] https://community.letsencrypt.org/t/certbot-0-22-0-release-with-acmev2-and-wildcard-support/55061
[1] https://packages.debian.org/search?keywords=certbot
|
|
Any | Security Issue | High | High | [certbot] version 0.23 is not giving the option to keep ... | Closed | |
Task Description
Description:
Common use case is to have a reverse proxy managing the certificates from let’s encrypt.
If a backend server (behind the reverse proxy) needs to use SSL certificates, this requires to use certbot on the reverse proxy, generate the certificate and to move private key from the reverse proxy to the backend server.
There is another way: sharing NFS drive between servers but this breaks all the security best practices!
Today the “best” way is to SCP the private keys from a the reverse proxy to the backend server, this is not the best way and this needs to be repeated every 3 months before let’s encrypt certificate expires, moving the private key is not a best practice either.
version 0.24 brings a new function --reuse-key to reuse the same private key to renew the certificate, so this private key can stay to the backend server and no need to copy the new private key from the reverse proxy to the backend server because it was not changed during the renew.
|
|
Any | Feature Request | High | High | [cgit] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si cgit
Repository : community
Name : cgit
Version : 1.1-2
Description : A web interface for git written in plain C
Architecture : x86_64
URL : http://git.zx2c4.com/cgit/
Licenses : GPL2
Groups : None
Provides : None
Depends On : openssl luajit
Optional Deps : python-pygments: syntax highlighting support
python-markdown: about page formated with markdown
mime-types: serve file with correct content-type header
Conflicts With : None
Replaces : None
Download Size : 471.36 KiB
Installed Size : 1172.00 KiB
Packager : Sergej Pupykin <pupykin.s+arch@gmail.com>
Build Date : Fri 17 Feb 2017 02:29:44 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Drop Request | Very High | Critical | [cgmanager] unmaintained and unsupportable | Closed | |
Task Description
The CGManager project has been deprecated in favor of using the kernel’s CGroup Namespace or lxcfs’ simulated cgroupfs.
See https://s3hh.wordpress.com/2016/06/18/whither-cgmanager/ for details.
|
|
Any | Implementation Request | Very Low | Medium | [chdkptp] please add package to control Canon cameras | Closed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.
|
|
Any | Implementation Request | Very Low | Low | [chdkptp] please add package to repos | Closed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.
|
|
Any | Freedom Issue | Very Low | Low | [checksec]: referring to kernel name, instead of operat ... | Closed | |
|
|
Any | Feature Request | High | High | [chntpw] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | Medium | Medium | [chrony] needs OpenRC init script | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [cimg] vague terminology "Open Source" in description o ... | Closed | |
|
|
Any | Security Issue | Medium | Medium | [cinepaint] unmaintained and unsupportable | Closed | |
|
|
Any | Feature Request | Medium | Low | [cinnamon] add elogind support | Closed | |
|
|
Any | Freedom Issue | Very Low | Low | [cinnamon]: referring to kernel name, instead of operat ... | Closed | |
|
|
Any | Feature Request | High | High | [cis-tools] adapt package in accordance with the Hyperb ... | Closed | |
|
|
Any | Bug Report | Very Low | Medium | [clamtk] Gtk-WARNING **: Impossible to find the theme e ... | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [clamtk] vague terminology "Linux" in description of pa ... | Closed | |
|
|
Any | Freedom Issue | Very Low | Low | [clamtk]: referring to kernel name, instead of operatin ... | Closed | |
|
|
Any | Freedom Issue | Very Low | Low | [classpath] meantioning "replacement to proprietary cod ... | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [clementine] using non-free services and interfaces | Closed | |
|
|
Any | Freedom Issue | Very High | Critical | [cmake-fedora] useful only for non-FSDG distros | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [cmake] vague terminology "Open Source" in description ... | Closed | |
|
|
Any | Implementation Request | Low | Low | [codecrypt] add new package | Closed | |
|
|
Stable | Implementation Request | Very Low | Low | [codelite] Adding new package | Closed | |
|
|
Any | Bug Report | Medium | Medium | [colord] contains systemd unit files | Closed | |
|
|
Any | Freedom Issue | Very Low | Critical | [conky] Some serious issues | Closed | |
|
|
Stable | Freedom Issue | Very High | Critical | [cool-retro-term] update package to 1.0.1 and remove no ... | Closed | |
|
|
Any | Feature Request | High | High | [coreutils] adapt package in accordance with the Hyperb ... | Closed | |
|
|
Any | Feature Request | High | High | [coreutils] rebuild package against libressl | Closed | |
|
|
Any | Implementation Request | Very High | Medium | [coturn] add new package | Closed | |
|
|
Any | Feature Request | High | High | [couchdb] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [cowpatty] rebuild package against libressl | Closed | |
|
