Packages

Category Task Type  desc Priority Severity Summary Status Progress
AnyUpdate RequestVery HighCritical [certbot] update package to support ACMEv2 and Wildcard Closed
100%
Task Description

Since certbot v0.22.0[0] there’s support for ACMEv2 and Wildcard. This is an important update since wildcard SSL certificates can make server security and maintaince easier by supporting all subdomains of a base domain.

Debian Stretch (stable) uses certbot 0.10.2 but there’s 0.23.0 in stretch-backports repository[1]. So I’d like to request an update or a backport of certbot and its dependencies.

These are the actual packages versions from Hyperbola and Arch:

  • certbot (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
  • python-acme (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
  • python-configargparse (0.12.0-1) / Hyperbola version ⇒ (0.11.0-2) [=]
  • python-parsedatetime (2.4-1) / Hyperbola version ⇒ (2.3-1) [x]
  • python-pbr (4.0.2-1) / Hyperbola version ⇒ (3.0.0-1) [<]
  • python-pytz (2018.4-1) / Hyperbola version ⇒ (2017.2-1) [<]
  • python-zope-component (4.4.1-1) / Hyperbola version ⇒ (4.3.0-2) [=]
  • python-zope-event (4.3.0-1) / Hyperbola version ⇒ (4.2.0-2) [=]

NOTE: packages marked with an “[x]” means that the pkg has Debian Stretch backports of the proposed updated version. The “[=]” means that Debian has no backports but uses the same version of the pkg as Hyperbola. The [<] means the Debian Version lower than Hyperbola’s Version.

The packages that may get the update should be only the ones marked with an [x], if we follow the Debian Stretch devel. If certbot gets the update, then the following Arch packages need to be added for obtaining wildcard certificates throught the DNS challenge:

  • certbot-dns-cloudflare
  • certbot-dns-cloudxns
  • certbot-dns-digitalocean
  • certbot-dns-dnsimple
  • certbot-dns-dnsmadeeasy
  • certbot-dns-luadns
  • certbot-dns-nsone
  • certbot-dns-rfc2136
  • certbot-dns-route53

I ommited certbot-dns-google since it’s not compatible with the Hyperbola Packaging Guidelines.

[0] https://community.letsencrypt.org/t/certbot-0-22-0-release-with-acmev2-and-wildcard-support/55061
[1] https://packages.debian.org/search?keywords=certbot

StableUpdate RequestHighCritical [system-config-printer] update to 1.5.11 Closed
100%
Task Description

Description:

this release is mostly bugfix, updated translations, removed some deprecated parts in code (abandoning libgnome-keyring and starting using libsecret) and in UI and added Till’s patches from Ubuntu (Thank you, Till!).

Additional info:
* package version(s)

# pacman -Si system-config-printer
Repositorio               : extra
Nombre                    : system-config-printer
Versión                   : 1.5.9-2
Descripción               : A CUPS printer configuration tool and status applet
Arquitectura              : x86_64
URL                       : https://github.com/zdohnal/system-config-printer
Licencias                 : GPL
Grupos                    : Nada
Provee                    : Nada
Depende de                : python-pycups  python-dbus  python-pycurl  libnotify  python-requests  python-gobject  gtk3  python-cairo
Dependencias opcionales   : python-pysmbc: SMB browser support
                            python-packagekit: to install drivers with PackageKit
                            cups-pk-helper: PolicyKit helper to configure cups with fine-grained privileges
En conflicto con          : Nada
Remplaza a                : Nada
Tamaño de la descarga     : 908,59 KiB
Tamaño de la instalación  : 7159,00 KiB
Encargado                 : Andreas Radke <andyrtr@archlinux.org>
Fecha de creación         : vie 27 ene 2017 04:18:24 -03
Validado por              : Suma MD5  Suma SHA-256  Firma

* config and/or log files etc.

Steps to reproduce:

StableUpdate RequestVery LowCritical [qt5] request for upgrade Closed
100%
Task Description

I know that upgrading Qt is not a trivial task, but would it be possible to do this anyway? Qt 5.8 has issues that other versions do not have. See for example the discussion here about Projecteur, a very useful tool. Hyperbola seems to be the only Linux distribution unable to run it, just because of Qt 5.8:

https://github.com/jahnf/Projecteur/issues/26

StableUpdate RequestHighHigh [qt5] upgrade Qt project to the 5.6 LTS version, requir ...Closed
100%
Task Description

Cannot mix incompatible Qt library (version 0×50800) with this library (version 0×50904)
Aborted

./Nextcloud-2.3.3-x86_64.AppImage: /usr/lib/libQt5Core.so.5: version `Qt_5.9’ not found (required by /tmp/.mount_NextclpprMnG/usr/bin/../lib/libqt5keychain.so.1

These two packages are directly affected by an older qt5...

Could you update all the qt packages to the LTS version available?

AnyUpdate RequestMediumHigh Make Knock patch for Linux-libre 4.14 LTS Closed
100%
Task Description

The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x

However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x

This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.

Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases

AnyUpdate RequestVery HighHigh [babl] update package to v0.1.50 Closed
100%
Task Description

Description:

update package to v0.1.50 version
Note: Update [gegl] or Backport [gegl] and [gimp]
      https://issues.hyperbola.info/index.php?do=details&task_id=1052
      https://issues.hyperbola.info/index.php?do=details&task_id=1053
      https://issues.hyperbola.info/index.php?do=details&task_id=1054

Additional info:

babl 0.1.38-1.hyperbola1
$ pacman -Si babl
Repository      : extra
Name            : babl
Version         : 0.1.38-1.hyperbola1
Description     : Dynamic, any to any, pixel format conversion library
Architecture    : x86_64
URL             : http://gegl.org/babl/
Licenses        : LGPL3
Groups          : None
Provides        : None
Depends On      : glibc
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 237.72 KiB
Installed Size  : 734.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sun 31 Dec 2017 05:31:32 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

none
AnyUpdate RequestVery HighHigh [gegl] update package to 0.3.34 Closed
100%
Task Description

Description:

Update package to 0.3.34 version
Note: Update package to 0.3.34 version
      or update package to 0.4.2 backport and GIMP 2.10.2 backport
      Update [babl] package
      https://issues.hyperbola.info/index.php?do=details&task_id=1051
      https://issues.hyperbola.info/index.php?do=details&task_id=1053
      https://issues.hyperbola.info/index.php?do=details&task_id=1054

Additional info:

gegl 0.3.26-2.hyperbola1
$ pacman -Si gegl
Repository      : extra
Name            : gegl
Version         : 0.3.26-2.hyperbola1
Description     : Graph based image processing framework
Architecture    : x86_64
URL             : http://www.gegl.org/
Licenses        : GPL3  LGPL3
Groups          : None
Provides        : None
Depends On      : babl  libspiro  json-glib
Optional Deps   : libraw: raw plugin
                  openexr: openexr plugin
                  ffmpeg: ffmpeg plugin
                  suitesparse: matting-levin plugin
                  librsvg: svg plugin
                  jasper: jasper plugin
                  libtiff: tiff plugin
                  lua: lua plugin
                  lensfun: lens-correct plugin
Conflicts With  : gegl02
Replaces        : gegl02
Download Size   : 1347.15 KiB
Installed Size  : 6823.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sun 31 Dec 2017 05:37:41 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

none
AnyUpdate RequestVery HighHigh [krita] update to 3.1.4 version Closed
100%
Task Description

Description:

Update to 3.1.4 version

Additional info:

krita 3.1.3
$ pacman -Qi krita
Name            : krita
Version         : 3.1.3-1
Description     : Edit and paint images
Architecture    : x86_64
URL             : http://krita.org
Licenses        : LGPL
Groups          : None
Provides        : None
Depends On      : kio  kitemmodels  gsl  libraw  exiv2  openexr  fftw  curl  boost-libs  hicolor-icon-theme
Optional Deps   : poppler-qt5: PDF filter [installed]
                  ffmpeg: to save animations [installed]
                  opencolorio: for the LUT docker [installed]
Required By     : None
Optional For    : None
Conflicts With  : calligra-krita  krita-l10n
Replaces        : calligra-krita  krita-l10n
Installed Size  : 112.43 MiB
Packager        : Antonio Rojas <arojas@archlinux.org>
Build Date      : Fri 28 Apr 2017 07:57:59 AM -03
Install Date    : Tue 12 Sep 2017 03:28:32 AM -03
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

Steps to reproduce:
contains some bugs

AnyUpdate RequestVery LowHigh ufw update/ufw bug Closed
100%
Task Description

There appears to be a bug with the current version of ufw, 0.35-2

Dunno if updating it would fix it, but it is kind of annoying and possibly security issue.

it says ufw is inactive when I reboot despite it being installed in the runlevel.

AnyUpdate RequestVery LowHigh [proj]: please update to latest version Closed
100%
Task Description

Description:

https://proj4.org/index.html

This package have valuable geodetic applications, and I intend to present Hyperbola GNU/Linux-libre soon in universities and schools in East Africa.

The coordinate system there is not WGS84 and this package only in new version is providing the conversion from East African geographic coordinates to WGS84, and will be very usable in many industrial and private applications.

AnyUpdate RequestVery LowHigh [php] update to old stable PHP 7.1.32 Closed
100%
Task Description

Description:

Version 7.1.32

29 Aug 2019

mbstring:
* Fixed CVE-2019-13224 (don’t allow different encodings for onig_new_deluxe) (stas)
* pcre: Fixed bug #75457 (heap use-after-free in pcrelib) (cmb)

StableUpdate RequestLowHigh [pigeonhole] needs to be updated (depends on older vers ...Closed
100%
Task Description

Description:
The pigeonhole package depends on dovecot 2.2.29.1, which is in version 2.3.4.1-2.hyperbola1.backports1 at the moment. Due to this, I can’t use it

Additional info:
* pigeonhole 0.4.18-1

AnyUpdate RequestVery LowHigh [mpv] request for package bump Closed
100%
Task Description

Hello,

Would it be possible to get a package bump for mpv ?

Currently, Debian Buster (stable) uses 0.29.1-1. This would be great as it introduces many fixes and support for lua scripts I heavily use.
0.29.* requires a ffmpeg to 4.x series as well.

Thanks.

AnyUpdate RequestMediumHigh [php] is out of date/support Closed
100%
Task Description

Description:

From official PHP page, our php 7.1 is out of support and security

Our package :
https://www.hyperbola.info/packages/extra/x86_64/php/

PHP page :
https://www.php.net/supported-versions.php

AnyUpdate RequestVery LowMedium [mesa] needs update Closed
100%
Task Description

mesa package is outdated on version 17.0.5.
speaking with some Sway dev and trying to compile wlroots fails because it relies on mesa 17.2.3

AnyUpdate RequestMediumMedium [youtube-viewer] update request to v3.7.9 Closed
100%
Task Description

Please package update to version 3.7.9 of youtube-viewer.

libre.patch attached :)

StableUpdate RequestHighMedium [xscreensaver] needs an update, since there is a bugfix ...Closed
100%
Task Description

We seem to have a very old version of xscreensaver... Could you possibly update it?

this may be a security issue/privacy issue.

AnyUpdate RequestMediumMedium [cups] update request Closed
100%
Task Description

New versión v2.2.7

References:

StableUpdate RequestVery LowMedium [minetest] update package to 0.4.17.1 Closed
100%
Task Description

In the latest version fixes some bugs and a crash, and small features[1].

[1]: https://dev.minetest.net/Changelog (see section 0.4.17 and 0.4.17.1 for more details)

AnyUpdate RequestVery LowMedium Update addon random agent spoofer Closed
100%
Task Description

The useragents in random agent spoofer are detected as old apart from, firefox 60 for win7 and win10.*

I recommend focusing on the ones most people still use of each os type and scrapping the rest.

aka, for each section, such as winbugs, mac, gnu/linux... unix, android, etc...

Keep the most used ones, and update them often.

I only suggest this, because it is less work for your team.

*Of all the firefox ones, those are the only ones that work...

StableUpdate RequestVery LowMedium [xfe] update package to 1.43.1 Closed
100%
Task Description

In the latest version fixes several minor bugs and search file function issue[1].

[1]: http://roland65.free.fr/xfe/ (see 1.43 and 1.43.1 in the news section)

AnyUpdate RequestVery LowMedium [grafx2] update package to 2.6 Closed
100%
Task Description

In the latest version was released on 11th of January 2019, with several new features, improvements and fixes[1].

[1]: http://grafx2.chez.com/index.php?article9/2010s (see version 2.6 for more details in update log)

StableUpdate RequestVery LowMedium [cantarell-fonts] update package version to 0.111 Closed
100%
Task Description

Prior version 0.0.25 and below are outdated.

Since version 0.100 and later, there are some changes being redesigned from scratch, added three new weights (including extra bold, light and thin) but not italic or oblique styles, AppStream metadata translations from contributors, and more.

See the version history releases for more details: https://gitlab.gnome.org/GNOME/cantarell-fonts/raw/master/NEWS

AnyUpdate RequestVery LowMedium [minetest] update package version to 5.0.1 Closed
100%
Task Description

In version 5.0.0 and 5.0.1, there are several added and changed (new or existing) features and functions, and fixed bug, crash and other issues.

See those two sections in the version history releases for more details: https://dev.minetest.net/Changelog

TestingUpdate RequestVery LowMedium [lmms] update package version to 1.2.0 Closed
100%
Task Description

In the latest version, it has many more changes with new and improvement features, and fixes function issues since released as preview stage in every eight times per three years ago[1]. And also it is possible to rebuild package with sndio.

[1]: https://github.com/LMMS/lmms/releases/ (see all sections below from 1.2.0-RC1 to 1.2.0 in the version history releases)

StableUpdate RequestVery LowMedium [varnish] Missing init script Closed
100%
StableUpdate RequestVery LowLow [icewm] Upgrade package version Closed
100%
AnyUpdate RequestVery LowVery Low [youtube-viewer] minor fix: function API name Closed
100%
AnySecurity IssueVery HighCritical [gnome-mplayer] [gecko-mediaplayer] [gmtk] remove unsec ...Closed
100%
AnySecurity IssueVery HighCritical [freewrl] remove unsecure "libFreeWRLplugin.so" Closed
100%
AnySecurity IssueVery HighCritical [xulrunner] unmaintained and unsupportable Closed
100%
AnySecurity IssueVery HighCritical [midori] unmaintained and unsupportable Closed
100%
AnySecurity IssueVery HighCritical [w3m] unmaintained and unsupportable Closed
100%
AnySecurity IssueVery HighCritical [pam] pam_unix2 is orphaned and dead upstream Closed
100%
AnySecurity IssueVery HighCritical [wpa_supplicant] vulnerable to KRAK attack Closed
100%
AnySecurity IssueVery HighCritical [dillo] enable IPv6, SSL/TLS and threaded DNS support Closed
100%
AnySecurity IssueVery HighCritical [linux-libre-lts*] Meltdown & Spectre Vulnerability Closed
100%
AnySecurity IssueVery HighCritical [libressl] add package as OpenSSL replacement and defau ...Closed
100%
AnySecurity IssueVery HighCritical [avahi] blacklist package since it's a zeroconf impleme ...Closed
100%
AnySecurity IssueVery HighCritical [electrum] JSONRPC vulnerability Closed
100%
AnySecurity IssueHighCritical [irssi] IRSSI-SA-2018-02 Irssi Security Advisory Closed
100%
AnySecurity IssueHighCritical [python2] heap-overflow vulnerability CVE-2018-1000030 Closed
100%
AnySecurity IssueVery HighCritical [mupdf] multiple security issues Closed
100%
AnySecurity IssueHighCritical [geth] possible denial of service attacks "DoS Attack" Closed
100%
AnySecurity IssueVery HighCritical [xen] multiple security issues: CVE-2018-10472, CVE-201 ...Closed
100%
AnySecurity IssueMediumCritical [glusterfs] CVE-2018-1088: Privilege escalation via gl ...Closed
100%
AnySecurity IssueVery HighCritical [wget] - GNU Wget Cookie Injection CVE-2018-0494 Closed
100%
AnySecurity IssueVery HighCritical [networkmanager] CVE-2018-1111: DHCP client script code ...Closed
100%
AnySecurity IssueVery HighCritical [openrc] use procps-ng's "sysctl" by default instead of ...Closed
100%
AnySecurity IssueVery HighCritical [openrc] remove dangerous "local" init script Closed
100%
Showing tasks 1 - 50 of 1516 Page 1 of 31

Available keyboard shortcuts

Tasklist

Task Details

Task Editing