|
Any | Freedom Issue | Very High | Critical | [supertuxkart] remove nonfree Ubuntu Font Family fonts | Closed | |
Task Description
In version 0.9.3 and 1.0, there are several added and changed (new or existing) features and functions, and fixed bug, crash and other issues.
But the critical part is contains non-libre/free Ubuntu font files over licensing issue, according to the issue: https://github.com/supertuxkart/stk-code/issues/2570
See those two sections in the version history releases for more details: https://github.com/supertuxkart/stk-code/blob/master/CHANGELOG.md
|
|
Any | Freedom Issue | Very Low | Critical | [flatpak] Access to proprietary applications | Closed | |
Task Description
Description:
Additional info: * 0.9.10-2.hyperbola2
Steps to reproduce: Flatpak gives access to interesting features for the deployment of applications, but in fact it also gives access to proprietary applications like Skype (https://flathub.org/apps/details/com.skype.Client), Steam (https://flathub.org/apps/details/com.valvesoftware.Steam) and many more. So it should be checked if this should be part of the repositories within an open, libre distribution. In my point of view this violates the freedom of users, because there can be not tolerance about intolerance even regarding this.
|
|
Any | Bug Report | Very High | Critical | [cups] [cups-filters] ServerBin directory inconsistency | Closed | |
Task Description
As the default path of the ServerBin directory is now /usr/libexec/bin: 1. cups-files.conf should be modified/adapted accordingly. 2. The contents of /usr/lib/cups which is currently owned by cups-filters, cups-pdf foomatic-db-engine and smbclient should be moved to /usr/libexec/cups.
As it is, cups doesn’t work in v0.3.
|
|
Any | Freedom Issue | Very High | Critical | [clementine] using non-free services and interfaces | Closed | |
Task Description
The audioplayer clementine uses interfaces for non-free services like Dropbox, Google Drive, OneDrive, Subsonic and VK.com regarding storage and accessing files. So of course the software is licensed under the GPL, therefore Copyleft and free, libre software in the first place, but is also using anti-features with those interfaces to mentioned unfree services later on.
So the proposal would be: Creating a fork with removing those interfaces or otherwise removal of the whole package.
|
|
Any | Freedom Issue | Very High | Critical | [gens] contains nonfree Starscream code | Closed | |
Task Description
Gens contains nonfree Starscream code
$ pacman -Si gens
Repository : multilib
Name : gens
Version : 2.15.5-10
Description : A Sega Genesis / Sega CD / Sega 32X emulator
Architecture : x86_64
URL : http://gens.sourceforge.net
Licenses : GPL
Groups : None
Provides : None
Depends On : lib32-gtk2 lib32-sdl
Optional Deps : lib32-alsa-plugins: Sound support for PulseAudio
lib32-libpulse: Sound support for PulseAudio
Conflicts With : None
Replaces : None
Download Size : 359.08 KiB
Installed Size : 1948.00 KiB
Packager : Maxime Gauduin <alucryd@gmail.com>
Build Date : Wed 21 Aug 2013 03:24:58 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Starscream License:
-----------------------------------------------------------------------------
Starscream 680x0 emulation library Custom version S0.26d
Copyright 1997, 1998, 1999 Neill Corlett
Modified by Stéphane Dallongeville
Used for the sub 68000 CPU emulation in Gens.
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
0. Terms of Use
-----------------------------------------------------------------------------
"Starscream" refers to the following files:
* STAR.C
* STARCPU.H
* CPUDEBUG.C
* CPUDEBUG.H
* STARDOC.TXT
* any object file or executable compiled from the above
* any source code generated from STAR.C, or object file assembled from such
code
Starscream may be distributed freely in unmodified form, as long as this
documentation is included.
No money, goods, or services may be charged or solicited for Starscream, or
any emulator or other program which includes Starscream, in whole or in part.
Using Starscream in a shareware or commercial application is forbidden.
Contact Neill Corlett (corlett@elwha.nrrc.ncsu.edu) if you'd like to license
Starscream for commercial use.
Any program which uses Starscream must include the following credit text, in
its documentation or in the program itself:
"Starscream 680x0 emulation library by Neill Corlett
(corlett@elwha.nrrc.ncsu.edu)"
|
|
Any | Freedom Issue | Very High | Critical | [gens-gs] contains nonfree Starscream code and the Poor ... | Closed | |
Task Description
Gens/GS contains nonfree: * Starscream code * The Poorman’s Sega 32x BIOS files (on the source code)
$ pacman -Si gens-gs
Repository : multilib
Name : gens-gs
Version : 2.16.7-6
Description : An emulator of Sega Genesis, Sega CD and 32X, combining features from various forks of Gens
Architecture : x86_64
URL : http://segaretro.org/Gens/GS
Licenses : GPL
Groups : None
Provides : gens
Depends On : lib32-gtk2 lib32-sdl
Optional Deps : lib32-alsa-plugins: ALSA sound support
lib32-libcanberra: Hide a silly warning
lib32-libpulse: PulseAudio sound support
Conflicts With : gens
Replaces : None
Download Size : 2047.36 KiB
Installed Size : 4815.00 KiB
Packager : Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
Build Date : Mon 07 Dec 2015 10:23:49 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Starscream License:
-----------------------------------------------------------------------------
Starscream 680x0 emulation library Custom version M0.26d
Copyright 1997, 1998, 1999 Neill Corlett
Modified by Stéphane Dallongeville
Used for the main 68000 CPU emulation in Gens.
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
0. Terms of Use
-----------------------------------------------------------------------------
"Starscream" refers to the following files:
* STAR.C
* STARCPU.H
* CPUDEBUG.C
* CPUDEBUG.H
* STARDOC.TXT
* any object file or executable compiled from the above
* any source code generated from STAR.C, or object file assembled from such
code
Starscream may be distributed freely in unmodified form, as long as this
documentation is included.
No money, goods, or services may be charged or solicited for Starscream, or
any emulator or other program which includes Starscream, in whole or in part.
Using Starscream in a shareware or commercial application is forbidden.
Contact Neill Corlett (corlett@elwha.nrrc.ncsu.edu) if you'd like to license
Starscream for commercial use.
Any program which uses Starscream must include the following credit text, in
its documentation or in the program itself:
"Starscream 680x0 emulation library by Neill Corlett
(corlett@elwha.nrrc.ncsu.edu)"
The Poorman’s Sega 32x BIOS License:
The Poorman's Sega 32x BIOS files
By Devster (Joseph Norman)
http://devster.retrodev.com/
Exclaimer
---------
; Feel free to use this code, recompile the code, redistribute the unmodified code,
; modify it with your own name on it and redistribute it as yours if you
; so wish to do so without getting caught looking stupid, but you may not sell it for
; cash monies, or for in exchange of hot prostitutes, nor include it with any other
; redistributable software packages without consent from DevSter. This code is IS AS,
; which is latin for jibber jabber, to DevSter and the holder of this code, means
; there are no other further attatchments, absolutely no guarantees in it "working",
; comes with no lifetime waranty, et al, and you will gain nothing more than to play
; your super cool Sega Genesis 32X (names reserved to their rightful owners) without
; having to resort to using the actual copyrighted bios files. Let it further be noted
; that the use of the word "code" in this exclaimer refers to both the source code, and
; the pre-compiled code that was distributed.
|
|
Any | Freedom Issue | Very High | Critical | [dgen-sdl] contains nonfree CZ80, dZ80, DrZ80, Multi-Z8 ... | Closed | |
Task Description
DGen/SDL contains nonfree: * CZ80 * dZ80 * DrZ80 * Multi-Z80 * Musashi v3.3 * Starscream
$ pacman -Si dgen-sdl
Repository : community
Name : dgen-sdl
Version : 1.33-2
Description : An emulator for Sega Genesis/Mega Drive systems ported to SDL
Architecture : x86_64
URL : http://dgen.sourceforge.net
Licenses : BSD
Groups : None
Provides : None
Depends On : sdl libgl libarchive
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 420.95 KiB
Installed Size : 2000.00 KiB
Packager : Allan McRae <allan@archlinux.org>
Build Date : Sun 06 Dec 2015 12:19:03 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
CZ80 License:
************************************************
* *
* CZ80 (Z80 CPU emulator) version 0.91 *
* Compiled with Dev-C++ *
* Copyright 2004-2005 Stéphane Dallongeville *
* *
************************************************
CZ80 is a Z80 CPU emulator, priorities were given to :
- code size
- speed
- accuracy
- portablity
It supports almost all undocumented opcodes and flags.
The emulator can be freely distribued and used for any non commercial
project as long you don't forget to credit me somewhere :)
If you want some support about the CZ80, you can contact me on
the Gens forum (http://gens.consolemul.com then go to the forum).
dZ80 License:
dZ80 Version 2.0 Source Code
Copyright 1996-2002 Mark Incley.
E-mail: dz80@inkland.org
http://www.inkland.org
Serious Bit
-----------
I have made this source code available so that it may be compiled on platforms
other than MS-DOS and Windows. You may compile it and distribute the resulting
executable only if no monies are charged for it.
** YOU ARE NOT ALLOWED TO DISTRIBUTE THIS SOFTWARE COMMERICIALLY **
Not So Serious Bit
------------------
If you make any feature modifications to the dZ80 source code, please let me
know, so that I can make them to my source too. I didn't intend for dZ80 to
grow into an all singing and dancin' disassembler, but, if features are added,
I would like to add them to my base version too.
DrZ80 License:
___________________________________________________________________________
DrZ80 (c) Copyright 2004 Reesy. Free for non-commercial use
Reesy's e-mail: drsms_reesy(atsymbol)yahoo.co.uk
Replace (atsymbol) with @
___________________________________________________________________________
Multi-Z80 License:
Multi-Z80 32 Bit emulator
Copyright 1996, 1997, 1998, 1999, 2000 - Neil Bradley, All rights reserved
MZ80 License agreement
-----------------------
(MZ80 Refers to both the assembly code emitted by makez80.c and makez80.c
itself)
MZ80 May be distributed in unmodified form to any medium.
MZ80 May not be sold, or sold as a part of a commercial package without
the express written permission of Neil Bradley (neil@synthcom.com). This
includes shareware.
Modified versions of MZ80 may not be publicly redistributed without author
approval (neil@synthcom.com). This includes distributing via a publicly
accessible LAN. You may make your own source modifications and distribute
MZ80 in source or object form, but if you make modifications to MZ80
then it should be noted in the top as a comment in makez80.c.
MZ80 Licensing for commercial applications is available. Please email
neil@synthcom.com for details.
Synthcom Systems, Inc, and Neil Bradley will not be held responsible for
any damage done by the use of MZ80. It is purely "as-is".
If you use MZ80 in a freeware application, credit in the following text:
"Multi-Z80 CPU emulator by Neil Bradley (neil@synthcom.com)"
must accompany the freeware application within the application itself or
in the documentation.
Legal stuff aside:
If you find problems with MZ80, please email the author so they can get
resolved. If you find a bug and fix it, please also email the author so
that those bug fixes can be propogated to the installed base of MZ80
users. If you find performance improvements or problems with MZ80, please
email the author with your changes/suggestions and they will be rolled in
with subsequent releases of MZ80.
The whole idea of this emulator is to have the fastest available 32 bit
Multi-Z80 emulator for the x86, giving maximum performance.
Musashi v3.3 License:
MUSASHI
=======
Version 3.3
A portable Motorola M680x0 processor emulation engine.
Copyright 1998-2001 Karl Stenerud. All rights reserved.
LICENSE AND COPYRIGHT:
---------------------
The Musashi M680x0 emulator is copyright 1998-2001 Karl Stenerud.
The source code included in this archive is provided AS-IS, free for any
non-commercial purpose.
If you build a program using this core, please give credit to the author.
If you wish to use this core in a commercial environment, please contact
the author to discuss commercial licensing.
Starscream License:
-----------------------------------------------------------------------------
Starscream 680x0 emulation library version 0.26d
Copyright 1997, 1998, 1999 Neill Corlett
Modified by Stéphane Dallongeville
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
0. Terms of Use
-----------------------------------------------------------------------------
"Starscream" refers to the following files:
* STAR.C
* STARCPU.H
* CPUDEBUG.C
* CPUDEBUG.H
* STARDOC.TXT
* any object file or executable compiled from the above
* any source code generated from STAR.C, or object file assembled from such
code
Starscream may be distributed freely in unmodified form, as long as this
documentation is included.
No money, goods, or services may be charged or solicited for Starscream, or
any emulator or other program which includes Starscream, in whole or in part.
Using Starscream in a shareware or commercial application is forbidden.
Contact Neill Corlett (corlett@elwha.nrrc.ncsu.edu) if you'd like to license
Starscream for commercial use.
Any program which uses Starscream must include the following credit text, in
its documentation or in the program itself:
"Starscream 680x0 emulation library by Neill Corlett
(corlett@elwha.nrrc.ncsu.edu)"
|
|
Any | Security Issue | Very High | Critical | [libarchive] CVE-2019-18408 | Closed | |
Task Description
https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/
https://security-tracker.debian.org/tracker/CVE-2019-18408
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
Task Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation
https://security-tracker.debian.org/tracker/CVE-2019-2201
Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
|
|
Any | Security Issue | High | High | [npapi-sdk] remove unsecure/deprecated package | Closed | |
Task Description
“npapi-sdk” (released in 2012) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-sdk Repository : extra Name : npapi-sdk Version : 0.27.2-1 Description : Netscape Plugin API (NPAPI) Architecture : any URL : https://bitbucket.org/mgorny/npapi-sdk Licenses : MPL Groups : None Provides : None Depends On : None Optional Deps : None Conflicts With : None Replaces : None Download Size : 15.77 KiB Installed Size : 67.00 KiB Packager : Ionut Biru ibiru@archlinux.org Build Date : Thu 25 Apr 2013 01:47:15 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [npapi-vlc] remove unsecured package | Closed | |
Task Description
“npapi-vlc” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-vlc Repository : community Name : npapi-vlc Version : 2.2.5-1 Description : The modern VLC Mozilla (NPAPI) plugin Architecture : x86_64 URL : https://code.videolan.org/videolan/npapi-vlc Licenses : GPL Groups : None Provides : None Depends On : gtk2 vlc Optional Deps : None Conflicts With : None Replaces : None Download Size : 69.96 KiB Installed Size : 287.00 KiB Packager : Timothy Redaelli timothy.redaelli@gmail.com Build Date : Tue 14 Feb 2017 12:27:08 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [nspluginwrapper] remove unsecure/deprecated package | Closed | |
Task Description
“nspluginwrapper” (released in 2011) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si nspluginwrapper Repository : multilib Name : nspluginwrapper Version : 1.4.4-3 Description : Cross-platform NPAPI compatible plugin viewer Architecture : x86_64 URL : http://nspluginwrapper.davidben.net/ Licenses : GPL Groups : None Provides : None Depends On : curl libxt lib32-libxt gcc-libs lib32-gcc-libs gtk2 lib32-gtk2 Optional Deps : None Conflicts With : None Replaces : None Download Size : 146.14 KiB Installed Size : 475.00 KiB Packager : Felix Yan felixonmars@gmail.com Build Date : Sat 12 Jul 2014 02:40:45 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [x2goplugin] remove unsecure package | Closed | |
Task Description
“x2goplugin” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si x2goplugin Repository : extra Name : x2goplugin Version : 4.1.0.0-1 Description : provides X2Go Client as QtBrowser-based Mozilla plugin Architecture : x86_64 URL : http://www.x2go.org Licenses : GPL2 Groups : None Provides : None Depends On : qt4 libcups nxproxy libssh libxpm Optional Deps : None Conflicts With : None Replaces : None Download Size : 1250.54 KiB Installed Size : 2761.00 KiB Packager : Andreas Radke andyrtr@archlinux.org Build Date : Wed 22 Feb 2017 12:42:48 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [djview] remove unsecure "nsdejavu.so" | Closed | |
Task Description
Remove “nsdejavu.so”, uses deprecated/unsecure NPAPI[0] api
$ sudo pacman -Si djview Repository : community Name : djview Version : 4.10.6-1 Description : Portable DjVu viewer and browser plugin Architecture : x86_64 URL : http://djvu.sourceforge.net/djview4.html Licenses : GPL Groups : None Provides : djview4 Depends On : qt5-base djvulibre libxkbcommon-x11 libsm Optional Deps : None Conflicts With : djview4 Replaces : djview4 Download Size : 535.79 KiB Installed Size : 1978.00 KiB Packager : Gaetan Bisson bisson@archlinux.org Build Date : Wed 04 May 2016 08:53:23 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ sudo pacman -Ql djview djview /usr/ djview /usr/bin/ djview /usr/bin/djview djview /usr/bin/djview4 djview /usr/lib/ djview /usr/lib/mozilla/ djview /usr/lib/mozilla/plugins/ djview /usr/lib/mozilla/plugins/nsdejavu.so djview /usr/share/ djview /usr/share/applications/ djview /usr/share/applications/djvulibre-djview4.desktop djview /usr/share/djvu/ djview /usr/share/djvu/djview4/ djview /usr/share/djvu/djview4/djview_cs.qm djview /usr/share/djvu/djview4/djview_de.qm djview /usr/share/djvu/djview4/djview_es.qm djview /usr/share/djvu/djview4/djview_fr.qm djview /usr/share/djvu/djview4/djview_ru.qm djview /usr/share/djvu/djview4/djview_uk.qm djview /usr/share/djvu/djview4/djview_zh_cn.qm djview /usr/share/djvu/djview4/djview_zh_tw.qm djview /usr/share/icons/ djview /usr/share/icons/hicolor/ djview /usr/share/icons/hicolor/32×32/ djview /usr/share/icons/hicolor/32×32/mimetypes/ djview /usr/share/icons/hicolor/32×32/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/64×64/ djview /usr/share/icons/hicolor/64×64/mimetypes/ djview /usr/share/icons/hicolor/64×64/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/scalable/ djview /usr/share/icons/hicolor/scalable/mimetypes/ djview /usr/share/icons/hicolor/scalable/mimetypes/djvulibre-djview4.svgz djview /usr/share/man/ djview /usr/share/man/man1/ djview /usr/share/man/man1/djview.1.gz djview /usr/share/man/man1/nsdejavu.1.gz
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [icedtea-web] remove unsecure "IcedTeaPlugin.so" | Closed | |
Task Description
Remove “IcedTeaPlugin.so”, it uses deprecated/unsecure NPAPI[0] apis
Note: this package contains “Java Web Start” and unsecured NPAPI plugin, it needs change package description and description on optional dependencies in “jre{7,8}-openjdk” packages.
$ pacman -Si icedtea-web Repository : extra Name : icedtea-web Version : 1.6.2-2.hyperbola1 Description : Free web browser plugin to run applets written in Java and an implementation of Java Web Start, without nonfree firefox support Architecture : x86_64 URL : http://icedtea.classpath.org/wiki/IcedTea-Web Licenses : GPL2 Groups : None Provides : java-web-start Depends On : java-runtime-openjdk desktop-file-utils Optional Deps : rhino: for using proxy auto config files Conflicts With : None Replaces : icedtea-web-java7 Download Size : 1525.55 KiB Installed Size : 2108.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Fri 26 May 2017 06:13:18 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql icedtea-web icedtea-web /usr/ icedtea-web /usr/bin/ icedtea-web /usr/bin/itweb-settings icedtea-web /usr/bin/javaws icedtea-web /usr/bin/policyeditor icedtea-web /usr/lib/ icedtea-web /usr/lib/mozilla/ icedtea-web /usr/lib/mozilla/plugins/ icedtea-web /usr/lib/mozilla/plugins/IcedTeaPlugin.so icedtea-web /usr/share/ icedtea-web /usr/share/applications/ icedtea-web /usr/share/applications/itweb-settings.desktop icedtea-web /usr/share/applications/javaws.desktop icedtea-web /usr/share/icedtea-web/ icedtea-web /usr/share/icedtea-web/bin/ icedtea-web /usr/share/icedtea-web/bin/itweb-settings icedtea-web /usr/share/icedtea-web/bin/javaws icedtea-web /usr/share/icedtea-web/bin/policyeditor icedtea-web /usr/share/icedtea-web/javaws_splash.png icedtea-web /usr/share/icedtea-web/lib/ icedtea-web /usr/share/icedtea-web/lib/IcedTeaPlugin.so icedtea-web /usr/share/icedtea-web/netx.jar icedtea-web /usr/share/icedtea-web/plugin.jar icedtea-web /usr/share/man/ icedtea-web /usr/share/man/man1/ icedtea-web /usr/share/man/man1/icedtea-web-plugin.1.gz icedtea-web /usr/share/man/man1/icedtea-web.1.gz icedtea-web /usr/share/man/man1/itweb-settings.1.gz icedtea-web /usr/share/man/man1/javaws.1.gz icedtea-web /usr/share/man/man1/policyeditor.1.gz icedtea-web /usr/share/pixmaps/ icedtea-web /usr/share/pixmaps/javaws.png
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Privacy Issue | High | High | [redshift] remove geoclue2 support | Closed | |
Task Description
Bug Report
Tratando proveedor ubicación `geoclue2'...
Usando el proveedor `geoclue2'.
Unable to connect to GeoClue.
Incapaz de obtener localización desde el proveedor.
Package information:
$ pacman -S redshift Repositorio : community Nombre : redshift Versión : 1.11-4.hyperbola1 Descripción : Adjusts the color temperature of your screen according to your surroundings, without geoclue2 support Arquitectura : x86_64 URL : http://jonls.dk/redshift/ Licencias : GPL3 Grupos : Nada Provee : Nada Depende de : libdrm libxcb libxxf86vm Dependencias opcionales : python-gobject: for redshift-gtk python-xdg: for redshift-gtk librsvg: for redshift-gtk En conflicto con : Nada Remplaza a : Nada Tamaño de la descarga : 107,66 KiB Tamaño de la instalación : 1004,00 KiB Encargado : André Silva emulatorman@hyperbola.info Fecha de creación : sáb 17 jun 2017 14:03:43 -05 Validado por : Suma MD5 Suma SHA-256 Firma
|
|
Any | Privacy Issue | High | High | [epiphany] would be more private if not for Hyperbola p ... | Closed | |
Task Description
(in Spanish) Copio lo que puse en irc:
<isacdaavid>: este parche de epiphany está removiendo cosas de más. Si te fijas aca verás que lo que ese código hace es proteger la privacidad contra google y facebook.
<isacdaavid>: https://git.parabola.nu/abslibre.git/tree/libre/epiphany/privacy.patch#n162 sólo está probando si el spyware está siendo removido efectivamente. Tampoco veo necesidad de mantener lo de la línea #122 (lo único que hace es cambiar el título de la ventana), ni lo de la línea #139 (sólo está probando que el parser de URLs funciona, no hace conexiones), y mucho menos quitar referencias a “google.com” en los comentarios.
<isacdaavid>: subiré mis cambios a parabola, por si te interesa usarlos.
|
|
Any | Bug Report | High | High | [tlp] remove systemd support | Closed | |
Task Description
systemd support should be removed from tlp. I understand that it should start automatically under OpenRC.
|
|
Any | Bug Report | High | High | [sway] relies on systemd libraries | Closed | |
Task Description
impossible to start sway as it relies on libsystemd.so.0
error:
sway: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory
|
|
Any | Security Issue | High | High | [podofo] vulnerable allows remote attackers to cause a ... | Closed | |
Task Description
https://icepng.github.io/2017/04/21/PoDoFo-1/
https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference
http://www.securityfocus.com/bid/97296/info
Package information
Repositorio : community Nombre : podofo Versión : 0.9.5-2 Descripción : A C++ library to work with the PDF file format Arquitectura : x86_64 URL : http://podofo.sourceforge.net Licencias : GPL Grupos : Nada Provee : Nada Depende de : lua openssl fontconfig libtiff libidn libjpeg-turbo Dependencias opcionales : Nada En conflicto con : Nada Remplaza a : Nada Tamaño de la descarga : 785,18 KiB Tamaño de la instalación : 4492,00 KiB Encargado : Antonio Rojas arojas@archlinux.org Fecha de creación : sáb 18 feb 2017 06:52:31 -05 Validado por : Suma MD5 Suma SHA-256 Firma
Debian just patched for v0.9.5-6
https://sources.debian.net/src/libpodofo/0.9.5-6/debian/patches/CVE-2017-738%5B0123%5D.patch/
https://sources.debian.net/src/libpodofo/0.9.5-6/debian/patches/
|
|
Any | Security Issue | High | High | [isync] needs update | Closed | |
Task Description
isync is currently on 1.2.1-3, the versions is 2 years old and a lot of security/features have been implemented to the version 1.3.0
isync needs be upgraded from 1.2.1 to 1.2.3 since it is a bugfix adapted for our current snapshot in Milky Way (2017-05-08) which is using isync 1.2.x series.
|
|
Any | Drop Request | High | High | [ssmtp] remove obsolete package | Closed | |
Task Description
Package ssmtp is unmaintained:
ssmtp is unmaintained. Consider using something like msmtp instead. (source)
So it violates point 4 of our packaging guidelines “Anti-abandonware”, because it’s abandoned and has a replacement (msmtp)
|
|
Any | Feature Request | High | High | [icedove-enigmail] add package | Closed | |
Task Description
Hello,
Would it be possible to add this package :
icedove-enigmail
to the repo ?
Thank you
|
|
Any | Bug Report | Medium | High | [brasero] could not establish a connection to Tracker | Closed | |
Task Description
# Bug
(brasero:1402): WARNING : Could not establish a connection to Tracker: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.Tracker1 was not provided by any .service files Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
# Package information
$ sudo pacman -Si brasero
[sudo] password for heckyel:
Repositorio : extra
Nombre : brasero
Versión : 3.12.1-2.hyperbola1
Descripción : CD/DVD mastering tool
Arquitectura : x86_64
URL : https://wiki.gnome.org/Apps/Brasero
Licencias : GPL
Grupos : gnome-extra
Provee : Nada
Depende de : gtk3 gst-plugins-good totem-plparser cdrkit cdrdao
shared-mime-info libcanberra dvd+rw-tools dconf libsm
libtracker-sparql libnotify gvfs
Dependencias opcionales : libburn: alternative back-end
libisofs: libburn back-end
dvdauthor: video project
vcdimager: video project
En conflicto con : Nada
Remplaza a : nautilus-cd-burner
Tamaño de la descarga : 2,58 MiB
Tamaño de la instalación : 14,46 MiB
Encargado : Scott Adams <haricot@hyperbola.info>
Fecha de creación : lun 29 may 2017 00:24:19 -05
Validado por : Suma MD5 Suma SHA-256 Firma
# File attached pacman -Ql brasero > brasero.txt
|
|
Any | Bug Report | Medium | High | [redshift] No more location providers to try | Closed | |
Task Description
Bug
$ redshift Failed to run Redshift No more location providers to try.
Package Information
$ sudo pacman -Si redshift
Repositorio : community
Nombre : redshift
Versión : 1.11-4.hyperbola3
Descripción : Adjusts the color temperature of your screen according to your
surroundings, without manual location provider, geoclue2 and
systemd support
Arquitectura : x86_64
URL : http://jonls.dk/redshift/
Licencias : GPL3
Grupos : Nada
Provee : Nada
Depende de : libdrm libxcb libxxf86vm
Dependencias opcionales : python-gobject: for redshift-gtk
python-xdg: for redshift-gtk
librsvg: for redshift-gtk
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 103,66 KiB
Tamaño de la instalación : 988,00 KiB
Encargado : André Silva <emulatorman@hyperbola.info>
Fecha de creación : mar 17 oct 2017 23:35:01 -05
Validado por : Suma MD5 Suma SHA-256 Firma
$ pacman -Ql redshift redshift /usr/ redshift /usr/bin/ redshift /usr/bin/redshift redshift /usr/bin/redshift-gtk redshift /usr/lib/ redshift /usr/lib/python3.6/ redshift /usr/lib/python3.6/site-packages/ redshift /usr/lib/python3.6/site-packages/redshift_gtk/ redshift /usr/lib/python3.6/site-packages/redshift_gtk/init.py redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/ redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/init.cpython-36.opt-1.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/init.cpython-36.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/defs.cpython-36.opt-1.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/defs.cpython-36.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/statusicon.cpython-36.opt-1.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/statusicon.cpython-36.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/utils.cpython-36.opt-1.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/pycache/utils.cpython-36.pyc redshift /usr/lib/python3.6/site-packages/redshift_gtk/defs.py redshift /usr/lib/python3.6/site-packages/redshift_gtk/statusicon.py redshift /usr/lib/python3.6/site-packages/redshift_gtk/utils.py redshift /usr/share/ redshift /usr/share/appdata/ redshift /usr/share/appdata/redshift-gtk.appdata.xml redshift /usr/share/applications/ redshift /usr/share/applications/redshift-gtk.desktop redshift /usr/share/applications/redshift.desktop redshift /usr/share/icons/ redshift /usr/share/icons/hicolor/ redshift /usr/share/icons/hicolor/scalable/ redshift /usr/share/icons/hicolor/scalable/apps/ redshift /usr/share/icons/hicolor/scalable/apps/redshift-status-off.svg redshift /usr/share/icons/hicolor/scalable/apps/redshift-status-on.svg redshift /usr/share/icons/hicolor/scalable/apps/redshift.svg redshift /usr/share/locale/ redshift /usr/share/locale/ar/ redshift /usr/share/locale/ar/LC_MESSAGES/ redshift /usr/share/locale/ar/LC_MESSAGES/redshift.mo redshift /usr/share/locale/bg/ redshift /usr/share/locale/bg/LC_MESSAGES/ redshift /usr/share/locale/bg/LC_MESSAGES/redshift.mo redshift /usr/share/locale/ca/ redshift /usr/share/locale/ca/LC_MESSAGES/ redshift /usr/share/locale/ca/LC_MESSAGES/redshift.mo redshift /usr/share/locale/cs/ redshift /usr/share/locale/cs/LC_MESSAGES/ redshift /usr/share/locale/cs/LC_MESSAGES/redshift.mo redshift /usr/share/locale/da/ redshift /usr/share/locale/da/LC_MESSAGES/ redshift /usr/share/locale/da/LC_MESSAGES/redshift.mo redshift /usr/share/locale/de/ redshift /usr/share/locale/de/LC_MESSAGES/ redshift /usr/share/locale/de/LC_MESSAGES/redshift.mo redshift /usr/share/locale/el/ redshift /usr/share/locale/el/LC_MESSAGES/ redshift /usr/share/locale/el/LC_MESSAGES/redshift.mo redshift /usr/share/locale/es/ redshift /usr/share/locale/es/LC_MESSAGES/ redshift /usr/share/locale/es/LC_MESSAGES/redshift.mo redshift /usr/share/locale/et/ redshift /usr/share/locale/et/LC_MESSAGES/ redshift /usr/share/locale/et/LC_MESSAGES/redshift.mo redshift /usr/share/locale/eu/ redshift /usr/share/locale/eu/LC_MESSAGES/ redshift /usr/share/locale/eu/LC_MESSAGES/redshift.mo redshift /usr/share/locale/fi/ redshift /usr/share/locale/fi/LC_MESSAGES/ redshift /usr/share/locale/fi/LC_MESSAGES/redshift.mo redshift /usr/share/locale/fr/ redshift /usr/share/locale/fr/LC_MESSAGES/ redshift /usr/share/locale/fr/LC_MESSAGES/redshift.mo redshift /usr/share/locale/gl/ redshift /usr/share/locale/gl/LC_MESSAGES/ redshift /usr/share/locale/gl/LC_MESSAGES/redshift.mo redshift /usr/share/locale/he/ redshift /usr/share/locale/he/LC_MESSAGES/ redshift /usr/share/locale/he/LC_MESSAGES/redshift.mo redshift /usr/share/locale/hi/ redshift /usr/share/locale/hi/LC_MESSAGES/ redshift /usr/share/locale/hi/LC_MESSAGES/redshift.mo redshift /usr/share/locale/hr/ redshift /usr/share/locale/hr/LC_MESSAGES/ redshift /usr/share/locale/hr/LC_MESSAGES/redshift.mo redshift /usr/share/locale/hu/ redshift /usr/share/locale/hu/LC_MESSAGES/ redshift /usr/share/locale/hu/LC_MESSAGES/redshift.mo redshift /usr/share/locale/it/ redshift /usr/share/locale/it/LC_MESSAGES/ redshift /usr/share/locale/it/LC_MESSAGES/redshift.mo redshift /usr/share/locale/ja/ redshift /usr/share/locale/ja/LC_MESSAGES/ redshift /usr/share/locale/ja/LC_MESSAGES/redshift.mo redshift /usr/share/locale/ka/ redshift /usr/share/locale/ka/LC_MESSAGES/ redshift /usr/share/locale/ka/LC_MESSAGES/redshift.mo redshift /usr/share/locale/lt/ redshift /usr/share/locale/lt/LC_MESSAGES/ redshift /usr/share/locale/lt/LC_MESSAGES/redshift.mo redshift /usr/share/locale/nb/ redshift /usr/share/locale/nb/LC_MESSAGES/ redshift /usr/share/locale/nb/LC_MESSAGES/redshift.mo redshift /usr/share/locale/nl/ redshift /usr/share/locale/nl/LC_MESSAGES/ redshift /usr/share/locale/nl/LC_MESSAGES/redshift.mo redshift /usr/share/locale/pl/ redshift /usr/share/locale/pl/LC_MESSAGES/ redshift /usr/share/locale/pl/LC_MESSAGES/redshift.mo redshift /usr/share/locale/pt/ redshift /usr/share/locale/pt/LC_MESSAGES/ redshift /usr/share/locale/pt/LC_MESSAGES/redshift.mo redshift /usr/share/locale/pt_BR/ redshift /usr/share/locale/pt_BR/LC_MESSAGES/ redshift /usr/share/locale/pt_BR/LC_MESSAGES/redshift.mo redshift /usr/share/locale/ru/ redshift /usr/share/locale/ru/LC_MESSAGES/ redshift /usr/share/locale/ru/LC_MESSAGES/redshift.mo redshift /usr/share/locale/sv/ redshift /usr/share/locale/sv/LC_MESSAGES/ redshift /usr/share/locale/sv/LC_MESSAGES/redshift.mo redshift /usr/share/locale/tr/ redshift /usr/share/locale/tr/LC_MESSAGES/ redshift /usr/share/locale/tr/LC_MESSAGES/redshift.mo redshift /usr/share/locale/zh_CN/ redshift /usr/share/locale/zh_CN/LC_MESSAGES/ redshift /usr/share/locale/zh_CN/LC_MESSAGES/redshift.mo redshift /usr/share/man/ redshift /usr/share/man/man1/ redshift /usr/share/man/man1/redshift.1.gz
|
|
Any | Bug Report | Medium | High | [mutt] error message: mailbox closed | Closed | |
|
|
Any | Security Issue | Medium | High | [blender] error invalid PGP keys | Closed | |
|
|
Any | Implementation Request | High | High | [onioncat]: add package | Closed | |
|
|
Any | Implementation Request | High | High | [xen] add Xen 4.8.x split packages | Closed | |
|
|
Any | Security Issue | High | High | [busybox] CVE-2017-16544: autocompletion vulnerability | Closed | |
|
|
Any | Feature Request | Very High | High | [linux-libre-*] add missing installed kernel configurat ... | Closed | |
|
|
Any | Bug Report | High | High | [gnome-disk-utility] error while loading shared librari ... | Closed | |
|
|
Any | Bug Report | Low | High | [php-fpm] service fails to start | Closed | |
|
|
Any | Bug Report | High | High | [dhcp]: /etc/init.d/dhcpd failed to run | Closed | |
|
|
Any | Bug Report | High | High | [mate-session-manager] add elogind support | Closed | |
|
|
Any | Bug Report | High | High | [gvfs] add libelogind support | Closed | |
|
|
Any | Bug Report | High | High | [lightdm] is running under foreground mode and causing ... | Closed | |
|
|
Any | Bug Report | Very High | High | [android-udev] [MTP] unable to mount Android phone | Closed | |
|
|
Any | Feature Request | Very High | High | [kmod] when dummy.ko is loaded, dummy0 interface is loa ... | Closed | |
|
|
Any | Bug Report | High | High | [gnupg] WARNING: Tor is not properly configured | Closed | |
|
|
Any | Bug Report | High | High | [openRC] cowardly refusing to concatenate a logfile int ... | Closed | |
|
|
Any | Bug Report | High | High | [openrc] hwclock: Cannot access the Hardware Clock via ... | Closed | |
|
|
Any | Security Issue | Very High | High | [gnupg] CVE-2018-12020 | Closed | |
|
|
Any | Update Request | Very High | High | [babl] update package to v0.1.50 | Closed | |
|
|
Any | Update Request | Very High | High | [gegl] update package to 0.3.34 | Closed | |
|
|
Any | Backport Request | Very High | High | [gegl] update package to 0.4.2 backport | Closed | |
|
|
Any | Backport Request | Very High | High | [gimp] update package to 2.10.2 backport | Closed | |
|
|
Any | Update Request | Very High | High | [krita] update to 3.1.4 version | Closed | |
|
|
Any | Backport Request | Very High | High | [tcpreplay] update package to 4.2.6 backport | Closed | |
|
|
Any | Implementation Request | Very High | High | [ring] add new package | Closed | |
|