Packages

Description:

• The Arch version of Deluge from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required or add OpenRC init scripts to replace it.

Additional info:
* package version(s)
* config and/or log files etc.

Repository      : extra
Name            : deluge
Version         : 1.3.14-1
Description     : A BitTorrent client with multiple user interfaces in a client/server model
Architecture    : any
URL             : http://deluge-torrent.org/
Licenses        : GPL3
Groups          : None
Provides        : None
Depends On      : python2-xdg  libtorrent-rasterbar  python2-twisted  python2-pyopenssl  python2-chardet  python2-setuptools
Optional Deps   : python2-notify: libnotify notifications
                  pygtk: needed for gtk ui
                  librsvg: needed for gtk ui
                  python2-mako: needed for web ui
Conflicts With  : None
Replaces        : None
Download Size   : 2.26 MiB
Installed Size  : 12.20 MiB
Packager        : Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
Build Date      : Tue 07 Mar 2017 12:26:40 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

/usr/lib/systemd/system/deluged.service is owned by deluge 1.3.14-1
/usr/lib/systemd/system/deluge-web.service is owned by deluge 1.3.14-1

Steps to reproduce:

• Install package.

As per a recent discovery, we should check if our deepin is affected by the CNZZ spyware in the AppStore.
https://www.youtube.com/watch?v=v25Dy66AtNI

We also shouldn’t use the AppStore if it exists, due to non-free apps.

Known files:
> usr/share/dbus-1/system-services/com.deepin.daemon.Apps.service
> etc/appstore.json

Description:
Cutegram is a Telegram client. It is free software, however uses Telegram, a nonfree server-side service that requires accounts tied to telephone numbers. It needs go to the blacklist since Hyperbola’s objective is to support privacy of its community.

Additional info:

$ pacman -Si cutegram
Repository      : community
Name            : cutegram
Version         : 2.7.1-3
Description     : A different telegram client from Aseman team
Architecture    : x86_64
URL             : http://aseman.co/en/products/cutegram/
Licenses        : GPL
Groups          : None
Provides        : cutegram
Depends On      : qt5-imageformats  qt5-webkit  telegramqml>=0.9.1  libqtelegram-ae>=3:6.1
Optional Deps   : gst-plugins-bad: audio support
                  gst-plugins-good: audio and notification sound
Conflicts With  : cutegram-git  sigram-git  sigram  cutegram
Replaces        : cutegram-cn
Download Size   : 12.03 MiB
Installed Size  : 17.07 MiB
Packager        : Jiachen Yang <farseerfc@gmail.com>
Build Date      : Mon 25 Jan 2016 05:59:04 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Probably related to this bug:

https://issues.hyperbola.info/index.php?do=details&task_id=1419

[alon@T60-hyperbola ~]$ lp -d HP_OfficeJet_Pro_8710 /home/alon/Desktop/all/testpages/clean_page.pdf
    lp: Unsupported document-format "application/pdf".
    [alon@T60-hyperbola ~]$ lp -d HP_OfficeJet_Pro_8710 /home/alon/Desktop/all/testpages/clean_page.ps
    lp: Unsupported document-format "application/postscript".

As the default path of the ServerBin directory is now /usr/libexec/bin:
1. cups-files.conf should be modified/adapted accordingly.
2. The contents of /usr/lib/cups which is currently owned by cups-filters, cups-pdf foomatic-db-engine and smbclient should be moved to /usr/libexec/cups.

As it is, cups doesn’t work in v0.3.

Description:

crystal build src/invidious.cr –release

Error in src/invidious.cr:19: while requiring "kemal"

require "kemal"
^

in lib/kemal/src/kemal.cr:4: while requiring "./kemal/*"

require "./kemal/*"
^

in lib/kemal/src/kemal/config.cr:26: expanding macro

    property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
    ^~~~~~~~

in lib/kemal/src/kemal/config.cr:26: expanding macro

    property static_headers : (HTTP::Server::Response, String, File::Info -> Void)?
    ^

in macro 'property' expanded macro: macro_48177600:567, line 4:

   1.       
   2.         
   3.           
>  4.             @static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
   5. 
   6.             def static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil
   7.               @static_headers
   8.             end
   9. 
  10.             def static_headers=(@static_headers : (HTTP::Server::Response, String, File::Info -> Void) | ::Nil)
  11.             end
  12.           
  13.         
  14.       
  15.     

undefined constant File::Info

Additional info:
* package version(s)

Crystal 0.22.0 (2017-04-22) LLVM 4.0.0

Steps to reproduce:

dmcrypt service can’t umount luks filesystem on reboot/shutdown, device or resource busy:

* Removing dm-crypt mappings
* foobar-pv
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
device-mapper: remove ioctl on foobar-pv  failed: Device or resource busy
Device foobar-pv is still in use                                              [ !! ]

pacman -Si

Dépôt                    : community
Nom                      : create_ap
Version                  : 0.4.6-1
Description              : A shell script to create a NATed/Bridged Software Access Point
Architecture             : any
URL                      : https://github.com/oblique/create_ap
Licences                 : BSD
Groupes                  : --
Fournit                  : --
Dépend de                : bash  hostapd  iproute2  iw  dnsmasq  iptables  util-linux  procps-ng
Dépendances opt.         : haveged: boost low entropy
Est en conflit avec      : --
Remplace                 : --
Taille du téléchargement : 17,61 KiB
Taille installée         : 63,00 KiB
Paqueteur                : NicoHood <nicohood@archlinux.org>
Compilé le               : sam. 11 févr. 2017 10:53:08 CET
Validé par               : Somme MD5  Somme SHA-256  Signature

pacman -Ql

create_ap /etc/
create_ap /etc/create_ap.conf
create_ap /usr/
create_ap /usr/bin/
create_ap /usr/bin/create_ap
create_ap /usr/lib/
create_ap /usr/lib/systemd/
create_ap /usr/lib/systemd/system/
create_ap /usr/lib/systemd/system/create_ap.service
create_ap /usr/share/
create_ap /usr/share/bash-completion/
create_ap /usr/share/bash-completion/completions/
create_ap /usr/share/bash-completion/completions/create_ap
create_ap /usr/share/doc/
create_ap /usr/share/doc/create_ap/
create_ap /usr/share/doc/create_ap/README.md
create_ap /usr/share/licenses/
create_ap /usr/share/licenses/create_ap/
create_ap /usr/share/licenses/create_ap/LICENSE

In the latest version fixes several issues and font improvements[1], but unfortunately there is a major problem contained five three non-libre/free typefaces in the source code.

• Apple II (1977): a licence forbids to sell and modify. Already removed
• Commodore PET (1977): a licence forbids to sell and modify. Already removed
• Atari 400/800 (1979): in the latest version, there is a vague term “freeware”[2] in documentation, but forbids to sell and modify.
• Commercial 64 (1982): a licence forbids to sell. Already removed
• Monaco (modern): proprietary from Apple.

$ rm -fr "./app/qml/fonts/{1977-*,1979-atari-400-800,1982-commodore64,modern-monaco}/";

Also, I attached three QML source code diff files down below, by removing and replacing strings.

[1]: https://github.com/Swordfish90/cool-retro-term/releases/tag/1.0.1/
[2]: https://www.gnu.org/philosophy/words-to-avoid#Freeware

$ pacman -Si cmake-fedora
Repository : community
Name : cmake-fedora
Version : 2.7.1-3
Description : CMake helper modules for fedora developers
Architecture : any
URL : https://pagure.io/cmake-fedora Licenses : custom:BSD
Groups : None
Provides : None
Depends On : cmake
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 90.94 KiB
Installed Size : 422.00 KiB
Packager : Felix Yan felixonmars@archlinux.org Build Date : Mon 17 Apr 2017 06:39:49 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

The audioplayer clementine uses interfaces for non-free services like Dropbox, Google Drive, OneDrive, Subsonic and VK.com regarding storage and accessing files. So of course the software is licensed under the GPL, therefore Copyleft and free, libre software in the first place, but is also using anti-features with those interfaces to mentioned unfree services later on.

So the proposal would be: Creating a fork with removing those interfaces or otherwise removal of the whole package.

Remove “cinepaint” package since it’s unmaintained and unsupportable. Also, it doesn’t contains any file format support in the latest version (previous version supported multiple file formats).

I suggest use Krita (or Gimp 2.10) to edit 16bit and 32bit file formats or convert with imagemagick/graphicsmagick.

$ pacman -Si cinepaint
Repository      : community
Name            : cinepaint
Version         : 1:1.0.4-5
Description     : Sophisticated graphics manipulation programm supporting > 8bit pictures
Architecture    : x86_64
URL             : http://www.cinepaint.org
Licenses        : LGPL  GPL  MIT
Groups          : None
Provides        : None
Depends On      : gtk2  openexr  lcms  libxpm  fltk  ftgl  libxxf86vm
Optional Deps   : python2: for python plug-ins
                  gutenprint: for print plug-ins
                  ghostscript: for pdf plug-ins
Conflicts With  : None
Replaces        : None
Download Size   : 3.75 MiB
Installed Size  : 13.91 MiB
Packager        : Christian Hesse <arch@eworm.de>
Build Date      : Thu 28 Apr 2016 05:17:05 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

The CGManager project has been deprecated in favor of using the kernel’s CGroup Namespace or lxcfs’ simulated cgroupfs.

See https://s3hh.wordpress.com/2016/06/18/whither-cgmanager/ for details.

Description:

Common use case is to have a reverse proxy managing the certificates from let’s encrypt.
If a backend server (behind the reverse proxy) needs to use SSL certificates, this requires to use certbot on the reverse proxy, generate the certificate and to move private key from the reverse proxy to the backend server.

There is another way: sharing NFS drive between servers but this breaks all the security best practices!

Today the “best” way is to SCP the private keys from a the reverse proxy to the backend server, this is not the best way and this needs to be repeated every 3 months before let’s encrypt certificate expires, moving the private key is not a best practice either.

version 0.24 brings a new function --reuse-key to reuse the same private key to renew the certificate, so this private key can stay to the backend server and no need to copy the new private key from the reverse proxy to the backend server because it was not changed during the renew.

According to their documentation:

In order to use LuaDNS service you’ll need a LuaDNS account and a Git repository.

Sign up for a free LuaDNS account here: https://api.luadns.com/signup
Currently we are supporting the following Git hosting services:
> GitHub
> Bitbucket

GitHub, as everybody knows, was acquired by Microsoft last year (2018)
https://news.microsoft.com/2018/06/04/microsoft-to-acquire-github-for-7-5-billion/

And Bitbucket, like GitHub, is a centralized non-free git service.

There are other packages made for GitHub which haven’t been removed, but as you were deleting the certbot-dns-* packages that depended on a US-based DNS provider company, I thought you may wanted to know this.

cdemu-daemon requires a specific version of vhba-module. Since we are using vhba-module-lts with vhba-module in provides array but without a specific version, it generates the issue. Removing that specific version solves it.

# pacman -S cdemu-daemon
resolving dependencies...
warning: cannot resolve "vhba-module>=20140629", a dependency of "cdemu-daemon"
:: The following package cannot be upgraded due to unresolvable dependencies:
      cdemu-daemon

:: Do you want to skip the above package for this upgrade? [y/N] 
error: failed to prepare transaction (could not satisfy dependencies)
:: cdemu-daemon: requires vhba-module>=20140629

Cataclysm-DDA contains a problematic license[0][1][2] for software.
Uses “Creative Commons Attribution-ShareAlike 3.0 Unported License”.

$ pacman -Si cataclysm-dda
Repository : community
Name : cataclysm-dda
Version : 0.C-3
Description : A post-apocalyptic roguelike.
Architecture : x86_64
URL : http://en.cataclysmdda.com/ Licenses : CCPL:by-sa
Groups : None
Provides : None
Depends On : ncurses lua
Optional Deps : sdl2_image: for tiles

                sdl2_ttf: for tiles
                freetype2: for tiles
                sdl2_mixer: for tiles

Conflicts With : None
Replaces : None
Download Size : 19.33 MiB
Installed Size : 53.32 MiB
Packager : Felix Yan felixonmars@archlinux.org Build Date : Mon 07 Dec 2015 03:14:02 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://github.com/CleverRaven/Cataclysm-DDA/blob/master/LICENSE.txt [1]:https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software [2]:https://www.gnu.org/licenses/license-list.html#ccbysa

Description:

• needs OpenRC init script (bzr serve), like [git] (git-daemon) and [subversion] (svnserve)

Additional info:

• bzr 2.7.0-2

Note: needs a provide: bazaar

Steps to reproduce:

• none

Package: https://www.hyperbola.info/packages/community/x86_64/busybox/

https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Patch: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

# Bug

(brasero:1402): WARNING : Could not establish a connection to Tracker: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.Tracker1 was not provided by any .service files
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.

# Package information

$ sudo pacman -Si brasero
[sudo] password for heckyel: 
Repositorio               : extra
Nombre                    : brasero
Versión                   : 3.12.1-2.hyperbola1
Descripción               : CD/DVD mastering tool
Arquitectura              : x86_64
URL                       : https://wiki.gnome.org/Apps/Brasero
Licencias                 : GPL
Grupos                    : gnome-extra
Provee                    : Nada
Depende de                : gtk3  gst-plugins-good  totem-plparser  cdrkit  cdrdao
                            shared-mime-info  libcanberra  dvd+rw-tools  dconf  libsm
                            libtracker-sparql  libnotify  gvfs
Dependencias opcionales   : libburn: alternative back-end
                            libisofs: libburn back-end
                            dvdauthor: video project
                            vcdimager: video project
En conflicto con          : Nada
Remplaza a                : nautilus-cd-burner
Tamaño de la descarga     : 2,58 MiB
Tamaño de la instalación  : 14,46 MiB
Encargado                 : Scott Adams <haricot@hyperbola.info>
Fecha de creación         : lun 29 may 2017 00:24:19 -05
Validado por              : Suma MD5  Suma SHA-256  Firma

# File attached
pacman -Ql brasero > brasero.txt

Remove unstable “botan” and rename “botan1.10” to “botan-old-stable”[0]

$ pacman -Si botan
Repository      : community
Name            : botan
Version         : 2.1.0-1
Description     : Crypto library written in C++
Architecture    : x86_64
URL             : https://botan.randombit.net/
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : gcc-libs  sh
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 1816.44 KiB
Installed Size  : 7040.00 KiB
Packager        : Alexander Rødseth <rodseth@gmail.com>
Build Date      : Fri 21 Apr 2017 09:19:27 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

$ pacman -Si botan1.10
Repository      : community
Name            : botan1.10
Version         : 1.10.13-1
Description     : Crypto library written in C++ - old stable branch
Architecture    : x86_64
URL             : http://botan.randombit.net/
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : gcc-libs  sh
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 1014.98 KiB
Installed Size  : 3734.00 KiB
Packager        : Felix Yan <felixonmars@archlinux.org>
Build Date      : Fri 06 Jan 2017 06:48:59 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

[0]:https://botan.randombit.net/

This package contains vague terminology “Commercial”:

extra/bogofilter 1.2.4-2.hyperbola2
    A fast Bayesian spam filtering tool, without noncommercial files

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Commercial”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Commercial”.

eg.

A fast Bayesian spam filtering tool, without nonfree files

BlueGriffon contains support to nonfree “Extended Features”

$ pacman -Qi bluegriffon
Name            : bluegriffon
Version         : 2.3.1-2
Description     : The next-generation Web Editor based on the rendering engine of Firefox
Architecture    : x86_64
URL             : http://bluegriffon.org/
Licenses        : MPL  GPL  LGPL
Groups          : None
Provides        : None
Depends On      : alsa-lib  desktop-file-utils  dbus-glib  gtk2  gtk3  hunspell  mozilla-common  nss  libevent  libvpx  libxt  python2  startup-notification
Optional Deps   : None
Required By     : None
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 120.72 MiB
Packager        : Evangelos Foutras <evangelos@foutrelis.com>
Build Date      : Tue 25 Apr 2017 12:22:30 PM -03
Install Date    : Wed 08 Nov 2017 12:46:24 AM -03
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

$ sudo pacman -S blender
resolviendo dependencias…
buscando conflictos entre paquetes…

Paquetes (20) alembic-1.7.1-1  blender-common-2.78.c-1.hyperbola4  blosc-1.11.3-1  ilmbase-2.2.0-2  intel-tbb-2017_20170226-1  libraw-0.18.2-1  libspnav-0.2.3-1  llvm-4.0.0-2
              log4cplus-1.2.0-3  opencollada-1.6.45-1.hyperbola1  opencolorio-1.0.9-5  openexr-2.2.0-3.hyperbola2  openimageio-1.6.18-1.hyperbola1  openshadinglanguage-1.7.5-1.hyperbola1
              opensubdiv-3.1.1-1  openvdb-3.2.0-2  ptex-2.1.28-1.hyperbola1  valgrind-3.12.0-2  zstd-1.1.4-1  blender-2.78.c-1.hyperbola4

Tamaño total de la descarga:      0,33 MiB
Tamaño total de la instalación:  567,26 MiB

:: ¿Continuar con la instalación? [S/n] s
:: Recibiendo los paquetes…
 libspnav-0.2.3-1-x86_64                                                                     8,5 KiB   849K/s 00:00 [######################################################################] 100%
 zstd-1.1.4-1-x86_64                                                                       283,3 KiB   199K/s 00:01 [######################################################################] 100%
 blosc-1.11.3-1-x86_64                                                                      43,0 KiB   331K/s 00:00 [######################################################################] 100%
(20/20) comprobando las claves del depósito                                                                         [######################################################################] 100%
(20/20) verificando la integridad de los paquetes                                                                   [######################################################################] 100%
error: libspnav: signature from "Andrea Scarpino <me@andreascarpino.it>" is marginal trust
:: El archivo /var/cache/pacman/pkg/libspnav-0.2.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: zstd: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/zstd-1.1.4-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: blosc: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/blosc-1.11.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: no se pudo realizar la operación (paquete no válido o dañado)
Ocurrieron errores, por lo que no se actualizaron los paquetes