|
Any | Feature Request | High | Critical | [pacman-key][cronie][fcron] eating up hardware resource ... | Closed | |
Task Description
This morning while I was working on my X200, I noticed that my CPU was kept 100% busy for a long time by some process which was obvioulsy eating up the battery life. The culprit was pacman-key, triggered by logrotate.
To stop this, I did ‘chmod -x /etc/cron.daily/pacman-key’ and I rebooted.
Later on, it was impossible to install a new package as it was impossible to get over the step marked as “checking keys in keyring...”
So I tried to do again ‘pacman-key –refresh-keys’: the overall process took more than an hour—behind a fast and robust internet connection. I finally got three lines, saying that about 1,000 keys were updated but I never got the prompt back. So I hit Ctrl-C.
At the time of writing, I am still trying to refresh the keys—a quite desperate attempt, if I may say so.
Although I tagged this report as a “Feature request”, it is in my opinion of quite some importance. I understand very well the absolute necessity to always have the keys updated, but in this particular case, with so many keys and so frequent updates, I begin to wonder if losses are not beginning to prevail over benefits.
Unless I am doing something wrong or missing something I should do?
Any help would be strongly appreciated.
Robert
|
|
Any | Security Issue | High | Critical | [geth] possible denial of service attacks "DoS Attack" | Closed | |
Task Description
Geth 1.6.x contains possible denial of service attacks “DoS Attack”, however it has been solved in 1.7.2 [0] instead. Since 1.6.x needs many modifications spread across multiple files of the code and it is inefficient to be backported, the newer version (eg. 1.7.x) could replace the current version package as exception, but repackaged with the appropriate suffix “-backports”.
|
|
Any | Privacy Issue | High | Critical | [deepin-desktop-base] Check for CNZZ Spyware | Closed | |
Task Description
As per a recent discovery, we should check if our deepin is affected by the CNZZ spyware in the AppStore. https://www.youtube.com/watch?v=v25Dy66AtNI
We also shouldn’t use the AppStore if it exists, due to non-free apps.
Known files: > usr/share/dbus-1/system-services/com.deepin.daemon.Apps.service > etc/appstore.json
|
|
Any | Bug Report | High | Critical | [light-locker] returns error while tries load shared li ... | Closed | |
Task Description
Description: The light-locker package returns error while tries load shared library libsystemd.so.0.
Additional info: * package version(s): light-locker-1.6.0-3
Steps to reproduce:
Install the package:
$ sudo pacman -S light-locker
Run it:
$ light-locker
Then, you get the following message:
light-locker: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory
|
|
Any | Bug Report | High | Critical | [utox] package needs rebuilding | Closed | |
Task Description
I get this error when trying to run it:
$ utox utox: error while loading shared libraries: libtoxencryptsave.so.1: cannot open shared object file: No such file or directory
|
|
Any | Bug Report | High | Critical | [zathura-ps] needs to be recompiled | Closed | |
Task Description
Description: Since the update to 0.3.9 (or the update of girara to 0.2.9), zathura-pdf-poppler returns the following error:
error: Could not load plugin '/usr/lib/zathura/ps.so' (libgirara-gtk3.so.2: cannot open shared object file: No such file or directory).
|
|
Any | Bug Report | High | Critical | [links][elinks] segmentation fault after start by termi ... | Closed | |
Task Description
Description:
Additional info: * package version(s)
links 2.14-2
elinks 0.13-18
* config and/or log files etc.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4295e43 in strchrnul () from /usr/lib/libc.so.6
[New Thread 0x7ffff4dfb700 (LWP 8393)]
Thread 1 "elinks" received signal SIGSEGV, Segmentation fault.
0x00007ffff5fa3e43 in strchrnul () from /usr/lib/libc.so.6
Steps to reproduce:
|
|
Any | Security Issue | High | Critical | [octopi] uploads system logs to ptpb.pw without confirm ... | Closed | |
Task Description
Octopi 0.9.0 is uploading system logs to ptpb.pw without confirmation through :
Tools → SysInfo → ptpb.pw
I think it should be either disabled or add at least a patch to ask for a confirmation. An other way could be to patch this :
src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255: QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- https://ptpb.pw/?u=1", tempFile->fileName());
256: return ptpb;
to :
src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255: QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- **https://ptpb.pw/", tempFile->fileName());
256: return ptpb;
This way, you can at least ask for log deletion with the help of log uuid as explained here : https://ptpb.pw/#id10
|
|
Stable | Update Request | High | Critical | [system-config-printer] update to 1.5.11 | Closed | |
Task Description
Description:
this release is mostly bugfix, updated translations, removed some deprecated parts in code (abandoning libgnome-keyring and starting using libsecret) and in UI and added Till’s patches from Ubuntu (Thank you, Till!).
Additional info: * package version(s)
# pacman -Si system-config-printer
Repositorio : extra
Nombre : system-config-printer
Versión : 1.5.9-2
Descripción : A CUPS printer configuration tool and status applet
Arquitectura : x86_64
URL : https://github.com/zdohnal/system-config-printer
Licencias : GPL
Grupos : Nada
Provee : Nada
Depende de : python-pycups python-dbus python-pycurl libnotify python-requests python-gobject gtk3 python-cairo
Dependencias opcionales : python-pysmbc: SMB browser support
python-packagekit: to install drivers with PackageKit
cups-pk-helper: PolicyKit helper to configure cups with fine-grained privileges
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 908,59 KiB
Tamaño de la instalación : 7159,00 KiB
Encargado : Andreas Radke <andyrtr@archlinux.org>
Fecha de creación : vie 27 ene 2017 04:18:24 -03
Validado por : Suma MD5 Suma SHA-256 Firma
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Bug Report | High | Critical | [electrum] updated package still does not work | Closed | |
Task Description
Here is the terminal output:
$ electrum Error: No module named ‘aiorpcx’. Try ‘sudo python3 -m pip install <module-name>
I think a newer python version (e.g. 3.7) might be needed in order to get it to work as well as even after installing missing modules via pip locally the package does not run.
|
|
Stable | Bug Report | High | Critical | [gufw] FileNotFoundError: [Errno 2] '/usr/sbin/ufw': ' ... | Closed | |
Task Description
gufw 17.04.1-3
Impossible to start application, error message :
FileNotFoundError: [Errno 2] Aucun fichier ou dossier de ce type: '/usr/sbin/ufw': '/usr/sbin/ufw'
|
|
Stable | Bug Report | High | Critical | [postfix][FHS] multiple issues, need rebuilding | Closed | |
Task Description
Description: Postfix is a mess, first it failed to start (running ‘postfix start’) with the following:
postfix: fatal: chdir(/usr/lib/postfix/bin): No such file or directory
Then, to solve this, I symlinked /usr/libexec/postfix to /usr/lib/postfix/bin, because there were the binaries, but then it came with the following:
# postfix start
/usr/lib/postfix/bin/postfix-script: line 89: /usr/bin/postconf: No such file or directory
/usr/lib/postfix/bin/postfix-script: line 90: /usr/bin/postlog: No such file or directory
Because all the post* bins where now in /usr/sbin, so I symlinked them to /usr/bin, and it could finally run, but with many warnings
# postfix start
postfix/postfix-script: warning: symlink leaves directory: /usr/lib/postfix/./bin
postfix/postfix-script: warning: not owned by group postdrop: /usr/bin/postqueue
postfix/postfix-script: warning: not owned by group postdrop: /usr/bin/postdrop
postfix/postfix-script: warning: not set-gid or not owner+group+world executable: /usr/bin/postqueue
postfix/postfix-script: warning: not set-gid or not owner+group+world executable: /usr/bin/postdrop
postfix/postfix-script: starting the Postfix mail system
Additional info: * postfix 3.2.2-1.hyperbola6
|
|
Stable | Freedom Issue | High | Critical | [smplayer] Removal of unfree "Chromecast"-plugin | Closed | |
Task Description
Within the current version of smplayer in the repositories a proprietary interface to Chromecast is activated and therefore a risk for privacy of the users as this hardware is the complete opposite of freedom.
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
Task Description
https://security-tracker.debian.org/tracker/CVE-2018-1088
http://openwall.com/lists/oss-security/2018/04/18/1
https://bugs.debian.org/896128
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Upstream patches: https://review.gluster.org/#/c/19899/1..2
Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2
|
|
Any | Feature Request | Medium | Critical | [hostapd] add 802.11r support | Closed | |
Task Description
Description:
In External Linkhttps://git.hyperbola.info:50100/packages/community.git/tree/hostapd/config an option is missing to support 802.11r:
Adding “CONFIG_IEEE80211R=y”
Additional info: * hostapd 2.6
|
|
Any | Bug Report | Medium | Critical | [wesnoth]: prevents upgrade of Hyperbola, colliding fil ... | Closed | |
Task Description
Description:
I have tried to upgrade hyperbola.
Critical upgrades cannot be installed when wesnoth is installed, there are conflicting files
Steps to reproduce:
:: Proceed with installation? [Y/n] y
:: Retrieving packages...
arch-keyring-201808... 1605.2 KiB 617K/s 00:03 [#########] 100%
hyperbola-keyring-2... 215.9 KiB 635K/s 00:00 [#########] 100%
linux-libre-lts-4.9... 59.6 MiB 749K/s 01:22 [#########] 100%
openvpn-2.4.6-1.hyp... 402.2 KiB 1149K/s 00:00 [#########] 100%
iceweasel-uxp-52.9.... 39.8 MiB 839K/s 00:49 [#########] 100%
libgdm-3.24.1-1.hyp... 57.3 KiB 1912K/s 00:00 [#########] 100%
ntp-4.2.8.p11-2.hyp... 1798.4 KiB 833K/s 00:02 [#########] 100%
sddm-0.14.0-2.hyper... 3.2 MiB 770K/s 00:04 [#########] 100%
lxdm-0.5.3-4.hyperb... 98.4 KiB 984K/s 00:00 [#########] 100%
tp_smapi-lts-0.43-1... 26.6 KiB 2.60M/s 00:00 [#########] 100%
wesnoth-data-1.14.4... 395.1 MiB 745K/s 09:03 [#########] 100%
wesnoth-1.14.4-1.hy... 5.5 MiB 616K/s 00:09 [#########] 100%
(12/12) checking keys in keyring [#########] 100%
(12/12) checking package integrity [#########] 100%
(12/12) loading package files [#########] 100%
(12/12) checking for file conflicts [#########] 100%
error: failed to commit transaction (conflicting files)
/usr/share/icons/hicolor/128x128/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/16x16/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/256x256/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/32x32/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/512x512/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/icons/hicolor/64x64/apps/wesnoth-icon.png exists in both 'wesnoth-data' and 'wesnoth'
/usr/share/metainfo/wesnoth.appdata.xml exists in both 'wesnoth-data' and 'wesnoth'
Errors occurred, no packages were upgraded.
|
|
Stable | Implementation Request | Medium | Critical | [strongswan] add new package | Closed | |
Task Description
Description:
Package strongSwan is missing. Can it please be added to relevant repository? The package’s presence is critical for using IKEv2 in VPN.
Additional info:
* Source: Please see added link
Steps to reproduce:
N/A
|
|
Testing | Bug Report | Medium | Critical | [rsyslog] wrong reference to /usr/bin/rsyslog in /etc/l ... | Closed | |
Task Description
In `/etc/logrotate.d/rsyslog`, line 5:
/usr/bin/killall -HUP /usr/bin/rsyslogd
should now read as follows:
/usr/bin/killall -HUP /usr/sbin/rsyslogd
|
|
Stable | Bug Report | Medium | Critical | [mkinitcpio] crc32c_generic module missing with regular ... | Closed | |
Task Description
With latest 0.3 hyperbola, with the (simple) following partitioning :
/ (ext4)
/swap
The standard HOOK in /etc/mkinitcpio.conf
"HOOKS="base udev autodetect modconf block filesystems keyboard fsck"
fails to include crc32c_generic module, resulting in non bootable system.
The generated fallback initramfs include it though.
The issue was not present with 0.2.9, with the exact same partitioning.
|
|
Stable | Bug Report | Medium | Critical | [virt-manager] Failed to initialize a valid firewall ba ... | Closed | |
Task Description
[virt-manager] Failed to initialize a valid firewall backend
I cannot start any virtual machine with current virt-manager. The error message is the following :
Failed to initialize a valid firewall backend
My username is in “kvm” group.
The only modification to the libvirt config files I made are in /etc/libvirt/qemu.conf
[...]
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
#user = "root"
user = "david"
[...]
The libvirtd service is enabled (and start without error) Also, the optional dependencies are correctly installed :
ebtables: required for default NAT networking [installed]
dnsmasq: required for default NAT/DHCP for guests [installed]
bridge-utils: for bridged networking [installed]
This was working fine previously (with 0.2.9) so I don’t know why this isn’t working anymore. As said previously, my config hasn’t changed.
|
|
Stable | Bug Report | Medium | Critical | [v4l-utils] Error in `dvbv5-scan': double free or corru ... | Closed | |
Task Description
With : v4l-utils 1.12.3-1.hyperbola1
dvb5-scan utility currently segfaults with rtl2832
*** Error in `dvbv5-scan': double free or corruption (fasttop): 0x000000000090be90 ***
======= Backtrace: =========
/lib/libc.so.6(+0x727ad)[0x7f4f9a9657ad]
/lib/libc.so.6(+0x78e6f)[0x7f4f9a96be6f]
/lib/libc.so.6(+0x796ce)[0x7f4f9a96c6ce]
/usr/lib/libdvbv5.so.0(free_dvb_dev+0x13)[0x7f4f9acafa53]
/usr/lib/libdvbv5.so.0(dvb_dev_free_devices+0x28)[0x7f4f9acafaf8]
/usr/lib/libdvbv5.so.0(dvb_dev_free+0x4e)[0x7f4f9acafe2e]
dvbv5-scan[0x401729]
/lib/libc.so.6(__libc_start_main+0xf1)[0x7f4f9a9135a1]
dvbv5-scan[0x4019fa]
This seems to have been fixed, see :
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
I don’t know if a patch is available for it though..
|
|
Stable | Bug Report | Medium | Critical | [lynis] Unable to run audit on remote target because of ... | Closed | |
Task Description
With lynis 2.4.8-1.hyperbola2
sudo lynis audit system remote 192.168.0.100
fails because dmidecode is not installed to /usr/sbin/ :
/usr/share/lynis/include/functions: line 1359: /usr/sbin/dmidecode: No such file or directory
With hyperbola 0.3 :
which dmidecode
/usr/bin/dmidecode
|
|
Stable | Bug Report | Medium | Critical | [torsocks] which: no getcap | Closed | |
Task Description
Current torsocks version is broken. It returns the following error when attempting to torify application :
which: no getcap
|
|
Stable | Bug Report | Medium | Critical | [apache][modules][FHS] move external modules to new loc ... | Closed | |
Task Description
Description: The apache pkg has a symlink in /etc/httpd/modules which points to /usr/lib/httpd/modules, and it’s wrong because modules are now located at /usr/libexec/httpd/modules
Also, packages that have apache modules, like:
extra/php-apache
community/mod_wsgi
community/mod_wsgi2
have them in the old location, so they need to be rebuilt.
Additional info:
|
|
Stable | Bug Report | Medium | Critical | [roundcubemail-lts] not compatible with PHP 7.1 | Closed | |
Task Description
Description: After replacing roundcubemail with roundcubemail-lts, I got the following error:
PHP Warning: session_start(): Failed to read session data: user (path: ) in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_session.php on line 117
And going back to the non-lts version solved it
Additional info: It looks like it is a problem of roundcube-lts not being fully compatible with PHP 7.1, maybe a backport could fix the issue
Steps to reproduce: 1) Install roundcube 2) open it in a web browser 3) Check /var/log/roundcubemail/errors
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
|
|
Any | Bug Report | Low | Critical | [openvswitch-lts] netifrc fails to start openvwitch int ... | Closed | |
|
|
Any | Bug Report | Low | Critical | [hostapd] fails to start at boot when using openvwitch ... | Closed | |
|
|
Any | Bug Report | Very Low | Critical | [apache]: cannot start if NetworkManager is not started | Closed | |
|
|
Any | Freedom Issue | Very Low | Critical | [flatpak] Access to proprietary applications | Closed | |
|
|
Any | Feature Request | Very High | High | [linux-libre-*] add missing installed kernel configurat ... | Closed | |
|
|
Any | Bug Report | Very High | High | [android-udev] [MTP] unable to mount Android phone | Closed | |
|
|
Any | Feature Request | Very High | High | [kmod] when dummy.ko is loaded, dummy0 interface is loa ... | Closed | |
|
|
Any | Security Issue | Very High | High | [gnupg] CVE-2018-12020 | Closed | |
|
|
Any | Update Request | Very High | High | [babl] update package to v0.1.50 | Closed | |
|
|
Any | Update Request | Very High | High | [gegl] update package to 0.3.34 | Closed | |
|
|
Any | Backport Request | Very High | High | [gegl] update package to 0.4.2 backport | Closed | |
|
|
Any | Backport Request | Very High | High | [gimp] update package to 2.10.2 backport | Closed | |
|
|
Any | Update Request | Very High | High | [krita] update to 3.1.4 version | Closed | |
|
|
Any | Backport Request | Very High | High | [tcpreplay] update package to 4.2.6 backport | Closed | |
|
|
Any | Implementation Request | Very High | High | [ring] add new package | Closed | |
|
|
Any | Feature Request | Very High | High | [amule] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [deluge] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [gnunet] contains systemd unit file | Closed | |
|
|
Any | Feature Request | Very High | High | [mldonkey] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [timidity++] contains systemd unit file | Closed | |
|
|
Any | Feature Request | Very High | High | [wesnoth] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [sage-notebook] contains systemd unit file | Closed | |
|
|
Any | Feature Request | Very High | High | [evolution-data-server] contains systemd unit files | Closed | |
|
|
Any | Feature Request | Very High | High | [gnome-terminal] contains systemd unit file | Closed | |
|