|
Testing | Bug Report | Medium | Medium | [Hyperbola GNU/Linux-libre 0.4] - Package [xscreensaver ... | Closed | |
Task Description
This issue affects on Lumina desktop environment on the current operating system in the testing stage of Milky Way 0.4 on QEMU.
Here’s what happened, I just tried clicking the screen saver on the preferences on the desktop menu–it happens nothing, and then I just tried searching xscreensaver-settings as an executable file on the terminal–unfortunately, it’s nothing there.
Can anyone fix and rebuild it properly?
|
|
Testing | Bug Report | Medium | Medium | [Hyperbola GNU/Linux 0.4] Problems with touch- / trackp ... | Closed | |
Task Description
Description: Not finally tested, only getting the logs from chat within here for better analysis later on. User reported that touchpad is not working for now with Hyperbola GNU/Linux 0.4. dmesg-messagelog:
[anonymous@anonymous ~]$ dmesg | grep pad [ 4.766853] psmouse serio1: synaptics: The touchpad can support a better bus than the too old PS/2 protocol. Make sure MOUSE_PS2_SYNAPTICS_SMBUS and RMI4_SMB are enabled to get a better touchpad experience. [ 4.823723] psmouse serio1: synaptics: Touchpad model: 1, fw: 8.1, id: 0x1e2b1, caps: 0xf00123/0×840300/0x2e800/0×0, board id: 3127, fw id: 8526786
|
|
Any | Feature Request | Very Low | Medium | Remove dependency of packages on pulseaudio/libpulse | Closed | |
Task Description
Similar to systemd, pulseaudio or libpulse is forced upon users as many packages require it such as kodi, gnome-shell (and thus also gdm), ffmpeg, gst-plugins-good, simplescreenrecorder, clementine, empathy, seamonkey (iceape), fluidsynth, mumble and qemu, Most/all of these packages can probably be compiled with pulseaudio or libpulse as an optional dependency instead.
|
|
Testing | Bug Report | Very Low | Medium | warzone2100 fail | Closed | |
Task Description
Description: the program game crash-down when select a tank
Additional info: * package version(s) : extra/warzone2100 3.3.0-3 * config and/or log files etc. ↓ and attach the log file
[ user | 2021-11-05 | 07:41 ] [/home/user] [0] $ warzone2100 which: no gdb in (/usr/bin:/usr/java/jre1.8.0/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/usr/local/sbin:/usr/sbin:/sbin:/home/user/.hyperterm/personal/commands:/opt/chrome) Saved dump file to ‘/home/user/.local/share/warzone2100-3.3.0//logs/warzone2100.gdmp-bspbru’ If you create a bugreport regarding this crash, please include this file. Segmentation fault
Steps to reproduce: after install, start a new campaing, select a tank, and the program crash
|
|
Testing | Bug Report | Medium | Medium | [xfontsel] Problem with font handling | Closed | |
Task Description
Description: Bug related to the font handling under Hyperbola. xfontsel doesn’t list the PCF bitmapped fonts, which are used for some legacy tools with Motif/Athena for instance. If you want to use a font with good coverage of symbols (misc fixed 10×20 iso10646-1) under DDD (for accented/non ASCII characters), you can’t, you are restricted to ASCII 9×15 fonts.
Additional info: This error happens even if all -meta font meta-packages are installed.
|
|
Any | Freedom Issue | Very Low | Low | [wireshark-qt]: using kernel name when referring to ope ... | Closed | |
Task Description
Description:
community/wireshark-qt 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - Qt frontend
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
|
|
Any | Freedom Issue | Very Low | Low | [wireshark-gtk]: using kernel name when referring to op ... | Closed | |
Task Description
Description:
community/wireshark-gtk 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - GTK frontend
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Please remove references to proprietary software.
|
|
Any | Freedom Issue | Very Low | Low | [wireshark-cli]: using kernel name when referring to op ... | Closed | |
Task Description
Description:
community/wireshark-cli 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - CLI version
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
I would remove Unix and Windows from description as those words steer users towards non-free proprietary software.
|
|
Any | Freedom Issue | Very Low | Low | [wireshark*] mentions non-free OSes in pacman descripti ... | Closed | |
Task Description
community/wireshark-cli 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - CLI version
community/wireshark-common 2.2.6-1
Common files used by wireshark-gtk and wireshark-qt
community/wireshark-gtk 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - GTK frontend
community/wireshark-qt 2.2.6-1
a free network protocol analyzer for Unix/Linux and Windows - Qt frontend
It’s better to change to a more neutral description such as “a cross-platform network protocol analyzer - CLI/GTK/Qt version”.
|
|
Any | Freedom Issue | Very Low | Low | [webkitgtk]: using "content" in description | Closed | |
Task Description
Description:
extra/webkitgtk 2.4.11-6.hyperbola1
Legacy Web content engine for GTK+ 3, without geoclue2 support
The description is vague. There is not even need to use “content” here. Web engine should be very clear. “Content” alone does not make sense.
See: https://www.gnu.org/philosophy/words-to-avoid.html#Content
|
|
Stable | Update Request | Very Low | Medium | [varnish] Missing init script | Closed | |
Task Description
Description:
Init script is missing for this package.
I think has some systemd dependecies.
/tmp/alpm_sYmHUS/.INSTALL: line 7: systemd-sysusers: command not found error: command failed to execute correctly
package version: varnish-5.1.2-1
|
|
Any | Freedom Issue | Very Low | Low | [qpdf]: using "Content" in description | Closed | |
Task Description
Description:
extra/qpdf 6.0.0-2
QPDF: A Content-Preserving PDF Transformation System
The description is vague.
See: https://www.gnu.org/philosophy/words-to-avoid.html#Content
|
|
Any | Freedom Issue | Very Low | Low | [python2-pyinotify]: using kernel name instead of opera ... | Closed | |
Task Description
Description:
community/python2-pyinotify 0.9.6-3 [installed]
Python module used for monitoring filesystems events on Linux platforms with inotify.
community/qlandkartegt 1.8.1-8
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
|
|
Any | Security Issue | Very Low | Critical | [opensmtpd] CVE-2020-8794 | Closed | |
Task Description
Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/
Qualys Security Advisory
LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)
Summary Analysis ... Acknowledgments
We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This vulnerability, an out-of-bounds read introduced in December 2015 (commit 80c6a60c, “when peer outputs a multi-line response ...”), is exploitable remotely and leads to the execution of arbitrary shell commands: either as root, after May 2018 (commit a8e22235, “switch smtpd to new grammar”); or as any non-root user, before May 2018.
Because this vulnerability resides in OpenSMTPD’s client-side code (which delivers mail to remote SMTP servers), we must consider two different scenarios:
- Client-side exploitation: This vulnerability is remotely exploitable
in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.
- Server-side exploitation: First, the attacker must connect to the
OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).
We developed a simple exploit for this vulnerability and successfully tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the first vulnerable release), Debian 10 (stable), Debian 11 (testing), and Fedora 31.
The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”
|
|
Any | Freedom Issue | Medium | Low | [openjpeg] vague terminology "Open Source" in descripti ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/openjpeg 1.5.2-1
An open source JPEG 2000 codec
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
A free software JPEG 2000 codec
|
|
Stable | Implementation Request | Medium | Medium | [materia-theme] add package | Closed | |
Task Description
A Material-like flat theme for GTK+ 2/3, and GNOME shell, released under a GNU General Public Licence (GNU GPL) 2 and later.
|
|
Stable | Update Request | Very Low | Low | [icewm] Upgrade package version | Closed | |
Task Description
The current version of the package icewm within the Hyperbola-repositories is 1.3.8. The latest version is 1.6.3! An update would be helpful as this window-manager follows absolutely the principles of the distribution Hyperbola itself, being simple and fast.
|
|
Any | Freedom Issue | Very Low | Low | [hexedit]: using kernel name instead of operating syste ... | Closed | |
Task Description
Description:
community/hexedit 1.2.13-3
Hex Editor for Linux
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
|
|
Stable | Security Issue | Very Low | Medium | [git] Multiple CVEs | Closed | |
Task Description
CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).
Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.
But I have the following error on check():
| *** prove ***
|
| Test Summary Report
| -------------------
| t5570-git-daemon.sh (Wstat: 256 Tests: 20 Failed: 10)
| Failed tests: 3-7, 15-19
| Non-zero exit status: 1
| t5811-proto-disable-git.sh (Wstat: 256 Tests: 26 Failed: 16)
| Failed tests: 2-6, 9-11, 15-19, 21-23
| Non-zero exit status: 1
| Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr 1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
| Result: FAIL
| make[1]: *** [Makefile:45: prove] Error 1
| make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
| make: *** [Makefile:2291: test] Error 2
| ==> ERROR: A failure occurred in check().
| Aborting...
This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).
|
|
Any | Freedom Issue | Very Low | Low | [clamtk]: referring to kernel name, instead of operatin ... | Closed | |
Task Description
community/clamtk 5.24-1
Easy to use, light-weight, on-demand virus scanner for Linux systems
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Description is referring to operating system, and not to the kernel itself (Linux). It shall be amended.
|
|
Any | Freedom Issue | Very Low | Low | [antiword]: referring to kernel name, when it should to ... | Closed | |
Task Description
community/antiword 0.37-6 [installed]
A free MS Word reader for Linux and RISC OS
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
Description is referring to operating system, and not to the kernel itself (Linux). It shall be amended.
|
|
Testing | Bug Report | Medium | Medium | [Hyperbola GNU/Linux 0.4] Problems with ALSA and sndio ... | Closed | |
Task Description
Description: User reporting problems with sndio. A further check with ALSA showed no active device being used. User has HDMI-sound in usage.
|
|
Stable | Bug Report | Very Low | Medium | Untrsuted gpg key | Closed | |
Task Description
Description: There is an issue with Christian Rebischke key, i’ve tried to delete /etc/pacman.d/gnupg/ and repopulate it but it doesn’t fix the issue.
error: ascii: signature from “Christian Rebischke (Arch Linux Security Team-Member) Chris.Rebischke@archlinux.org” is unknown trust File /var/cache/pacman/pkg/ascii-3.15-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Steps to reproduce:
sudo pacman -S ascii
|
|
Stable | Bug Report | Very Low | Low | Mupen64plus acts buggy | Closed | |
Task Description
the screen moves back and forth from left to right randomly, no matter what I do, any games any adapters do not work.
I wanted to have some fun with some old games...
Has anyone used mupen64plus successfully on hyperbola 0.2? I cannot get it to work without being completely confusing for the reasons I have mentioned and also, the glaring of the screen. Which only happens with mupen64plus...
|