|
Packages | Any | Security Issue | Very High | Critical | [electrum] JSONRPC vulnerability | Closed | |
Task Description
Our current version is vulnerable
|
|
Packages | Any | Privacy Issue | Very High | Critical | [openrc] Google in init.d and conf.d configuration (ne ... | Closed | |
Task Description
/etc/init.d/net-online
-----
Line #62
ping_test_host="${ping_test_host:-google.com}"
_____
/etc/conf.d/net-online
-----
# The default is google.com.
|
|
Services | HyperWeb Issue | Bug Report | Very High | Critical | 404 Not Found @ Package sources repository @ package fo ... | Closed | |
Task Description
The hyperlink “Package sources repository” in the footer is wrong here.
This has to be changed from https://repo.hyperbola.info:50000/distribution/testing/sources to https://repo.hyperbola.info:50000/sources/ (I guess)
|
|
Services | CGit Branding | Freedom Issue | Very High | Critical | PNG logo without license | Closed | |
Task Description
Hi,
I am trying to find the license for the PNG file here: https://repo.hyperbola.info:50000/other/syslinux/ It is like the license is missing, I found the license for SVG in the file itself.
Perhaps there are other files with the same issue.
Thanks!
|
|
Packages | Any | Security Issue | Very High | Critical | [libssh] CVE-2018-10933 | Closed | |
Task Description
Description: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.
Additional info: * package version(s) : extra/libssh 0.7.5-1
CVE
|
|
Packages | Any | Security Issue | Very High | Critical | [openldap] 2.4.44 multiple security issues | Closed | |
Task Description
Description: Changelog
2.4.46 is fixing a huge quantity of issues (TLS related & memory leak)
Additional info: * package version(s) : 2.4.44
|
|
Packages | Any | Security Issue | Very High | Critical | [grub2] UEFI SecureBoot vulnerability + multiple flaws ... | Closed | |
Task Description
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/
https://9to5linux.com/grub2-boot-failure-issues-fixed-in-debian-and-ubuntu-update-now
|
|
Packages | Any | Feature Request | Medium | Critical | [hostapd] add 802.11r support | Closed | |
Task Description
Description:
In External Linkhttps://git.hyperbola.info:50100/packages/community.git/tree/hostapd/config an option is missing to support 802.11r:
Adding “CONFIG_IEEE80211R=y”
Additional info: * hostapd 2.6
|
|
Packages | Any | Bug Report | Low | Critical | [openvswitch-lts] netifrc fails to start openvwitch int ... | Closed | |
Task Description
Description:
During openrc boot, ‘net’ starts before ‘ovs-vswitchd’ and result to an error and not attributing IP to the openvswitch interface:
ERROR: interface vswitch does not exist Ensure that you have loaded the correct kernel module for your hardware ERROR: net.vswitch failed to start /run/openvswitch: creating directory Starting ovsdb-server ... Starting ovs-vswitchd ..
Additional info:
As a workaround I have added after modules ovs-vswitchd line #39 to /etc/init.d/net.lo and it solves the issue.
I think it would require an if statement to append ovs-vsitchd to line #39 in case openvswitch is installed and activated.
After my change, rc.log:
/run/openvswitch: creating directory Starting ovsdb-server ... Starting ovs-vswitchd ... Bringing up interface vswitch Caching network module dependencies need dbus 10.XX.XX.XX/24 ... Adding routes default via 10.XX.XX.XX
Steps to reproduce:
|
|
Packages | Any | Bug Report | Low | Critical | [hostapd] fails to start at boot when using openvwitch ... | Closed | |
Task Description
Hostapd is failing at boot with :
Starting hostapd ... Configuration file: /etc/hostapd/hostapd.conf ovs-vsctl: unix:/run/openvswitch/db.sock: database connection failed (No such file or directory)
Hostapd should start “after ovs-vswitchd”
If I add it to /etc/init.d/hostapd, I don’t have the issue anymore
|
|
Packages | Any | Feature Request | Very Low | Critical | [openldap] needs OpenRC init script | Closed | |
Task Description
pacman -Si openldap Repository : core Name : openldap Version : 2.4.44-4.hyperbola3 Description : Lightweight Directory Access Protocol (LDAP) client and
server, with OpenRC support
Architecture : x86_64 URL : https://www.openldap.org/ Licenses : custom Groups : None Provides : None Depends On : libldap>=2.4.44 libltdl unixodbc Optional Deps : None Conflicts With : None Replaces : None Download Size : 1282.52 KiB Installed Size : 3990.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Wed 21 Feb 2018 08:09:38 PM CET Validated By : MD5 Sum SHA-256 Sum Signature
pacman -Ql openldap | grep /usr/lib/ openldap /usr/lib/ openldap /usr/lib/openldap/ openldap /usr/lib/openldap/accesslog-2.4.so.2 openldap /usr/lib/openldap/accesslog-2.4.so.2.10.7 openldap /usr/lib/openldap/accesslog.so openldap /usr/lib/openldap/auditlog-2.4.so.2 openldap /usr/lib/openldap/auditlog-2.4.so.2.10.7 openldap /usr/lib/openldap/auditlog.so openldap /usr/lib/openldap/collect-2.4.so.2 openldap /usr/lib/openldap/collect-2.4.so.2.10.7 openldap /usr/lib/openldap/collect.so openldap /usr/lib/openldap/constraint-2.4.so.2 openldap /usr/lib/openldap/constraint-2.4.so.2.10.7 openldap /usr/lib/openldap/constraint.so openldap /usr/lib/openldap/dds-2.4.so.2 openldap /usr/lib/openldap/dds-2.4.so.2.10.7 openldap /usr/lib/openldap/dds.so openldap /usr/lib/openldap/deref-2.4.so.2 openldap /usr/lib/openldap/deref-2.4.so.2.10.7 openldap /usr/lib/openldap/deref.so openldap /usr/lib/openldap/dyngroup-2.4.so.2 openldap /usr/lib/openldap/dyngroup-2.4.so.2.10.7 openldap /usr/lib/openldap/dyngroup.so openldap /usr/lib/openldap/dynlist-2.4.so.2 openldap /usr/lib/openldap/dynlist-2.4.so.2.10.7 openldap /usr/lib/openldap/dynlist.so openldap /usr/lib/openldap/memberof-2.4.so.2 openldap /usr/lib/openldap/memberof-2.4.so.2.10.7 openldap /usr/lib/openldap/memberof.so openldap /usr/lib/openldap/nssov.so openldap /usr/lib/openldap/nssov.so.0 openldap /usr/lib/openldap/nssov.so.0.0.0 openldap /usr/lib/openldap/pcache-2.4.so.2 openldap /usr/lib/openldap/pcache-2.4.so.2.10.7 openldap /usr/lib/openldap/pcache.so openldap /usr/lib/openldap/ppolicy-2.4.so.2 openldap /usr/lib/openldap/ppolicy-2.4.so.2.10.7 openldap /usr/lib/openldap/ppolicy.so openldap /usr/lib/openldap/refint-2.4.so.2 openldap /usr/lib/openldap/refint-2.4.so.2.10.7 openldap /usr/lib/openldap/refint.so openldap /usr/lib/openldap/retcode-2.4.so.2 openldap /usr/lib/openldap/retcode-2.4.so.2.10.7 openldap /usr/lib/openldap/retcode.so openldap /usr/lib/openldap/rwm-2.4.so.2 openldap /usr/lib/openldap/rwm-2.4.so.2.10.7 openldap /usr/lib/openldap/rwm.so openldap /usr/lib/openldap/seqmod-2.4.so.2 openldap /usr/lib/openldap/seqmod-2.4.so.2.10.7 openldap /usr/lib/openldap/seqmod.so openldap /usr/lib/openldap/sssvlv-2.4.so.2 openldap /usr/lib/openldap/sssvlv-2.4.so.2.10.7 openldap /usr/lib/openldap/sssvlv.so openldap /usr/lib/openldap/syncprov-2.4.so.2 openldap /usr/lib/openldap/syncprov-2.4.so.2.10.7 openldap /usr/lib/openldap/syncprov.so openldap /usr/lib/openldap/translucent-2.4.so.2 openldap /usr/lib/openldap/translucent-2.4.so.2.10.7 openldap /usr/lib/openldap/translucent.so openldap /usr/lib/openldap/unique-2.4.so.2 openldap /usr/lib/openldap/unique-2.4.so.2.10.7 openldap /usr/lib/openldap/unique.so openldap /usr/lib/openldap/valsort-2.4.so.2 openldap /usr/lib/openldap/valsort-2.4.so.2.10.7 openldap /usr/lib/openldap/valsort.so openldap /usr/lib/slapd
|
|
Packages | Any | Security Issue | Very Low | Critical | [toxcore] Memory leak bug | Closed | |
Task Description
Description: https://blog.tox.chat/2018/10/memory-leak-bug-and-new-toxcore-release-fixing-it/
The bug is fixed in TokTok c-toxcore v0.2.8. The bug is also fixed in the master branch of irungentoo’s toxcore, in commit bf69b54f64003d160d759068f4816b2d9b2e1e21. As a general reminder, if you are still using irungentoo’s toxcore, we strongly encourage you to switch to using TokTok c-toxcore instead as it’s a lot more actively developed and maintained.
|
|
Packages | Any | Security Issue | Very Low | Critical | [dokuwiki] CVEs | Closed | |
Task Description
Our current dokuwiki 20170219_b-1 has two serious CVE.
Error message attached after the first installation
|
|
Packages | Any | Security Issue | Very Low | Critical | [tcpreplay] CVEs | Closed | |
Task Description
A huge number of CVEs have been fixed on 4.3.1 :
CVE-2018-20552 CVE-2018-20553 CVE-2018-18408 CVE-2018-18407 CVE-2018-17974 CVE-2018-17580 CVE-2018-17582 CVE-2018-13112
Current Hyperbola version is 4.2.6
|
|
Packages | Any | Backport Request | Very High | High | [tcpreplay] update package to 4.2.6 backport | Closed | |
Task Description
Description:
Update package to 4.2.6 backport because of multiple security flaw and bugs
Additional info: * current Hyperbola package version is 4.1.0-1 from December 2014
Example of fix from 4.1.0-1:
* AFL detected security crash in fuzz feature * tcpcapinfo buffer overflow vulnerablily * Buffer overflow bug in tcpprep
Steps to reproduce:
none
|
|
Packages | Any | Implementation Request | Very High | High | [ring] add new package | Closed | |
Task Description
Description:
Ring is a free and universal communication platform which preserves the users’ privacy and freedoms. https://ring.cx/
Entirely inline with Hyperbola distro.
|
|
Packages | Any | Feature Request | Very High | High | [phpldapadmin] needs OpenRC init script | Closed | |
Task Description
pacman -Qi phpldapadmin Name : phpldapadmin Version : 1.2.3-8 Description : A PHP and hence web-based tool to administrate LDAP over
the WWW
Architecture : any URL : http://phpldapadmin.sourceforge.net/ Licenses : GPL Groups : None Provides : None Depends On : libldap php php-ldap Optional Deps : None Required By : None Optional For : None Conflicts With : None Replaces : None Installed Size : 3.03 MiB Packager : Sergej Pupykin <pupykin.s+arch@gmail.com> Build Date : Thu 02 Feb 2017 06:04:00 PM CET Install Date : Tue 10 Jul 2018 10:52:31 AM CEST Install Reason : Explicitly installed Install Script : No Validated By : Signature
|
|
Packages | Any | Bug Report | High | High | [sway] relies on systemd libraries | Closed | |
Task Description
impossible to start sway as it relies on libsystemd.so.0
error:
sway: error while loading shared libraries: libsystemd.so.0: cannot open shared object file: No such file or directory
|
|
Packages | Any | Security Issue | High | High | [isync] needs update | Closed | |
Task Description
isync is currently on 1.2.1-3, the versions is 2 years old and a lot of security/features have been implemented to the version 1.3.0
isync needs be upgraded from 1.2.1 to 1.2.3 since it is a bugfix adapted for our current snapshot in Milky Way (2017-05-08) which is using isync 1.2.x series.
|
|
Packages | Any | Security Issue | High | High | [certbot] version 0.23 is not giving the option to keep ... | Closed | |
Task Description
Description:
Common use case is to have a reverse proxy managing the certificates from let’s encrypt. If a backend server (behind the reverse proxy) needs to use SSL certificates, this requires to use certbot on the reverse proxy, generate the certificate and to move private key from the reverse proxy to the backend server.
There is another way: sharing NFS drive between servers but this breaks all the security best practices!
Today the “best” way is to SCP the private keys from a the reverse proxy to the backend server, this is not the best way and this needs to be repeated every 3 months before let’s encrypt certificate expires, moving the private key is not a best practice either.
version 0.24 brings a new function --reuse-key to reuse the same private key to renew the certificate, so this private key can stay to the backend server and no need to copy the new private key from the reverse proxy to the backend server because it was not changed during the renew.
|
|
Packages | Any | Update Request | Medium | High | [php] is out of date/support | Closed | |
Task Description
Description:
From official PHP page, our php 7.1 is out of support and security
Our package : https://www.hyperbola.info/packages/extra/x86_64/php/
PHP page : https://www.php.net/supported-versions.php
|
|
Packages | Stable | Bug Report | Very Low | High | [iceweasel-uxp] 52.9.0_20180601-8 has an issue on Tabs ... | Closed | |
Task Description
Description:
-Tabs don’t have X on the right to close it. -Download window has an issue on font.
Note: the font is smaller on Tab description and overal it is nice
Additional info: * package version(s): iceweasel-uxp 52.9.0_20180601-8
Steps to reproduce:
|
|
Packages | Any | Freedom Issue | Very Low | High | [gitlab] systemd reference & command not found during i ... | Closed | |
Task Description
(14/14) installing gitlab [##############################] 100% /tmp/alpm_bCqhHf/.INSTALL: line 2: systemd-tmpfiles: command not found
|
|
Packages | Any | Implementation Request | Very Low | High | [icinga2] add package | Closed | |
Task Description
Description: Icinga2 is a libre host, service and network monitoring program
Without it is is very difficult to monitor (CPU/Memory/Process...) Hyperbola systems under Icinga2 Web. Arch Package & Parabola Package
I already tested theses packages on Hyperbola but Systemd + other packages versions dependencies issues.
This would made a very nice addition as Hyperbola is also designed to be installed on servers & virtual machines (my case on +10 machines).
|
|
Packages | Any | Implementation Request | Very Low | High | Add MPTCP (MultiPath TCP) to Hyperbola | Closed | |
Task Description
https://aur.archlinux.org/packages/linux-mptcp/
Kernel Patch for 4.9 : http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch
Compile : https://multipath-tcp.org/pmwiki.php/Users/DoItYourself
|
|
Packages | Stable | Bug Report | Very Low | High | [nftables] init service ERROR: nftables failed to start | Closed | |
|
|
Packages | Stable | Feature Request | Medium | Medium | [openvswitch] needs OpenRC init script | Closed | |
|
|
Packages | Any | Feature Request | Medium | Medium | [offlineimap] needs OpenRC init script | Closed | |
|
|
Packages | Any | Feature Request | Medium | Medium | [pcsclite] needs OpenRC init script | Closed | |
|
|
Packages | Any | Feature Request | Medium | Medium | [openconnect] needs OpenRC init scripts | Closed | |
|
|
Packages | Any | Feature Request | Medium | Medium | [tlp] needs OpenRC init script | Closed | |
|
|
Packages | Testing | Bug Report | Medium | Medium | [iceweasel-uxp] Top Site positioning | Closed | |
|
|
Packages | Any | Drop Request | Medium | Medium | [gksu] is replaced and has to be deleted from our pacma ... | Closed | |
|
|
Packages | Any | Update Request | Very Low | Medium | [mesa] needs update | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Medium | [sway] needs OpenRC init script | Closed | |
|
|
Services | Wiki Page Issue | Implementation Request | Very Low | Medium | Add notification/subscription capabilities when a page ... | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Medium | [etherpad-lite] add package | Closed | |
|
|
Packages | Testing | Bug Report | Very Low | Medium | [iceweasel-uxp] Themes are applied but lost after closi ... | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Medium | [gitea] self-hosted git service | Closed | |
|
|
Software Development | Iceweasel-UXP | Backport Request | Very Low | Medium | Request browser add-on: New Tab Tools | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Medium | Support of MPTCP (Multipath TCP) on Hyperbola | Closed | |
|
|
Packages | Testing | Freedom Issue | Medium | Low | [iceweasel-uxp] Firefox is used on Private Browsing wit ... | Closed | |
|
|
Packages | Any | Feature Request | Very Low | Low | [i3lock-color] adding package into pacman | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Low | [wekan] add package | Closed | |
|
|
Packages | Any | Implementation Request | Very Low | Low | [moloch] add package | Closed | |
|
|
Packages | Any | Bug Report | Very Low | Low | [remmina] impossible to connect to RDP servers after re ... | Closed | |
|