Package Details: cura-bin 5.10.0-3

Git Clone URL: https://aur.archlinux.org/cura-bin.git (read-only, click to copy)
Package Base: cura-bin
Description: State-of-the-art slicer app to prepare your 3D models for your 3D printer
Upstream URL: https://ultimaker.com/software/ultimaker-cura
Licenses: LGPL3
Conflicts: cura
Provides: cura
Submitter: prurigro
Maintainer: prurigro
Last Packager: prurigro
Votes: 52
Popularity: 0.96
First Submitted: 2022-09-02 21:14 (UTC)
Last Updated: 2025-03-31 14:58 (UTC)

Dependencies (4)

Required by (6)

Sources (2)

Latest Comments

1 2 3 4 5 6 .. 17 Next › Last »

prurigro commented on 2025-04-01 14:37 (UTC)

@sausix: Awesome, thanks for confirming!

sausix commented on 2025-03-31 18:25 (UTC)

@prurigro Seem to work on Nvidia and strict Wayland. And it saved 91Mib. Thank you!

prurigro commented on 2025-03-31 14:52 (UTC)

@mijoharas: It's sounding like the egl stuff might not be necessary for nvidia anymore. I'll remove that and see how things go for everyone.

If anyone with nvidia starts to have things break on them, please let me know!

prurigro commented on 2025-03-31 14:50 (UTC) (edited on 2025-03-31 14:58 (UTC) by prurigro)

@meirg: Sorry about missing your comment before, this is an awesome addition- thank you! I've added your xdg desktop file adjustments and credited you in the PKGBUILD.

prurigro commented on 2025-03-31 14:40 (UTC)

@balwierz: You're right, this is something that's annoyed me too and I forgot to do something about it, so thanks for the push :) I've updated the package, though didn't bump the pkgrel since the resulting build hasn't changed.

@sbrl: I agree that this isn't ideal, though these are the permissions given upstream, and the package has many many files that are subject to change between versions. I'd be curious to hear your thoughts on how these files being executable would be useful in an attack that already has access to the system. Like, in theory I could target specific file types rather than individual files, but non-owners being able to executable config files and svg files likely isn't going to cause much damage. Maybe 644ing the .so files could help though since there's binary data in there? I'm happy to discuss.

sbrl commented on 2025-03-31 12:51 (UTC)

I notice when building this package a potential security issue: a large number of files in this package are marked as executable when they shouldn't be.

Complete list of executable files is available here https://pastebin.com/M46SFH81, but the ones that worry me are those that look like icons or configuration files.

Cherry-picked examples (these are not all the ones marked +x that I am concerned about):

opt/ultimaker-cura/usr/share/icons/Adwaita/cursors/target
opt/ultimaker-cura/share/cura/resources/variants/biqu/biqu_base_0.3.inst.cfg
opt/ultimaker-cura/share/cura/resources/themes/cura-light/icons/default/Infill3.svg

system info:

$ uname -a
Linux DEVICE_NAME 6.12.18-1-lts #1 SMP PREEMPT_DYNAMIC Sat, 08 Mar 2025 23:06:20 +0000 x86_64 GNU/Linux
$ rua --version
rua 0.19.10
$ pacman --version

 .--.                  Pacman v7.0.0 - libalpm v15.0.0
[truncated]
$ # cura version affected: aur/`cura-bin` 5.10.0-1

sausix commented on 2025-02-26 17:21 (UTC)

@balwierz Welcome to the AUR where many packages compile their sources and "pollute" your stdout. Of course it's extraction. Look into the PKGBUILD. Just /dev/null the output for yourself if it annoys you. No reason to change that for everybody.

balwierz commented on 2025-02-26 13:04 (UTC)

Why does build pollute stdout with a list of all 30000+ files in the package? Is it the extraction? Could you make a workaround to silence it? Thanks

sausix commented on 2025-02-13 08:48 (UTC)

@gtf21 Works for me. So at least provide useful information. The crash message itself which can directly point to the problem, and how you run Cura: X11, Wayland or XWayland.

gtf21 commented on 2025-02-11 15:24 (UTC)

Cura (5.9.0) opens for me but when I try to open a file it crashes before opening any file dialogues etc..

1 2 3 4 5 6 .. 17 Next › Last »