summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2017-06-28 12:57:51 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2017-06-28 19:17:57 +0200
commitcbaf353ead58aa9eefe51542b6ad91e69b6289ce (patch)
tree2487111d77a0d0c8fac42e6d87f5fa309cacd455 /debian
parent11c3624ce3575076ca52350f66d4bd2e63db5d73 (diff)
fail instead of warn on insecure repositories in apt-get
The exception was made to give (script) users a one-release grace period to adapt their setup to deal with apt enforcing signing of repositories. As we are now at the start of a new release cycle its as good a time as any to lift it now. Removes-Exception: 952ee63b0af14a534c0aca00c11d1a99be6b22b2
Diffstat (limited to 'debian')
-rw-r--r--debian/NEWS14
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS
index bff3621bc..00cb9be46 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,17 @@
+apt (1.5~) UNRELEASED; urgency=medium
+
+ The security exception for apt-get to only raise warnings if it encounters
+ unauthenticated repositories in the "update" command is gone now, so that it
+ will raise errors just like apt and all other apt-based front-ends do since
+ at least apt version 1.3.
+
+ It is possible (but STRONGLY ADVISED AGAINST) to revert to the previous
+ behaviour of apt-get by setting the option
+ Binary::apt-get::Acquire::AllowInsecureRepositories "true";
+ See apt-secure(8) manpage for configuration details.
+
+ -- David Kalnischkies <donkult@debian.org> Wed, 28 Jun 2017 12:37:12 +0200
+
apt (1.4.2) unstable; urgency=medium
If periodic updates and unattended upgrades are enabled, the start of