Import Debian version 1.0.1ubuntu2.18

apt (1.0.1ubuntu2.18) trusty; urgency=medium

  * ExecFork: Use /proc/self/fd to determine which files to close
    (Closes: #764204) (LP: #1332440).

apt (1.0.1ubuntu2.17) trusty-security; urgency=high

  * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
    Thanks to Jann Horn, Google Project Zero for reporting the issue
    (LP: #1647467)

apt (1.0.1ubuntu2.15) trusty; urgency=medium

  * Fixes failure to download the Package index file when using
    mirror:// URL in sources.list and the archive fails to profile
    a file. APT would try the next archive in the list for .deb
    packages but did not retry when the index file failed to download.
    (LP: #1625667)

apt (1.0.1ubuntu2.14) trusty; urgency=medium

  * When using the https transport mechanism, $no_proxy is ignored if apt is
    getting it's proxy information from $https_proxy (as opposed to
    Acquire::https::Proxy somewhere in apt config). If the source of proxy
    information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
    then $no_proxy is honored. This patch makes the behavior similar for
    both methods of setting the proxy. (LP: #1575877)

apt (1.0.1ubuntu2.13) trusty; urgency=medium

  * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
    Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
    systemd, util-linux, and other packages with Pre-Depends. Many thanks to
    David Kalnischkies for figuring out the patch and Winfried PLappert for
    testing! Patch taken from Debian git. (LP: #1560797)

apt (1.0.1ubuntu2.12) trusty; urgency=medium

  [ Colin Watson ]
  * Fix lzma write support to handle "try again" case (closes: #751688,
    LP: #1553770).

  [ David Kalnischkies ]
  * Handle moved mmap after UniqFindTagWrite call (closes: #753941,
    LP: #1445436).

apt (1.0.1ubuntu2.11) trusty; urgency=medium

  * apt-pkg/packagemanager.cc:
    - fix incorrect configure ordering in the SmartConfigure step by skipping
      packages that do not need immediate action. (LP: #1347721, #1497688)

apt (1.0.1ubuntu2.10) trusty; urgency=medium

  * Fix regression from the previous upload by ensuring we're actually
    testing for the right member before iterating on it (LP: #1480592)

apt (1.0.1ubuntu2.9) trusty; urgency=medium

  * Fix regression in the Never-MarkAuto-Sections feature caused by the
    previous auto-removal fix, with inspiration drawn from the patches
    and conversation from http://bugs.debian.org/793360 (LP: #1479207)

apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low

  * fix crash for packages that have no section in their instVersion
    (LP: #1449394)

apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low

  * fix auto-removal behavior (thanks to Adam Conrad)
    LP: #1429041

apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium

  * apt-pkg/deb/dpkgpm.cc:
    - update string matching for dpkg I/O errors. (LP: #1363257)
    - properly parse the dpkg status line so that package name is properly set
      and an apport report is created. Thanks to Anders Kaseorg for the patch.
      (LP: #1353171)

apt (1.0.1ubuntu2.5) trusty-security; urgency=low

  * SECURITY UPDATE:
      - cmdline/apt-get.cc: fix insecure tempfile handling in
        apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover

apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low

  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression from the previous upload when file:/// sources
    are used and those are on a different partition than
    the apt state directory
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add

apt (1.0.1ubuntu2.3) trusty-security; urgency=low

  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)

1 files changed, 0 insertions, 193 deletions

diff --git a/test/integration/test-apt-ftparchive-src-cachedb b/test/integration/test-apt-ftparchive-src-cachedb
deleted file mode 100755
index adcca6217..000000000
--- a/test/integration/test-apt-ftparchive-src-cachedb
+++ /dev/null
@@ -1,193 +0,0 @@
-#!/bin/sh
-set -e
-
-assert_correct_sources_file() {
-    testequal "Package: bar
-Architecture: all
-Version: 1.0
-Binary: bar
-Format: 3.0 (native)
-Directory: pool/main
-Files:
- 7b57dd065e51de5905288a5104d4bef5 406 bar_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 bar_1.0.tar.gz
-Package-List:
- bar deb admin extra
-Checksums-Sha1:
- 17a40b76715f393ab7fd6485c9392a02f1adf903 406 bar_1.0.dsc
- da39a3ee5e6b4b0d3255bfef95601890afd80709 0 bar_1.0.tar.gz
-Checksums-Sha256:
- d9d7507f66a89258b6920aca47747d7a30e0e64b09ecabbf02b2efbdabf840a9 406 bar_1.0.dsc
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 bar_1.0.tar.gz
-Checksums-Sha512:
- ee0a9bfb6614159b45203fc29487d4f37387993ca0e6d6f27b80010498f3731d75753188ece307508ae9af0259bd11a6af15a1a38f0b87dbd5ea1273b7a7d53e 406 bar_1.0.dsc
- cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e 0 bar_1.0.tar.gz
-
-Package: foo
-Architecture: all
-Version: 1.0
-Binary: foo
-Format: 3.0 (native)
-Directory: pool/main
-Files:
- d144826e6f02831c1933e910c92cd7e0 171 foo_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 foo_1.0.tar.gz
-Package-List: 
- foo deb admin extra
-Checksums-Sha1:
- 979306aa3ccff3d61bba062bb6977e2493c6f907 171 foo_1.0.dsc
- da39a3ee5e6b4b0d3255bfef95601890afd80709 0 foo_1.0.tar.gz
-Checksums-Sha256:
- 8c780af8b5a6d5b3c2e2f9518940beebea52ac6d6ad7b52c082dc925cfe5b532 171 foo_1.0.dsc
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 foo_1.0.tar.gz
-Checksums-Sha512:
- 3da0240fd764657c2f3661b4d750578a9a99b0580591b133756379d48117ebda87a5ed2467f513200d6e7eaf51422cbe91c15720eef7fb4bba2cc8ff81ebc547 171 foo_1.0.dsc
- cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e 0 foo_1.0.tar.gz
-" aptsortpkgs ./aptarchive/dists/test/main/source/Sources
-}
-
-create_source_files() {
-    NAME="$1"
-    REQUEST_CLEARSIGN="$2"
-    
-    TARFILE="aptarchive/pool/main/${NAME}_1.0.tar.gz"
-    DSC_FILE="aptarchive/pool/main/${NAME}_1.0.dsc"
-    touch $TARFILE
-    if [ "$REQUEST_CLEARSIGN" = "CLEARSIGN" ]; then
-        printf -- "-----BEGIN PGP SIGNED MESSAGE-----\n\n" > $DSC_FILE
-    fi
-    cat >> $DSC_FILE << EOF
-Format: 3.0 (native)
-Source: $NAME
-Binary: $NAME
-Architecture: all
-Version: 1.0
-Package-List: 
- $NAME deb admin extra
-Files: 
- $(md5sum $TARFILE|cut -f1 -d' ') $(stat --print="%s" $TARFILE) ${NAME}_1.0.tar.gz
-EOF
-    if [ "$REQUEST_CLEARSIGN" = "CLEARSIGN" ]; then
-        cat >> $DSC_FILE <<EOF
-
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iEYEARECAAYFAk3k/VoACgkQliSD4VZixzQxlgCgpav7j68z48qNTDFuT9fLqwT5
-DFwAoIXatJFENEC371bMKTkUKlwZxQEk
-=iI9V
------END PGP SIGNATURE-----
-EOF
-    fi
-}
-
-create_clearsigned_source_files() {
-    NAME="$1"
-    create_source_files "$NAME" "CLEARSIGN"
-}
-
-#
-# main()
-#
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
-setupenvironment
-configarchitecture "i386"
-
-msgtest 'Test apt-ftparchive source with missing hashes in .dsc'
-
-mkdir -p aptarchive/pool/main
-create_source_files foo
-create_clearsigned_source_files bar
-
-mkdir -p aptarchive/dists/test/main/i18n/
-mkdir -p aptarchive/dists/test/main/source/
-
-mkdir aptarchive-overrides
-mkdir aptarchive-cache
-
-
-
-# generate with --db option
-(cd aptarchive && aptftparchive --db ./test.db sources pool/main/ \
-    -o APT::FTPArchive::ShowCacheMisses=1  \
-    > dists/test/main/source/Sources \
-    2> stats-out.txt
-    testequal " Misses in Cache: 2" grep Misses stats-out.txt
-)
-assert_correct_sources_file
-
-# generate with --db option (again to ensure its in the cache)
-(cd aptarchive && aptftparchive --db ./test.db sources pool/main/ \
-    -o APT::FTPArchive::ShowCacheMisses=1  \
-    > dists/test/main/source/Sources \
-    2> stats-out.txt  
-    testequal " Misses in Cache: 0" grep Misses stats-out.txt
-)
-assert_correct_sources_file
-
-
-
-# get ready for the "apt-ftparchive generate" command
-cat > apt-ftparchive.conf <<"EOF"
-Dir {
-  ArchiveDir "./aptarchive";
-  OverrideDir "./aptarchive-overrides";
-  CacheDir "./aptarchive-cache";
-};
-
-Default {
- Packages::Compress ". gzip bzip2";
- Contents::Compress ". gzip bzip2";
- LongDescription "false";
-};
-
-TreeDefault {
- BinCacheDB "packages-$(SECTION)-$(ARCH).db";
- SrcCacheDB "sources-$(SECTION).db";
-
- Directory  "pool/$(SECTION)";
- SrcDirectory "pool/$(SECTION)";
-
- Sources    "$(DIST)/$(SECTION)/source/Sources";
-};
-
-Tree "dists/test" {
-  Sections "main";
-  Architectures "source";
-
-};
-EOF
-
-# generate (empty cachedb)
-aptftparchive generate apt-ftparchive.conf -o APT::FTPArchive::ShowCacheMisses=1 2> stats-out.txt
-testequal " Misses in Cache: 2" grep Misses stats-out.txt
-assert_correct_sources_file
-
-
-# generate again out of the cache
-rm -f ./aptarchive/dists/test/main/source/Sources
-aptftparchive generate apt-ftparchive.conf -o APT::FTPArchive::ShowCacheMisses=1  2> stats-out.txt
-testequal " Misses in Cache: 0" grep Misses stats-out.txt
-assert_correct_sources_file
-
-
-
-# generate invalid files
-mkdir aptarchive/pool/invalid
-printf "meep" > aptarchive/pool/invalid/invalid_1.0.dsc
-testequal "
-E: Could not find a Source entry in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid
-rm -f aptarchive/pool/invalid/invalid_1.0.dsc
-
-dd if=/dev/zero of="aptarchive/pool/invalid/toobig_1.0.dsc" bs=1k count=129 2>/dev/null
-testequal "
-E: DSC file 'aptarchive/pool/invalid/toobig_1.0.dsc' is too large!" aptftparchive sources aptarchive/pool/invalid
-
-# ensure clean works
-rm -f aptarchive/pool/main/*
-aptftparchive clean apt-ftparchive.conf -o Debug::APT::FTPArchive::Clean=1 > clean-out.txt 2>&1 
-testequal "0	Number of unique keys in the tree" grep unique clean-out.txt
-testequal "sources-main.db" grep sources-main.db clean-out.txt
-
-