diff options
Diffstat (limited to 'debian')
| -rwxr-xr-x[-rw-r--r--] | debian/apt.postinst | 16 | ||||
| -rwxr-xr-x | debian/apt.postrm (renamed from debian/postrm) | 0 | ||||
| -rw-r--r-- | debian/changelog | 89 | ||||
| -rw-r--r-- | debian/control | 8 | ||||
| -rw-r--r-- | debian/gbp.conf | 2 | ||||
| -rw-r--r-- | debian/libapt-inst1.6.install.in (renamed from debian/libapt-inst1.5.install.in) | 0 | ||||
| -rw-r--r-- | debian/libapt-inst1.6.symbols (renamed from debian/libapt-inst1.5.symbols) | 10 | ||||
| -rw-r--r-- | debian/libapt-pkg4.13.install.in (renamed from debian/libapt-pkg4.12.install.in) | 0 | ||||
| -rw-r--r-- | debian/libapt-pkg4.13.symbols (renamed from debian/libapt-pkg4.12.symbols) | 3 | ||||
| -rwxr-xr-x | debian/postinst | 39 | ||||
| -rw-r--r-- | debian/tests/control | 4 |
11 files changed, 119 insertions, 52 deletions
diff --git a/debian/apt.postinst b/debian/apt.postinst index fd3e273bb..01f78a1dd 100644..100755 --- a/debian/apt.postinst +++ b/debian/apt.postinst @@ -15,6 +15,15 @@ set -e case "$1" in configure) + if dpkg --compare-versions "$2" lt 1.0.7; then + # apt-key before 0.9.10 could leave empty keyrings around + find /etc/apt/trusted.gpg.d/ -name '*.gpg' | while read keyring; do + if ! test -s "$keyring"; then + rm -f "$keyring" + fi + done + fi + if dpkg --compare-versions "$2" lt-nl 0.9.9.5; then # we are using tmpfiles for both rm -f /etc/apt/trustdb.gpg @@ -26,6 +35,13 @@ case "$1" in fi fi + # add unprivileged user for the apt methods + adduser --force-badname --system -home /var/empty \ + --no-create-home --quiet _apt || true + chown -R _apt:root \ + /var/lib/apt/lists \ + /var/cache/apt/archives + # ensure tighter permissons on the logs, see LP: #975199 if dpkg --compare-versions "$2" lt-nl 0.9.7.7; then # ensure permissions are right diff --git a/debian/postrm b/debian/apt.postrm index ae1e18d33..ae1e18d33 100755 --- a/debian/postrm +++ b/debian/apt.postrm diff --git a/debian/changelog b/debian/changelog index 36353bd95..acbe7ddba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,92 @@ +apt (1.1~exp3) experimental; urgency=medium + + [ Michael Vogt ] + * merged changes from debian/sid up to 1.0.9.1 + * Make /var/lib/apt/lists and /var/cache/apt/archives owned + by the new _apt user + * Drop Privileges in the following acquire methods: + copy, http, https, ftp, gpgv, gzip/bzip2/lzma/xz + * DropPrivs: Improvements based on feedback from error@debian.org + + [ Julian Andres Klode ] + * DropPriv: Really call seteuid and not setuid, and add more checks + * Use _apt as our unprivileged user name + * DropPrivs: Also check for saved set-user-ID and set-group-ID + * methods: Fail if we cannot drop privileges + * DropPrivs: Also check for saved set-user-ID and set-group-ID + + -- Michael Vogt <mvo@debian.org> Wed, 24 Sep 2014 22:30:09 +0200 + +apt (1.1~exp2) experimental; urgency=medium + + [ Guillem Jover ] + * Add new Base256ToNum long long overload function + * Fix ar and tar code to be LFS-safe (Closes: #742882) + + [ Michael Vogt ] + * increase libapt-inst to version 1.6 + * Only allow "apt-get build-dep path" when path starts with ./ or / + * Allow passing a full path to apt-get install /foo/bar.deb (CLoses: #752327) + * merge changes from the 1.0.6 upload + + -- Michael Vogt <mvo@debian.org> Thu, 10 Jul 2014 13:18:08 +0200 + +apt (1.1~exp1) experimental; urgency=low + + [ David Kalnischkies ] + * [API Break] change "std::string pkgAcquire::Item::DescURI()" to + "std::string pkgAcquire::Item::DescURI() const" + * [ABI-Break] increase hashtable size for packages/groups by factor 5 + * [ABI-Break] cleanup datatypes mix used in binary cache + * [internal API-Break] remove the Section member from package struct + * use 'best' hash for source authentication (LP: 1098738) + * use HashStringList in the acquire system + * deal with hashes in ftparchive more dynamic as well + * reenable pipelining via hashsum reordering support + * parse and retrieve multiple Descriptions in one record + * improve pkgTagSection scanning and parsing + * invalid cache if architecture set doesn't match (Closes: 745036) + + [ Michael Vogt ] + * add support for "apt-get build-dep foo.dsc" + * add support for "apt-get build-dep unpacked-source-dir" + * add support for "apt-get install foo_1.0_all.deb" + * make "apt-get update" progress much more accurate by loading the + sizes of the targets into the fetcher early + * Implement simple by-hash for apt update to improve reliability of + the update. Apt will try to fetch the Packages file via + /by-hash/$hash_type/$hash_value if the repo supports that. + - add APT::Acquire::$(host)::By-Hash=1 knob + - add Acquire-By-Hash=1 to Release file + * add Debug::Acquire::Progress debug option + * [ABI-Break] lp:~mvo/apt/source-hashes: + - use sha{512,256,1} for deb-src when available LP: #1098738 + * [ABI-Break] stop exporting the accidently exported parsenetrc() symbol + * [ABI-Break] remove the PACKAGE_MATCHER_ABI_COMPAT defines + * [ABI BREAK] apt-pkg/pkgcache.h: + - adjust pkgCache::State::VerPriority enum, to match reality + * test/integration/test-debsrc-hashes: + - add integration test, thanks to Daniel Hartwig + * [ABI-Break] remove the PACKAGE_MATCHER_ABI_COMPAT defines + * [ABI-Break] Pass struct IndexTarget/indexRecords to + pkgAcqIndex{,Merge}Diffs + * [internal API-Break] rename pkgCache::Package::NextPackage to + pkgCache::Package::Next + * Calculate Percent as part of pkgAcquireStatus to provide a weighted + percent for both items and bytes + * apt-pkg/contrib/macros.h: bump library version to 4.13 + * apt-private/acqprogress.cc: do not show file size on IMSHit, it wasn't + fetched + * Fix warnings from clang -Wall/clang -fsanitize=address + * add DropPrivs() and drop privileges to nobody when running the + the buildin apt and dump solvers + * lp:~mvo/apt/webserver-simulate-broken-with-fix346386: + - fix invalid InRelease file download checking and add regression + test to server broken files to the buildin test webserver + - add regression test for LP: #34638 + + -- Michael Vogt <mvo@debian.org> Thu, 19 Jun 2014 12:01:48 +0200 + apt (1.0.9.1) unstable; urgency=high [ Michael Vogt ] diff --git a/debian/control b/debian/control index 0437aa737..6d29b0250 100644 --- a/debian/control +++ b/debian/control @@ -18,7 +18,7 @@ XS-Testsuite: autopkgtest Package: apt Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg +Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg | gnupg2 Replaces: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Breaks: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Conflicts: python-apt (<< 0.7.93.2~) @@ -38,12 +38,12 @@ Description: commandline package manager * apt-config as an interface to the configuration settings * apt-key as an interface to manage authentication keys -Package: libapt-pkg4.12 +Package: libapt-pkg4.13 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} -Breaks: apt (<< 0.9.4~), libapt-inst1.5 (<< 0.9.9~) +Breaks: apt (<< 1.0.2~), libapt-inst1.5 (<< 0.9.9~) Section: libs Description: package management runtime library This library provides the common functionality for searching and @@ -61,7 +61,7 @@ Description: package management runtime library http, rsh as well as an interface to add more transports like https (apt-transport-https) and debtorrent (apt-transport-debtorrent). -Package: libapt-inst1.5 +Package: libapt-inst1.6 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} diff --git a/debian/gbp.conf b/debian/gbp.conf index ec6d9894e..135522d40 100644 --- a/debian/gbp.conf +++ b/debian/gbp.conf @@ -1,7 +1,7 @@ [DEFAULT] prebuild = ./prepare-release pre-export postbuild = ./prepare-release post-build -debian-branch = debian/sid +debian-branch = debian/experimental debian-tag = %(version)s export-dir = ../build-area sign-tags = True
\ No newline at end of file diff --git a/debian/libapt-inst1.5.install.in b/debian/libapt-inst1.6.install.in index 8bcce2c28..8bcce2c28 100644 --- a/debian/libapt-inst1.5.install.in +++ b/debian/libapt-inst1.6.install.in diff --git a/debian/libapt-inst1.5.symbols b/debian/libapt-inst1.6.symbols index 8ce707287..74c4665a2 100644 --- a/debian/libapt-inst1.5.symbols +++ b/debian/libapt-inst1.6.symbols @@ -1,9 +1,9 @@ -libapt-inst.so.1.5 libapt-inst1.5 #MINVER# +libapt-inst.so.1.6 libapt-inst1.6 #MINVER# * Build-Depends-Package: libapt-pkg-dev (c++)"ExtractTar::Done(bool)@Base" 0.8.0 (c++)"ExtractTar::Go(pkgDirStream&)@Base" 0.8.0 (c++)"ExtractTar::StartGzip()@Base" 0.8.0 - (c++)"ExtractTar::ExtractTar(FileFd&, unsigned long, std::basic_string<char, std::char_traits<char>, std::allocator<char> >)@Base" 0.8.0 + (c++)"ExtractTar::ExtractTar(FileFd&, unsigned long long, std::basic_string<char, std::char_traits<char>, std::allocator<char> >)@Base" 1.0.5 (c++)"ExtractTar::~ExtractTar()@Base" 0.8.0 (c++)"debDebFile::GotoMember(char const*)@Base" 0.8.0 (c++)"debDebFile::CheckMember(char const*)@Base" 0.8.0 @@ -11,10 +11,10 @@ libapt-inst.so.1.5 libapt-inst1.5 #MINVER# (c++)"debDebFile::ControlExtract::~ControlExtract()@Base" 0.8.0 (c++)"debDebFile::ExtractTarMember(pkgDirStream&, char const*)@Base" 0.9.15.4 (c++)"debDebFile::ExtractArchive(pkgDirStream&)@Base" 0.8.0 - (c++)"debDebFile::MemControlExtract::TakeControl(void const*, unsigned long)@Base" 0.8.0 + (c++)"debDebFile::MemControlExtract::TakeControl(void const*, unsigned long long)@Base" 1.0.5 (c++)"debDebFile::MemControlExtract::Read(debDebFile&)@Base" 0.8.0 (c++)"debDebFile::MemControlExtract::DoItem(pkgDirStream::Item&, int&)@Base" 0.8.0 - (c++)"debDebFile::MemControlExtract::Process(pkgDirStream::Item&, unsigned char const*, unsigned long, unsigned long)@Base" 0.8.0 + (c++)"debDebFile::MemControlExtract::Process(pkgDirStream::Item&, unsigned char const*, unsigned long long, unsigned long long)@Base" 1.0.5 (c++)"debDebFile::MemControlExtract::~MemControlExtract()@Base" 0.8.0 (c++)"debDebFile::debDebFile(FileFd&)@Base" 0.8.0 (c++)"pkgExtract::FinishedFile(pkgDirStream::Item&, int)@Base" 0.8.0 @@ -41,7 +41,7 @@ libapt-inst.so.1.5 libapt-inst1.5 #MINVER# (c++)"pkgDirStream::FinishedFile(pkgDirStream::Item&, int)@Base" 0.8.0 (c++)"pkgDirStream::Fail(pkgDirStream::Item&, int)@Base" 0.8.0 (c++)"pkgDirStream::DoItem(pkgDirStream::Item&, int&)@Base" 0.8.0 - (c++)"pkgDirStream::Process(pkgDirStream::Item&, unsigned char const*, unsigned long, unsigned long)@Base" 0.8.0 + (c++)"pkgDirStream::Process(pkgDirStream::Item&, unsigned char const*, unsigned long long, unsigned long long)@Base" 1.0.5 (c++)"pkgDirStream::~pkgDirStream()@Base" 0.8.0 (c++|optional)"pkgCache::DepIterator::operator++(int)@Base" 0.8.0 (c++|optional)"pkgCache::DepIterator::operator++()@Base" 0.8.0 diff --git a/debian/libapt-pkg4.12.install.in b/debian/libapt-pkg4.13.install.in index 56bed39d3..56bed39d3 100644 --- a/debian/libapt-pkg4.12.install.in +++ b/debian/libapt-pkg4.13.install.in diff --git a/debian/libapt-pkg4.12.symbols b/debian/libapt-pkg4.13.symbols index 3fa128cff..1fbbf97d6 100644 --- a/debian/libapt-pkg4.12.symbols +++ b/debian/libapt-pkg4.13.symbols @@ -1,4 +1,4 @@ -libapt-pkg.so.4.12 libapt-pkg4.12 #MINVER# +libapt-pkg.so.4.13 libapt-pkg4.13 #MINVER# * Build-Depends-Package: libapt-pkg-dev TFRewritePackageOrder@Base 0.8.0 TFRewriteSourceOrder@Base 0.8.0 @@ -22,6 +22,7 @@ libapt-pkg.so.4.12 libapt-pkg4.12 #MINVER# (c++)"StringToBool(std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int)@Base" 0.8.0 (c++)"UnmountCdrom(std::basic_string<char, std::char_traits<char>, std::allocator<char> >)@Base" 0.8.0 (c++)"_GetErrorObj()@Base" 0.8.0 + (c++)"Base256ToNum(char const*, unsigned long long&, unsigned int)@Base" 1.0.5 (c++)"pkgFixBroken(pkgDepCache&)@Base" 0.8.0 (c++)"DeQuoteString(__gnu_cxx::__normal_iterator<char const*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > > const&, __gnu_cxx::__normal_iterator<char const*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > > const&)@Base" 0.8.0 (c++)"DeQuoteString(std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)@Base" 0.8.0 diff --git a/debian/postinst b/debian/postinst deleted file mode 100755 index 1588f5241..000000000 --- a/debian/postinst +++ /dev/null @@ -1,39 +0,0 @@ -#! /bin/sh - -# apt postinst, based liberally on James Troup's gpm postinst -# Copyright (C) 1998, Ben Gertzfield <che@debian.org> - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. - -set -e - -create_apt_conf () -{ - EXAMPLE_SOURCE=/usr/share/doc/apt/examples/sources.list - if [ -f $EXAMPLE_SOURCE ]; then - cp $EXAMPLE_SOURCE /etc/apt/sources.list - fi -} - -check_apt_conf () -{ - true - # this is for future expansion -} - -#DEBHELPER# - -case "$1" in - configure) - # - # If there is no /etc/apt/sources.list then create a default - # - if [ ! -f /etc/apt/sources.list ]; then - create_apt_conf - else - check_apt_conf - fi -esac diff --git a/debian/tests/control b/debian/tests/control index f7e47c5f3..0e774d4ca 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,3 +1,3 @@ Tests: run-tests -Restrictions: allow-stderr -Depends: @, @builddeps@, fakeroot, wget, stunnel4, db-util +Restrictions: allow-stderr +Depends: @, @builddeps@, fakeroot, wget, stunnel4, db-util, gnupg, gnupg2 |