summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog22
1 files changed, 22 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 9ed9b4d61..7ebbb1cb4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,25 @@
+apt (0.9.7.9) UNRELEASED; urgency=low
+
+ [ David Kalnischkies ]
+ * apt-pkg/indexcopy.cc:
+ - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
+ * apt-pkg/contrib/gpgv.cc:
+ - ExecGPGV is a method which should never return, so mark it as such
+ and fix the inconsistency of returning in error cases
+ - don't close stdout/stderr if it is also the statusfd
+ - if ExecGPGV deals with a clear-signed file it will split this file
+ into data and signatures, pass it to gpgv for verification and
+ recombines it after that in a known-good way without unsigned blocks
+ and whitespaces resulting usually in more or less the same file as
+ before, but later code can be sure about the format
+ * apt-pkg/acquire-item.cc:
+ - keep the last good InRelease file around just as we do it with
+ Release.gpg in case the new one we download isn't good for us
+ * apt-pkg/deb/debmetaindex.cc:
+ - reenable InRelease by default
+
+ -- David Kalnischkies <kalnischkies@gmail.com> Fri, 15 Mar 2013 14:15:43 +0100
+
apt (0.9.7.8) unstable; urgency=criticial
* SECURITY UPDATE: InRelease verification bypass