| Age | Commit message (Collapse) | Author |
|---|
|
Implementing a parser with recursion isn't the best idea, but in
practice we should get away with it for the time being to avoid
needless codechurn.
Closes: #920317 #921037
|
|
Verify data being sent by methods in SendMessage()
See merge request apt-team/apt!48
|
|
These methods are not supposed to be used anymore, they are
not actively maintained and may hence contain odd bugs.
Fixes !49
|
|
As a follow-up for CVE-2019-3462, add checks similar to those
for redirect to the central SendMessage() function. The checks
are a bit more relaxed for values - they may include newlines
and unicode characters (newlines get rewritten, so are safe).
For keys and the message header, the checks are far more strict:
They may only contain alphanumerical characters, the hyphen-minus,
and the horizontal space.
In case the method tries to send anything else, we construct a
legal 400 URI Failed response, and send that. We specifically do
not include the item URI, in case it has been compromised (that
would cause infinite recursion).
|
|
private-json-hooks.cc: deal with EPIPE
See merge request apt-team/apt!47
|
|
While running our CI we noticed that sometimes we see an error
from the new json hooks code. The error message is:
```
E: Could not read response to hello message from hook [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true: Broken pipe
```
when purging the snapd package which provides the hook. This indicates
that we should probably also consider EPIPE not an error (just like
we do for ECONNRESET). This PR does exactly this.
|
|
Add a "reinstall" command as an alias for "install --reinstall".
See merge request apt-team/apt!46
|
|
aptitude has a similar "reinstall" command for precedent.
|
|
|
|
apt Debian release 1.8.0~alpha3.1
|
|
|
|
This fixes a security issue that can be exploited to inject arbritrary debs
or other files into a signed repository as followed:
(1) Server sends a redirect to somewhere%0a<headers for the apt method> (where %0a is
\n encoded)
(2) apt method decodes the redirect (because the method encodes the URLs before
sending them out), writting something like
somewhere\n
<headers>
into its output
(3) apt then uses the headers injected for validation purposes.
Regression-Of: c34ea12ad509cb34c954ed574a301c3cbede55ec
LP: #1812353
(cherry picked from commit 5eb01ec13f3ede4bae5e60eb16bd8cffb7c03e1b)
|
|
|
|
Not needed since quite some time.
|
|
Report keys used to sign file from gpgv method to acquire system
See merge request apt-team/apt!44
|
|
This fixes a security issue that can be exploited to inject arbritrary debs
or other files into a signed repository as followed:
(1) Server sends a redirect to somewhere%0a<headers for the apt method> (where %0a is
\n encoded)
(2) apt method decodes the redirect (because the method encodes the URLs before
sending them out), writting something like
somewhere\n
<headers>
into its output
(3) apt then uses the headers injected for validation purposes.
Regression-Of: c34ea12ad509cb34c954ed574a301c3cbede55ec
LP: #1812353
|
|
Move everything up one "old", and change testing to be
bullseye.
|
|
This prepares us for the upcoming buster release, as buster
is the main release series for this series (the other being
Ubuntu disco).
|
|
LP: #1812696
|
|
Telling the acquire system which keys caused the gpgv method to
succeed allows us for now just a casual check if the gpgv method
really executed catching bugs like CVE-2018-0501, but we will make use
of the information for better features in the following commits.
|
|
Having a method take a bunch of string vectors is bad style, so we
change this to a wrapping struct and adapt the rest of the code brushing
it up slightly in the process, which results even in a slightly "better"
debug output, no practical change otherwise.
Gbp-Dch: Ignore
|
|
|
|
|
|
|
|
In C++17 `register` keyword was removed. Current gcc 8.1.0 produces
following warning if `-std=c++17` flag is used:
warning: ISO C++17 does not allow 'register' storage class specifier
[-Wregister]
GCC almost completely ignores `register` keyword, with rare exception of
`-O0` when additional copy from/to stack may be generated.
For simplicity of the codebase it is better to just remove this
problematic keyword where it is not strictly required.
See: http://en.cppreference.com/w/cpp/language/storage_duration
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
apt-mark minimize-manual
See merge request apt-team/apt!39
|
|
zh_CN.po: Update Simplified Chinese programs translation.
See merge request apt-team/apt!43
|
|
|
|
This visits dependencies of all manually installed metapackages,
as determined by APT::Never-MarkAuto-Sections, and marks them as
automatically installed. It can be used to clean up autoflags after
a d-i install, for example.
|
|
This used to be "apt-cache stats does not take any arguments", but
replace "apt-cache stats" with "%s" so we can reuse it for other
commands.
Gbp-Dch: ignore
|
|
We need to show a yes/no prompt in minimize-manual, and
pretty package names, so export them here.
Gbp-Dch: ignore
|
|
|
|
Pu/speedups
See merge request apt-team/apt!42
|
|
We called low-level ParseDepends without an architecture each time,
which means each call looked up the native architecture. Store the
native architecture in the class and use that when calling low-level
ParseDepends from the high-level ParseDepends().
This improves performance for a cache build from 2.7 to 2.5 seconds
for me.
Also avoid a call when stripping multiarch, as the native architecture
is passed in.
|
|
|
|
This is more than twice as fast as adler32, but could be made another
50% faster by calculating crcs for 8 byte blocks in "parallel" (without
data dependency) and then combining them. But that's complicated code.
Reference measurements for hashing the cache 100 times:
adler32=2.46s xxhash64=0.64 xxhash32=1.12
crc32c(this)=1.10 crc32c(opt)=0.44s
|
|
Closes: #916358
|
|
Closes: #915952
|
|
|
|
Set PATH=/usr/sbin:/usr/bin:/sbin:/bin when running dpkg
See merge request apt-team/apt!38
|
|
This avoids a lot of problems from local installations of
scripting languages and other stuff in /usr/local for which
maintainer scripts are not prepared.
[v3: Inherit PATH during tests, check overrides work]
[v2: Add testing]
|
|
Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)
See merge request apt-team/apt!37
|
|
This allows us to install matching auth files for sources.list.d
files, for example; very useful.
This converts aptmethod's authfd from one FileFd to a vector of
pointers to FileFd, as FileFd cannot be copied, and move operators
are hard.
|
|
FileFd could be copied using the default copy constructor,
which does not work, and then causes code to crash.
|
|
Use quoted tagnames in config dumps
See merge request apt-team/apt!32
|
|
Remove old derivatives
See merge request apt-team/apt!31
|
|
[l10n] Update Italian translation
See merge request apt-team/apt!35
|
|
Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
See merge request apt-team/apt!34
|
|
Signed-off-by: Milo Casagrande <milo@milo.name>
|
|
This adds a new "autopurge" command that will is a shortcut for
"autoremove --purge"
Thanks: Michael Vogt for the initial work
|
