summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-03-22make these retry_write methods static so that they don't end up as symbolsDavid Kalnischkies
2012-03-22* debian/rules:David Kalnischkies
- do not sed in configure.in to set the version-number * prepare-release: - add as a small script to lazy check and prepare releases
2012-03-22merge with debian-sid (some version screw going on here)David Kalnischkies
2012-03-22use the variables as the rest of the tests to avoid escapes in the outputDavid Kalnischkies
2012-03-22* apt-inst/database.{cc,h}, apt-inst/deb/dpkgdb.{cc,h}:David Kalnischkies
- drop instead of fix as it is only needed if you want to reimplement dpkg and comes straight from the beginning of last decade (Closes: #663372) * apt-inst/deb/debfile.cc: - {Extract,Merge}Control() is another instance of "lets reimplement dpkg" so shot of this code before someone ends up using this…
2012-03-22* doc/apt-get.8.xml:Mike Erickson
- typofix: respect → respecting, thanks Mike Erickson! (Closes: #664833)
2012-03-22* debian/controlDavid Kalnischkies
- bump Standards-Version to 3.9.3 (no changes needed)
2012-03-22use the correct line to get the currently configure.in versionDavid Kalnischkies
2012-03-22* debian/apt-utils.install:David Kalnischkies
- ship the ftparchive, apt-extractemplates and apt-sortpkgs locales in the apt-utils package instead of the apt package
2012-03-22the previously used VERSION didn't work everywhere so we are switchingDavid Kalnischkies
to the more standard PACKAGE_VERSION and make it work in every file
2012-03-21do not update po and pot files in the process of the build as thisDavid Kalnischkies
causes timestamp changes for the mo files which therefore can't be refcounted by dpkg for your M-A: same packages (Closes: #659333, LP: #924628) The commit also enables a top-level 'make update-po' and does all the needed changes to let this work now that update-po might be called in a freshly checkout tree
2012-03-20for these helpers we don't need too much checks,David Kalnischkies
but no warnings from gcc helps
2012-03-20* methods/rred.cc:David Kalnischkies
- check return of writev() as gcc recommends * methods/mirror.cc: - check return of chdir() as gcc recommends * apt-pkg/deb/dpkgpm.cc: - check return of write() a gcc recommends * apt-inst/deb/debfile.cc: - check return of chdir() as gcc recommends * apt-inst/deb/dpkgdb.cc: - check return of chdir() as gcc recommends
2012-03-20* debian/libapt-pkg4.12:David Kalnischkies
- update symbols file
2012-03-20* methods/makefile:David Kalnischkies
- do not link rred against libz anymore as FileFd handles all this transparently now
2012-03-20* apt-pkg/acquire-worker.cc:David Kalnischkies
- check return of write() as gcc recommends * apt-pkg/acquire.cc: - check return of write() as gcc recommends * apt-pkg/cdrom.cc: - check return of chdir() and link() as gcc recommends * apt-pkg/clean.cc: - check return of chdir() as gcc recommends * apt-pkg/contrib/netrc.cc: - check return of asprintf() as gcc recommends
2012-03-20update the versionnumber of the faked dpkg in the testcases for multiarchDavid Kalnischkies
and add a comment about the need of this number
2012-03-13now that stdout/stdlog are used consistently, the message order changedDavid Kalnischkies
2012-03-13merged from lp:~donkult/apt/experimentalMichael Vogt
2012-03-13recheck dependencies in SmartUnpack after a change, tooDavid Kalnischkies
2012-03-13* apt-pkg/packagemanager.cc:David Kalnischkies
- recheck all dependencies if we changed a package in SmartConfigure as this could break an earlier dependency (LP: #940396)
2012-03-12ensure that the fullname of a package is displayed in the debug outputDavid Kalnischkies
2012-03-12improve the testcode so that we do not depend on the order of unpackingDavid Kalnischkies
of specific packages as long as the order is okay in general
2012-03-12now that the package name 'apt' is a magic word enabling essential statusDavid Kalnischkies
for said package i can't use it anymore in the testcase, so use another name
2012-03-07show which dependency couldn't be satisfied in the debug outputDavid Kalnischkies
2012-03-07* apt-pkg/packagemanager.cc:Michael Vogt
- fix inconsistent clog/cout usage in the debug output
2012-03-06releasing version 0.8.16~exp13Michael Vogt
2012-03-06merged from lp:~donkult/apt/experimentalMichael Vogt
2012-03-06add Debug::pkgAcqArchive::NoQueue to disable package downloadingDavid Kalnischkies
2012-03-06merge with apt/experimentalDavid Kalnischkies
* apt-pkg/packagemanager.cc: - fix bug in predepends handling - ensure that packages that needs unpackaging are unpacked before they are configured (LP: #927993) [ Julian Andres Klode ] * apt-pkg/deb/deblistparser.cc: - Set the Essential flag on APT instead of only Important * apt-pkg/packagemanager.cc: - Do not use immediate configuration for packages with the Important flag * Treat the Important flag like the Essential flag with those differences: - No Immediate configuration (see above) - Not automatically installed during dist-upgrade - No higher score for installation ordering
2012-03-06* apt-pkg/acquire-item.cc:Michael Vogt
- remove 'old' InRelease file if we can't get a new one before proceeding with Release.gpg to avoid the false impression of a still trusted repository by a (still present) old InRelease file. Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)
2012-03-06* apt-pkg/packagemanager.cc:Michael Vogt
- fix bug in predepends handling - ensure that packages that needs unpackaging are unpacked before they are configured (LP: #927993)
2012-03-06* apt-pkg/contrib/fileutl.cc:David Kalnischkies
- do not warn about the ignoring of directories (Closes: #662762)
2012-03-05changelog: Document scoring difference for Important flagJulian Andres Klode
* Treat the Important flag like the Essential flag with those differences: - No higher score for installation ordering
2012-03-05* Treat the Important flag like the Essential flag with two differences:Julian Andres Klode
- No Immediate configuration (see above) - Not automatically installed during dist-upgrade
2012-03-05* apt-pkg/packagemanager.cc:Julian Andres Klode
- Do not use immediate configuration for packages with the Important flag
2012-03-05* apt-pkg/deb/deblistparser.cc:Julian Andres Klode
- Set the Essential flag on APT instead of only Important
2012-03-05as we parse datestrings from external sources a lot specify the lengthDavid Kalnischkies
of the integer fields as well to avoid crashes in scanf as cppchecks warns: "(warning) scanf without field width limits can crash with huge input data"
2012-03-05fix "(style) The scope of the variable 'count' can be reduced"David Kalnischkies
2012-03-05micro-optimize "(performance) Prefer prefix ++/-- operators for ↵David Kalnischkies
non-primitive types."
2012-03-05set char-limits for the scanf parsing previous crash-reportsDavid Kalnischkies
2012-03-05fix "(performance) Possible inefficient checking for 'R' emptiness."David Kalnischkies
2012-03-05fix "(style) Checking if unsigned variable 'Minor' is less than zero."David Kalnischkies
2012-03-05ensure that (s)scanf doesn't parse a too long Code now that a previousDavid Kalnischkies
commit lifted the Line-length limit
2012-03-04fix two "(style) Variable 'Res' is assigned a value that is never used"David Kalnischkies
2012-03-04fix "(error) Possible null pointer dereference: BindAddr" by ensuringDavid Kalnischkies
that BindAddr isn't NULL after getaddrinfo()
2012-03-04fix "(style) Statements following return, break, continue, goto or throwDavid Kalnischkies
will never be executed." from cppcheck. The fd was closed only after a return, so invert the order of lines and be happy
2012-03-04fix a bunch of cppcheck "(warning) Member variable '<#>' is notDavid Kalnischkies
initialized in the constructor." messages (no functional change)
2012-03-04handle a SIGINT in all modes as a break after the currently runningDavid Kalnischkies
dpkg transaction instead of ignoring it completely
2012-03-04* apt-pkg/acquire-item.cc:David Kalnischkies
- remove 'old' InRelease file if we can't get a new one before proceeding with Release.gpg to avoid the false impression of a still trusted repository by a (still present) old InRelease file. Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214) Effected are all versions >= 0.8.11 Possible attack summary: - Attacker needs to find a user which has run at least one successful 'apt-get update' against an archive providing InRelease files. - Create a Packages file with his preferred content. - Attacker then prevents the download of InRelease, Release and Release.gpg (alternatively he creates a valid Release file and sends this, the other two files need to be missing either way). - User updates against this, getting the modified Packages file without any indication of being unsigned (beside the "Ign InRelease" and "Ign Release.gpg" in the output of 'apt-get update'). => deb files from this source are considered 'trusted' (and therefore the user isn't asked for an additional confirmation before install)