| Age | Commit message (Collapse) | Author |
|---|
|
|
|
free to escape all lines (we have no lines in our files which need
to be escaped as these would be invalid fieldnames) and while ExecGPGV
would detect dash-escaped text as invalid (as its not expected in
messages with detached signatures) it would be possible to "comment"
lines in (signed) dsc files which are only parsed but not verified
|
|
|
|
apt-pkg/deb/deblistparser.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc and Release files
We can't write a "clean" file to disk as not all acquire methods copy
Release files before checking them (e.g. cdrom), so this reverts recombining,
but uses the method we use for dsc files also in the two places we
deal with Release files
|
|
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
|
|
the rest and add some more tests (by fixing commented ones)
|
|
|
|
|
|
|
|
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
|
|
|
|
- keep the last good InRelease file around just as we do it with
Release.gpg in case the new one we download isn't good for us
|
|
|
|
- ExecGPGV is a method which should never return, so mark it as such
and fix the inconsistency of returning in error cases
|
|
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
|
|
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
|
|
|
|
|
|
|
|
translations. Thanks to Jakub Wilk for reporting these errors.
|
|
|
|
- fix package-pointer array memory leak in ResolveByKeepInternal()
|
|
- ensure pkgProblemResolver calls MarkDelete without FromUser set
so that it can't overrule holds and the protection flag
|
|
- do not call Mark{Install,Delete} from the autoremove code with
the FromUser bit set to avoid modifying the auto-installed bit
|
|
|
|
- don't call MarkInstall with the FromUser flag set for packages
which are dependencies of APT::Never-MarkAuto-Sections matchers
|
|
|
|
|
|
- do not do lock-step configuration for a M-A:same package if it isn't
unpacked yet in SmartConfigure and do not unpack a M-A:same package
again in SmartUnPack if we have already configured it (LP: #1062503)
|
|
prevent problems like #691024 in new translations
|
|
|
|
|
|
|
|
- Fix crash if the cache is remapped while writing a Provides version
(LP: #1066445).
|
|
|
|
|
|
- remove the 64 char limit for login/password in internal usage
|
|
ignore negative dependencies applying in the same group for M-A:same
packages on the real package name as self-conflicts (Closes: #688863)
|
|
- match pins with(out) an architecture as we do on the commandline
(partly fixing #687255, b= support has to wait for jessie)
|
|
- include reinstall requests and already installed (= protected) packages
in the install-request for external resolvers (Closes: #689331)
|
|
as it is used for arch:all packages as a map to arch:native.
Otherwise arch comparisons later will see differences (Closes: #689323)
|
|
handled in NewVersion is already registered
|
|
|
|
|
|
|
|
- print versioned dependency relations in (r)depends if the option
APT::Cache::ShowVersion is true (default: false) as discussed in
#218995 to help debian-cd fixing #687949. Thanks to Sam Lidder
for initial patch and Steve McIntyre for nagging and testing!
|
|
- ignore negative dependencies applying in the same group for
M-A:same packages on the real package name as self-conflicts
|
|
we use the not remapped iterators after a move of the mmap again
|
|
- ensure that dependencies for packages:none are always generated
|
|
|
