summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-03-05as we parse datestrings from external sources a lot specify the lengthDavid Kalnischkies
of the integer fields as well to avoid crashes in scanf as cppchecks warns: "(warning) scanf without field width limits can crash with huge input data"
2012-03-05fix "(style) The scope of the variable 'count' can be reduced"David Kalnischkies
2012-03-05micro-optimize "(performance) Prefer prefix ++/-- operators for ↵David Kalnischkies
non-primitive types."
2012-03-05set char-limits for the scanf parsing previous crash-reportsDavid Kalnischkies
2012-03-05fix "(performance) Possible inefficient checking for 'R' emptiness."David Kalnischkies
2012-03-05fix "(style) Checking if unsigned variable 'Minor' is less than zero."David Kalnischkies
2012-03-05ensure that (s)scanf doesn't parse a too long Code now that a previousDavid Kalnischkies
commit lifted the Line-length limit
2012-03-04fix two "(style) Variable 'Res' is assigned a value that is never used"David Kalnischkies
2012-03-04fix "(error) Possible null pointer dereference: BindAddr" by ensuringDavid Kalnischkies
that BindAddr isn't NULL after getaddrinfo()
2012-03-04fix "(style) Statements following return, break, continue, goto or throwDavid Kalnischkies
will never be executed." from cppcheck. The fd was closed only after a return, so invert the order of lines and be happy
2012-03-04fix a bunch of cppcheck "(warning) Member variable '<#>' is notDavid Kalnischkies
initialized in the constructor." messages (no functional change)
2012-03-04handle a SIGINT in all modes as a break after the currently runningDavid Kalnischkies
dpkg transaction instead of ignoring it completely
2012-03-04* apt-pkg/acquire-item.cc:David Kalnischkies
- remove 'old' InRelease file if we can't get a new one before proceeding with Release.gpg to avoid the false impression of a still trusted repository by a (still present) old InRelease file. Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214) Effected are all versions >= 0.8.11 Possible attack summary: - Attacker needs to find a user which has run at least one successful 'apt-get update' against an archive providing InRelease files. - Create a Packages file with his preferred content. - Attacker then prevents the download of InRelease, Release and Release.gpg (alternatively he creates a valid Release file and sends this, the other two files need to be missing either way). - User updates against this, getting the modified Packages file without any indication of being unsigned (beside the "Ign InRelease" and "Ign Release.gpg" in the output of 'apt-get update'). => deb files from this source are considered 'trusted' (and therefore the user isn't asked for an additional confirmation before install)
2012-03-03testcase for CVE-2012-0214Simon Ruderich
2012-03-03* apt-pkg/packagemanager.cc:David Kalnischkies
- do not try to a void a breaks if the broken package pre-depends on the breaker, but let dpkg auto-deconfigure it
2012-03-03allow msgtest to be used with only one parameterDavid Kalnischkies
2012-03-03show in the debug output if we are looping in the avoid breaksDavid Kalnischkies
2012-03-03eanup the ordering-code avoiding a break (no function change)David Kalnischkies
2012-02-27fix the string in the testcasesDavid Kalnischkies
2012-02-25* cmdline/apt-cache.cc:David Kalnischkies
- correct --pre-depends option by using dash consistently (LP: #940837)
2012-02-18improve 'error' message for packages which are only referencedDavid Kalnischkies
e.g. in a Depends line and are now requested for removal
2012-02-18* cmdline/apt-get.cc:David Kalnischkies
- if a package can't be removed as it is not installed, suggest to the user an (installed) multiarch silbing with 'Did you mean?'
2012-02-18use pdiff for Translation-* files if available (Closes: #657902)David Kalnischkies
Beware: pdiffs for Translation-* are only acquired if their availability is advertised in the Release file.
2012-02-18* apt-pkg/acquire-item.cc:David Kalnischkies
- drop support for i18n/Index file (introduced in 0.8.11) and use the Release file instead to get the Translations (Closes: #649314) * ftparchive/writer.cc: - add 'Translation-*' to the default patterns i18n/Index was never used outside debian - and even here it isn't used consistently as only 'main' has such a file. As the Release file now includes the Translation-* files we therefore drop support for i18n/Index. A version supporting it was never part of a debian release and still supporting it would mean that we get 99% of the time a 404 as response to the request anyway and confuse archive maintainers who want to provide all files APT tries to acquire.
2012-02-18ensure that the cache-directories are really directories beforeDavid Kalnischkies
trying to get a list of included files from them
2012-02-18* apt-pkg/indexrecords.cc:David Kalnischkies
- do not create empty Entries as a sideeffect of Lookup()
2012-02-11* apt-pkg/cachefile.cc:David Kalnischkies
- clean up lost atomic cachefiles with 'clean' (Closes: #650513)
2012-02-11just in case: correct the header-guard for https to not match httpDavid Kalnischkies
2012-02-11remove the arbitrary MAXLEN limit for response lines (Closes: #658346)David Kalnischkies
2012-02-11save the universe by not printing messages about apport if a packageDavid Kalnischkies
with this name is not installed (Closes: #619646)
2012-02-11fix the hold-testcase as it has problems with 'foreign' operationsDavid Kalnischkies
2012-02-11correctly ignore already (un)hold packagesDavid Kalnischkies
2012-02-10* cmdline/apt-mark.cc:David Kalnischkies
- detect if dpkg has multiarch support before calling --set-selections
2012-02-10Fix the testcases to work with and configure dpkg correctly in aDavid Kalnischkies
multi-arch environment It's not a complete and the "fixed" test is fixed more like a hack as we have communication problems with dpkg if dpkg and APT disagree on the interpretation of the native architecture, see also: http://lists.debian.org/debian-dpkg/2012/02/msg00051.html
2012-02-10ensure that architectures are not added multiple timesDavid Kalnischkies
2012-02-09call dpkg --assert-multi-arch with execvp instead of execvDavid Kalnischkies
2012-02-03rework previous patch to avoid changing the inline codeMichael Vogt
2012-02-03* apt-pkg/contrib/fileutl.h:Michael Vogt
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
2012-02-03* apt-pkg/contrib/fileutl.h:Michael Vogt
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
2012-01-31Fix IndexCopy::CopyPackages and TranslationsCopy::CopyTranslations toMichael Vogt
handle compressed files again (LP: #924182, closes: #658096)
2012-01-31merged from lp:~mvo/apt/mvoMichael Vogt
2012-01-31merged from lp:~donkult/apt/experimental/Michael Vogt
2012-01-30* apt-pkg/deb/dpkgpm.cc:Michael Vogt
- fix crash when a package is in removed but residual config state (LP: #923807)
2012-01-30merged from donkultMichael Vogt
2012-01-30* apt-pkg/aptconfiguration.cc:David Kalnischkies
- chroot if needed before calling dpkg --print-foreign-architectures
2012-01-30* methods/http{s,}.cc:David Kalnischkies
- if a file without an extension is requested send an 'Accept: text/*' header to avoid that the server chooses unsupported compressed files in a content-negotation attempt (Closes: #657560)
2012-01-30* apt-pkg/contrib/configuration.cc:David Kalnischkies
- do not stop parent transversal in FindDir if the value is empty See http://lists.debian.org/deity/2012/01/msg00053.html , too.
2012-01-29* apt-pkg/depcache.cc:David Kalnischkies
- if a M-A:same package is marked for reinstall, mark all it's installed silbings for reinstallation as well (LP: #859188)
2012-01-29* apt-pkg/algorithms.cc:Colin Watson
- use a signed int instead of short for score calculation as upgrades become so big now that it can overflow (Closes: #657732, LP: #917173)
2012-01-29add the testcase i wrote for revno 2209.1.2, to ensure that breaks onDavid Kalnischkies
not-installed versions are ignored while searching for breakage loops