| Age | Commit message (Collapse) | Author |
|---|
|
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
|
|
|
|
- keep the last good InRelease file around just as we do it with
Release.gpg in case the new one we download isn't good for us
|
|
|
|
- ExecGPGV is a method which should never return, so mark it as such
and fix the inconsistency of returning in error cases
|
|
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
|
|
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
|
|
|
|
|
|
|
|
translations. Thanks to Jakub Wilk for reporting these errors.
|
|
|
|
- fix package-pointer array memory leak in ResolveByKeepInternal()
|
|
- ensure pkgProblemResolver calls MarkDelete without FromUser set
so that it can't overrule holds and the protection flag
|
|
- do not call Mark{Install,Delete} from the autoremove code with
the FromUser bit set to avoid modifying the auto-installed bit
|
|
|
|
- don't call MarkInstall with the FromUser flag set for packages
which are dependencies of APT::Never-MarkAuto-Sections matchers
|
|
|
|
|
|
- do not do lock-step configuration for a M-A:same package if it isn't
unpacked yet in SmartConfigure and do not unpack a M-A:same package
again in SmartUnPack if we have already configured it (LP: #1062503)
|
|
prevent problems like #691024 in new translations
|
|
|
|
|
|
|
|
- Fix crash if the cache is remapped while writing a Provides version
(LP: #1066445).
|
|
|
|
|
|
- remove the 64 char limit for login/password in internal usage
|
|
ignore negative dependencies applying in the same group for M-A:same
packages on the real package name as self-conflicts (Closes: #688863)
|
|
- match pins with(out) an architecture as we do on the commandline
(partly fixing #687255, b= support has to wait for jessie)
|
|
- include reinstall requests and already installed (= protected) packages
in the install-request for external resolvers (Closes: #689331)
|
|
as it is used for arch:all packages as a map to arch:native.
Otherwise arch comparisons later will see differences (Closes: #689323)
|
|
handled in NewVersion is already registered
|
|
|
|
|
|
|
|
- print versioned dependency relations in (r)depends if the option
APT::Cache::ShowVersion is true (default: false) as discussed in
#218995 to help debian-cd fixing #687949. Thanks to Sam Lidder
for initial patch and Steve McIntyre for nagging and testing!
|
|
- ignore negative dependencies applying in the same group for
M-A:same packages on the real package name as self-conflicts
|
|
we use the not remapped iterators after a move of the mmap again
|
|
- ensure that dependencies for packages:none are always generated
|
|
|
|
|
|
- do not create 'native' (or now 'none') package structures as a side
effect of description translation parsing as it pollutes the cache
|
|
by introducing a pseudo-architecture 'none' so that the small group of
users with these packages can get right of them without introducing too
much hassle for other users (Closes: #686346)
|
|
|
|
|
|
|
|
|
|
and avoid re-unpack otherwise (Closes: #670900)
|
|
- copy only configured translation files from a CD-ROM and not all
available translation files preventing new installs with d-i from
being initialized with all translations (Closes: #678227)
- handle Components in the reduction for the source.list as multi-arch CDs
otherwise create duplicated source entries (e.g. "wheezy main main")
|
