summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-03-18rename testcase to mention CVE number, make the code more consistent withDavid Kalnischkies
the rest and add some more tests (by fixing commented ones)
2013-03-16ensure that we fclose/unlink/free in the new gpg-code as soon as possibleDavid Kalnischkies
2013-03-16add testcase and update changelogMichael Vogt
2013-03-16merged from davids bundleMichael Vogt
2013-03-15 - if ExecGPGV deals with a clear-signed file it will split this fileDavid Kalnischkies
into data and signatures, pass it to gpgv for verification and recombines it after that in a known-good way without unsigned blocks and whitespaces resulting usually in more or less the same file as before, but later code can be sure about the format * apt-pkg/deb/debmetaindex.cc: - reenable InRelease by default
2013-03-15split out a method to strip whitespaces only on the right sideMichael Vogt
2013-03-15* apt-pkg/acquire-item.cc:David Kalnischkies
- keep the last good InRelease file around just as we do it with Release.gpg in case the new one we download isn't good for us
2013-03-15don't close stdout/stderr if it is also the statusfdDavid Kalnischkies
2013-03-15* apt-pkg/contrib/gpgv.cc:David Kalnischkies
- ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases
2013-03-15* apt-pkg/indexcopy.cc:David Kalnischkies
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
2013-03-14* SECURITY UPDATE: InRelease verification bypass0.9.7.8Michael Vogt
- CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw
2012-12-13releasing version 0.9.7.70.9.7.7Michael Vogt
2012-12-13merged from lp:~donkult/apt/sidMichael Vogt
2012-12-13change permissions of /var/log/apt/term.log to 0640 (LP: #975199)Michael Vogt
2012-12-08Fix Plural forms in German, French, Japanese and Portuguesebubulle@debian.org
translations. Thanks to Jakub Wilk for reporting these errors.
2012-11-20Vietnamese (Trần Ngọc Quân). Closes: #693773bubulle@debian.org
2012-11-10* apt-pkg/algorithms.cc:Jonathan Thomas
- fix package-pointer array memory leak in ResolveByKeepInternal()
2012-11-09* apt-pkg/algorithms.cc:David Kalnischkies
- ensure pkgProblemResolver calls MarkDelete without FromUser set so that it can't overrule holds and the protection flag
2012-11-09* cmdline/apt-get.cc:David Kalnischkies
- do not call Mark{Install,Delete} from the autoremove code with the FromUser bit set to avoid modifying the auto-installed bit
2012-11-09no mode changes should obviously be ok for pkgDepCache::IsModeChangeOkDavid Kalnischkies
2012-11-09* apt-pkg/depcache.cc:David Kalnischkies
- don't call MarkInstall with the FromUser flag set for packages which are dependencies of APT::Never-MarkAuto-Sections matchers
2012-11-01merged frm donkultMichael Vogt
2012-10-28Thai (Theppitak Karoonboonyanan). Closes: #691613bubulle@debian.org
2012-10-24* apt-pkg/packagemanager.cc:David Kalnischkies
- do not do lock-step configuration for a M-A:same package if it isn't unpacked yet in SmartConfigure and do not unpack a M-A:same package again in SmartUnPack if we have already configured it (LP: #1062503)
2012-10-20adds a comment for Translators to the 'do as I say' prompt toDavid Kalnischkies
prevent problems like #691024 in new translations
2012-10-20Drop a confusing non-breaking space. Closes: #691024bubulle@debian.org
2012-10-19Catalan (Jordi Mallach)Jordi Mallach
2012-10-16releasing version 0.9.7.60.9.7.6Michael Vogt
2012-10-15* apt-pkg/pkgcachegen.cc:Michael Vogt
- Fix crash if the cache is remapped while writing a Provides version (LP: #1066445).
2012-10-15merge from lp:~donkult/apt/sidMichael Vogt
2012-10-13remove 256 char line limit by using getline() (POSIX.1-2008)David Kalnischkies
2012-10-13* apt-pkg/contrib/netrc.cc:David Kalnischkies
- remove the 64 char limit for login/password in internal usage
2012-10-13Add a Closes tag for the self-conflict fix:David Kalnischkies
ignore negative dependencies applying in the same group for M-A:same packages on the real package name as self-conflicts (Closes: #688863)
2012-10-13* apt-pkg/policy.cc:David Kalnischkies
- match pins with(out) an architecture as we do on the commandline (partly fixing #687255, b= support has to wait for jessie)
2012-10-13* apt-pkg/edsp.cc:David Kalnischkies
- include reinstall requests and already installed (= protected) packages in the install-request for external resolvers (Closes: #689331)
2012-10-13write the native architecture as unique string into the cache headerDavid Kalnischkies
as it is used for arch:all packages as a map to arch:native. Otherwise arch comparisons later will see differences (Closes: #689323)
2012-10-13correct "3 missing" to "2 missing" remap registrations as the VersionDavid Kalnischkies
handled in NewVersion is already registered
2012-10-12merged lp:~mvo/apt/mvoMichael Vogt
2012-10-02Ukrainian program translation update (A. Bondarenko)A. Bondarenko
2012-09-28merged from lp:~donkult/apt/sidMichael Vogt
2012-09-26* cmdline/apt-cache.cc:David Kalnischkies
- print versioned dependency relations in (r)depends if the option APT::Cache::ShowVersion is true (default: false) as discussed in #218995 to help debian-cd fixing #687949. Thanks to Sam Lidder for initial patch and Steve McIntyre for nagging and testing!
2012-09-19* apt-pkg/pkgcache.cc:David Kalnischkies
- ignore negative dependencies applying in the same group for M-A:same packages on the real package name as self-conflicts
2012-09-19add 3 missing remap registrations causing a segfault in caseDavid Kalnischkies
we use the not remapped iterators after a move of the mmap again
2012-09-19* apt-pkg/pkgcachegen.cc:David Kalnischkies
- ensure that dependencies for packages:none are always generated
2012-09-11releasing version 0.9.7.50.9.7.5Michael Vogt
2012-09-11merged from lp:~donkult/apt/sidMichael Vogt
2012-09-09* apt-pkg/pkgcachegen.cc:David Kalnischkies
- do not create 'native' (or now 'none') package structures as a side effect of description translation parsing as it pollutes the cache
2012-09-09handle packages without a mandatory architecture (debian-policy §5.3)David Kalnischkies
by introducing a pseudo-architecture 'none' so that the small group of users with these packages can get right of them without introducing too much hassle for other users (Closes: #686346)
2012-09-08Portuguese (Américo Monteiro) (Closes: #686975)bubulle@debian.org
2012-09-04apt-pkg/aptconfiguration.h: fix compiler errorMichael Vogt