| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-09-26 | Do not allow going from authenticated to unauthenticated repo | Michael Vogt | |
| Also rework the way we load the Release file, so it only after Release.gpg verified the Release file. The rational is that we never want to load untrusted data into our parsers. Only stuff verified with gpg or by its hashes get loaded. To load untrusted data you now need to use apt-get update --allow-unauthenticated. | |||
| 2014-09-26 | Print warning for unauthenticated repositories | Michael Vogt | |
| 2014-09-26 | Do not download Packages/Sources files on I-M-S hit of the Release file | Michael Vogt | |
| With this branch we know that the data in the lists directory is always what the release file says, so if the Release file is unchanged, then there is no need to queue the download of the other indexfiles as they will be unchanged too (or broken :) | |||
| 2014-09-25 | Merge remote-tracking branch 'upstream/debian/experimental' into ↵ | Michael Vogt | |
| feature/acq-trans | |||
| 2014-09-24 | releasing package apt version 1.1~exp3 | Michael Vogt | |
| 2014-09-24 | DropPrivs: Document what it does | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | DropPrivs: Use APT::Sandbox::User instead of Apt::User::Nobody | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | DropPrivs: Hard-fail if the user does not exist | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | DropPrivs: Add some comments for the more obscure setuid/setgid functions | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | DropPrivs: Move the re-set uid/gid thing to the end of the function | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | methods: Fail if we cannot drop privileges | Julian Andres Klode | |
| 2014-09-24 | DropPrivs: Improve comments | Julian Andres Klode | |
| Git-Dch: ignore | |||
| 2014-09-24 | DropPrivs: Also check for saved set-user-ID and set-group-ID | Julian Andres Klode | |
| 2014-09-24 | DropPrivs: Do not use an invalid return check for setgroups() | Julian Andres Klode | |
| setgroups() returns 0 on success Git-Dch: ignore | |||
| 2014-09-24 | Use _apt as our unprivileged user name | Julian Andres Klode | |
| Some people want to standardize on it, and BSDs do it too, so let's do the same. Reported-by: Paul Wise <pabs@debian.org> | |||
| 2014-09-24 | DropPriv: Really call seteuid and not setuid, and add more checks | Julian Andres Klode | |
| The only thing we are missing is non-portable saved ids support. | |||
| 2014-09-24 | Drop Privileges to "Debian-apt" in most acquire methods | Michael Vogt | |
| Add a new "Debian-apt" user that owns the /var/lib/apt/lists and /var/cache/apt/archive directories. The methods http, https, ftp, gpgv, gzip switch to this user when they start. Thanks to Julian and "ioerror" and tors "switch_id()" code. | |||
| 2014-09-23 | make pdiff transactional (but at the cost of a CopyFile() | Michael Vogt | |
| 2014-09-23 | cleanup, fix test-apt-update-unauth as the behavior of apt changed | Michael Vogt | |
| 2014-09-23 | cleanup | Michael Vogt | |
| 2014-09-23 | fix one broken test | Michael Vogt | |
| 2014-09-23 | Merge remote-tracking branch 'debian/debian/experimental' into feature/acq-trans | Michael Vogt | |
| 2014-09-23 | Merge remote-tracking branch 'upstream/debian/experimental' into ↵ | Michael Vogt | |
| feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification | |||
| 2014-09-23 | fix tests | Michael Vogt | |
| 2014-09-23 | Merge branch 'debian/sid' into debian/experimental | Michael Vogt | |
| Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog | |||
| 2014-09-21 | Ensure that iTFRewritePackageOrder is "MD5sum" to match apt-ftparchive | Michael Vogt | |
| The iTFRewritePackageOrder is used in indexcopy to copy and normalize cdrom Packages files. This change will ensure that there is no "normalization" that changes MD5sum -> MD5Sum which alters the hash of the Packages file on disk (oh the irony). | |||
| 2014-09-21 | Fix regression for cdrom: sources from latest security update | Michael Vogt | |
| Skip a reverify for cdrom: sources. The reverify step is actually harmful here because the apt-cdrom add code uses the indexcopy.cc which will "normalize" the Packages file from the cdrom when it writes it to the local disk. This leads to changing the "MD5sum" field (notice the lower case "s") on the cdrom Packages file to a "MD5Sum" field on the local file in /var/lib/apt/lists. Which of course alters the hash and makes apt fail to reverify the file. | |||
| 2014-09-20 | relax grep to support newer curl output format | David Kalnischkies | |
| Git-Dch: Ignore | |||
| 2014-09-19 | disable timestamps in the footer of docs by doxygen | Jérémy Bobbio | |
| The default being 'yes', but this spoils the effort of reproducible builds for no real gain. (https://wiki.debian.org/ReproducibleBuilds) | |||
| 2014-09-19 | German program translation update | Holger Wansing | |
| Closes: 762223 | |||
| 2014-09-19 | Fix regression when copy: is used for a relative path | Michael Vogt | |
| When we do a ReverifyAfterIMS() we use the copy: method to verify the hashes again. If the user uses -o Dir=./something/relative this fails because we use the URI class in copy.cc that strips away the leading relative part. By not using URI this is fixed. Closes: #762160 | |||
| 2014-09-19 | test/integration/test-apt-update-file: improve test | Michael Vogt | |
| 2014-09-18 | ./pre-release pre-export | Michael Vogt | |
| 2014-09-17 | releasing package apt version 1.0.9.11.0.9.1 | Michael Vogt | |
| 2014-09-17 | Merge remote-tracking branch 'vnwildman/debian/sid' into debian/sid | Michael Vogt | |
| 2014-09-17 | improve test for commit daff4a | Michael Vogt | |
| 2014-09-17 | Fix regression for file:/// uris from CVE-2014-0487 | Michael Vogt | |
| Do not run ReverifyAfterIMS() for local file URIs as this will causes apt to mess around in the file:/// uri space. This is wrong in itself, but it will also cause a incorrect verification failure when the archive and the lists directory are on different partitions as rename(). | |||
| 2014-09-17 | fix gcc warnings | Michael Vogt | |
| 2014-09-17 | use pkgAcqMetaBase as the transactionManager | Michael Vogt | |
| 2014-09-16 | prepare 1.0.9.1 | Michael Vogt | |
| 2014-09-16 | merge previous upload | Michael Vogt | |
| 2014-09-16 | SECURITY UPDATE for CVE-2014-{0488,0487,0489} | Michael Vogt | |
| incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) | |||
| 2014-09-16 | add a bunch of dpointers | Michael Vogt | |
| 2014-09-16 | remove pkgAcqSubIndex | Michael Vogt | |
| 2014-09-14 | add a 'coverage' command to generate reports | David Kalnischkies | |
| Builds, runs and generates everything needed to have a coverage report at the end for apt. The report isn't perfect as most childs apt forks do not have a regular exit and so data is never written for them, which results in e.g. most methods to have zero coverage reported. Git-Dch: Ignore | |||
| 2014-09-14 | Turkish program translation update | Mert Dirik | |
| Closes: 761394 | |||
| 2014-09-14 | Updated German documentation translation | Chris Leick | |
| 2014-09-13 | l10n: vi.po (636t): Update program translation | Trần Ngọc Quân | |
| Signed-off-by: Trần Ngọc Quân <vnwildman@gmail.com> | |||
| 2014-09-12 | Allow override of Proxy-Auto-Detect by the users configuration | Michael Vogt | |
| Only run the Proxy-Auto-Detect code if there is not already a host specific configuration. Closes: 759264 | |||
| 2014-09-09 | prepare 1.0.81.0.8 | Michael Vogt | |
 |
index : apt.git | |
| Saurik's version of apt managed for tvOS/ARM64 | Sam Bingner |
| summaryrefslogtreecommitdiff |