Age | Commit message (Collapse) | Author |
|
incorrect invalidating of unauthenticated data (CVE-2014-0488)
incorect verification of 304 reply (CVE-2014-0487)
incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
|
|
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Git-Dch: Ignore
|
|
The idea of pdiffs is to avoid downloading the hole file by patching the
existing index. This works very well, but becomes slow if a lot of
patches needs to be applied to reconstruct an up-to-date index and in
recent years more and more dinstall (or similar) runs are executed
creating more and more pdiffs in the same amount of time, so pdiffs
became less useful.
The solution is simple: Reduce the amount of patches (which are very
small) which need to be applied on top of the index we have available
(which is usually pretty big).
This can be done in two ways: Either merge the patches on the
server-side so that the client has to download only one patch or the
patches are all downloaded and merged on the client-side.
The first needs a client who is doing one step at a time who can also
skip patches if it needs (APT supports this for a long time now).
The later is implemented by this commit, but depends on the server NOT
merging the patches and the patches being in a strict order in which no
patch is skipped.
This is traditionally the case for dak, but other repository creators
support merging – e.g. reprepro (which helpfully adds a flag indicating
that the patches are merged). To support both or even mixes a client
needs more information which isn't available for now.
This POC uses the external diffindex-rred included in apt-file to
do the heavy lifting of merging & applying all patches in one pass,
hence to test this feature apt-file needs to be installed.
|
|
This helps ensure three things:
- each error is reported via ReportMirrorFailure
- if DestFile doesn't exist, do not attempt rename
- renames happen for every error
The last one wasn't the case for Size mismatches, which isn't nice, but
not a exploitable problem per-se as the file isn't picked up and remains
in partial/ where the following download-try will at most take it for a
partial request which fails the hashsum verification later on
Git-Dch: Ignore
|
|
The constructors of our (clear)sign-acquire-items move a pre-existent
file for error-recovery away, which gets restored or discarded later as
the acquire progresses, but --print-uris never really starts the
acquire process, so the files aren't restored (as they should).
To fix this both get a destructor which checks for signs of acquire
doing anything and if it hasn't the file is restored.
Note that these virtual destructors theoretically break the API, but
only with classes extending the sign-acquire-items and nobody does this,
as it would be insane for library users to fiddle with Acquire
internals – and these classes are internals.
Closes: 719263
|
|
The breakage is just to big for now, so guard the change with
#ifndef APT_8_CLEANER_HEADERS and be nice to library users
|
|
|
|
|
|
- fix fetching language information by adding OptionalSubIndexTarget
|
|
- do not check for a "Package" tag in optional index targets
like the translations index
|
|
- cleanup around OptionalIndexTarget and SubIndexTarget
|
|
- try even harder to support really big files in the fetcher by
converting (hopefully) everything to 'long long' (Closes: #632271)
|
|
mirror methods does not retry on each mirror
|
|
|
|
* apt-pkg/aptconfiguration.cc:
- remove the inbuilt Translation files whitelist
|
|
- add a special uncompressed compression type to prefer those files
* methods/{gzip,bzip}.cc:
- print a good error message if FileSize() is zero
|
|
* apt-pkg/deb/deblistparser.cc:
- rewrite LoadReleaseInfo to cope with clearsigned Releasefiles
|
|
- operate optional on gzip compressed pdiffs
* apt-pkg/acquire-item.cc:
- don't uncompress downloaded pdiff files before feeding it to rred
|
|
|
|
|
|
- on gpg verification failure warn and restore the last known
good state
- on failure display the IP of the server (useful for servers
that use round robin DNS)
- support Original-Maintainer in RewritePackageOrder
- enable cdrom autodetection via libudev by default
- show messsage about Vcs in use when apt-get source is run for
packages maintained in a Vcs
- better support transitional packages with mark auto-installed.
when the transitional package is in "oldlibs" the new package
is not marked auto installed (same is true for section
metapackages)
- provide new "deb mirror://archive.foo/mirrors.list sid main"
method expects a list of mirrors (generated on the server e.g.
via geoip) and will use that, including cycle on failure
- write apport crash file on package failure (disabled by default
on debian until apport is available)
- support mirror failure reporting (disabled by default on debian)
|
|
- switch {,Install-}Size to unsigned long long
* apt-pkg/depcache.cc:
- deal with long long, not with int to remove 2GB Limit (LP: #250909)
|
|
of this item is ok and does not need to be tried on all mirrors
|
|
- add a class WeakPointable which allows one to register weak pointers to
an object which will be set to NULL when the object is deallocated.
* [ABI break] apt-pkg/acquire{-worker,-item,}.h:
- subclass pkgAcquire::{Worker,Item,ItemDesc} from WeakPointable.
|
|
|
|
- add "IsIndexFile" to constructor of pkgAcqFile so that it sends
the right cache control headers
|
|
thanks Bernhard R. Link! (Closes: #545699)
|
|
|
|
acquire-items choose which compression file they should (try first to)
download to easily add new or change the order of the compression types.
And because it is easy now we directly add builtin lzma support.
The compression ratio is better than bzip2 but we prefer the later for now
as no (official) mirror uses lzma, so this would only generate useless
hits on the servers. Maybe sometime in the future lzma will be the default...
[apt-pkg/acquire-item.cc]
- use configsettings for dynamic compression type use and order.
Based on a patch by Jyrki Muukkonen, thanks! (LP: #71746)
[apt-pkg/init.cc]
- add default configuration for compression types and add lzma
support. Order is now bzip2, lzma, gzip, none (Closes: #510526)
[ftparchive/writer.cc]
- add lzma support also here, patch for this (and inspiration for
the one above) by Robert Millan, thanks!
|
|
|
|
|
|
that apt will refuse to update and use the old lists if
the authentication of a repository that used to be
authenticated fails. See
https://wiki.ubuntu.com/AptAuthenticationReliability
for more details.
|
|
|
|
- make the authentication download code more robust against
servers/proxies with broken If-Range implementations
|
|
- make the authentication download code more robust against
servers/proxies with broken If-Range implementations
|
|
- fix fd leak for zero size files (thanks to Bill Broadley for
reporting this bug)
* apt-pkg/acquire-item.cc:
- remove zero size files on I-M-S hit
* methods/https.cc:
- only send LastModified if we actually have one
- send range request with if-range
- delete failed downloads
* apt-pkg/deb/dpkgpm.{cc,h}:
- merged dpkg-log branch, this lets you specify a
Dir::Log::Terminal file to log dpkg output to
(ABI break)
* merged apt--sha256 branch to fully support the new
sha256 checksums in the Packages and Release files
(ABI break)
* Applied patch from Aurelien Jarno <aurel32@debian.org> to fix wrong
directory downloading on non-linux architectures (closes: #435597)
* Applied patch from Guillem Jover <guillem@debian.org> to use
* Applied patch from Guillem Jover <guillem@debian.org> to add
support to add lzma support (closes: #408201)
* methods/makefile:
- install lzma symlink method (for full lzma support)
* debian/control:
- suggest "lzma"
* Simplified HttpMethod::Fetch on http.cc removing Tail variable;
* Fix pipeline handling on http.cc (closes: #413324)
* Fix building to properly support binNMUs. Thanks to Daniel Schepler
<schepler@math.unipd.it> by the patch (closes: #359634)
* Fix example for Install-{Recommends,Suggests} options on
configure-index example file. Thanks to Peter Eisentraut
<peter_e@gmx.net> by the patch (closes: #432223)
* fixed compile errors with g++ 4.3 (thanks to
Daniel Burrows, closes: #429378)
* fixes in the auto-mark code (thanks to Daniel
Burrows)
* fix FTFBFS by changing build-depends to
libcurl4-gnutls-dev (closes: #428363)
* cmdline/apt-get.cc:
- fix InstallTask code when a pkgRecord ends
with a single '\n' (thanks to Soren Hansen for reporting)
* merged from Christian Perrier:
* vi.po: completed to 532t, again. Closes: #429899
* gl.po: completed to 532t. Closes: #429506
* vi.po: completed to 532t. Closes: #428672
* Update all PO and the POT. Gives 514t14f4u for formerly
complete translations
* fr.po: completed to 532t
* ku.po, uk.po, LINGUAS: reintegrate those translations
which disappeared from the BZR repositories
|
|
- rename "hash" into ExpectedHash in pkgAcqFile, pkgAcqIndex
- add missing HashSum() call to class pkgAcqIndex
- use the data provided by acquire-method (and send via the
{SHA256,SHA1,MD5Sum}-Hash tag when comparing the hash, this
avoids calculating the hash twice (just like old libapt)
* apt-pkg/acquire-method.cc:
- send MD5Sum-Hash tag to libapt to be consistant with
HashString::SupportedHashes()
* apt-pkg/acquire-worker.cc:
- check with "Owner->HashSum().HashType()" what hash the frontend
is expecting and pass it to pkgAcquireItem::Done() in the new
HashString format
- add some debugging output
* apt-pkg/contrib/hashes.cc:
- fix off-by-one error when constructing a HashString from a single
input string
* apt-pkg/contrib/hashes.h:
- add "HashType()" method
* apt-pkg/init.h, apt-pkg/makefile, methods/makefile:
- break ABI
|
|
and fallback
|
|
- apport integration added, this means that a apport
report is written on dpkg failures
* merged from debian/unstable, remaining changes:
- maintainer field changed
* merged the debian/experimental changes back
into the debian/sid branch
* merged from Christian Perrier:
* mr.po: New Marathi translation Closes: #416806
* zh_CN.po: Updated by Eric Pareja Closes: #416822
* tl.po: Updated by Eric Pareja Closes: #416638
* gl.po: Updated by Jacobo Tarrio
* da.po: Updated by Claus Hindsgaul
* fr.po: Remove a non-breakable space for usability
* ru.po: Updated Russian translation. Closes: #405476
* *.po: Unfuzzy after upstream typo corrections
* buildlib/archtable:
- added support for sh3/sh4 (closes: #424870)
- added support for m32r (closes: #394096)
* buildlib/systemtable:
- added support for lpia
* configure.in:
- check systemtable for architecture mapping too
* fix error in AutocleanInterval, closes: #319339
(thanks to Israel G. Lugo for the patch)
* add "purge" commandline argument, closes: #133421)
(thanks to Julien Danjou for the patch)
* add "purge" commandline argument, closes: #133421)
(thanks to Julien Danjou for the patch)
* fix FTBFS with gcc 4.3, closes: #417090
(thanks to Martin Michlmayr for the patch)
* add --dsc-only option, thanks to K. Richard Pixley
* Removed the more leftover #pragma interface/implementation
closes: #306937 (thanks to Andreas Henriksson for the patch)
* ABI library name change because its build against
new glibc
* implement SourceVer() in pkgRecords
(thanks to Daniel Burrows for the patch!)
* apt-pkg/algorithm.cc:
- use clog for all debugging
- only increase the score of installed applications if they
are not obsolete
- fix resolver bug on removal triggered by weak-dependencies
with or-groups
* methods/http.cc:
- send apt version in User-Agent
* apt-pkg/deb/debrecords.cc:
- fix SHA1Hash() return value
* apt-pkg/cdrom.cc:
- only unmount if APT::CDROM::NoMount is false
* methods/cdrom.cc:
- only umount if it was mounted by the method before
- if decompression of a index fails, delete the index
* vi.po: Updated to 515t. Closes: #426976
* eu.po: Updated to 515t. Closes: #423766
* pt.po: 515t. Closes: #423111
* fr.po: Updated by Christian Perrier
* Update all PO and the POT. Gives 513t2f for formerly
complete translations
* Package that contains tall the new features
* Removed all #pragma interface/implementation
* Branch that contains tall the new features:
* translated package descriptions
* task install support
* automatic dependency removal (thanks to Daniel Burrows)
* merged support for the new dpkg "Breaks" field
(thanks to Ian Jackson)
* handle network failures more gracefully on "update"
* support for unattended-upgrades (via unattended-upgrades
package)
* added apt-transport-https method
- ca.po: Updated to 514t
- be.po: Updated to 514t
- it.po: Updated to 514t
- hu.po: Updated to 514t
- zh_TW.po: Updated to 514t
- ar.po: Updated to 293t221u.
- ru.po: Updated to 514t. Closes: #392466
- nb.po: Updated to 514t. Closes: #392466
- pt.po: Updated to 514t. Closes: #393199
- fr.po: One spelling error corrected: s/accèder/accéder
- km.po: Updated to 514t.
- ko.po: Updated to 514t.
- bg.po: Updated to 514t.
- de.po: Updated to 514t.
- en_GB.po: Updated to 514t.
* debian/control:
- depend on debian-archive-keyring to offer clean upgrade path
(closes: #386800)
* merged "install-recommends" branch (ABI break):
- new "--install-recommends"
- install new recommends on "upgrade" if --install-recommends is
given
- new "--fix-policy" option to install all packages with unmet
important dependencies (usefull with --install-recommends to
see what not-installed recommends are on the system)
- fix of recommended packages display (only show CandidateVersion
fix or-group handling)
* merged "install-task" branch (use with "apt-get install taskname^")
* Applied patch from Daniel Schepler to make apt bin-NMU able.
* apt-pkg/acquire-item.cc:
- fix reversed logic of the "Acquire::PDiffs" option
* apt-pkg/contrib/sha256.cc:
- applied patch to fix unaligned access problem. Closes: #367417
(thanks to David Mosberger)
* apt-pkg/contrib/sha256.{cc,h},hashes.{cc,h}: support for sha256
(thanks to Anthony Towns)
* ftparchive/cachedb.{cc,h},writer.{cc,h}: optimizations
(thanks to Anthony Towns)
* apt pdiff support from experimental merged
* apt-pkg/deb/dpkgpm.cc: wording fixes (thanks to Matt Zimmerman)
- fix error in dpkg interaction (closes: #364513, thanks to Martin Dickopp)
|
|
|
|
|
|
|
|
|
|
* pulled in the other remaining ubuntu changes
|
|
|
|
|
|
|
|
apt-pkg/acquire-item.h:
- add new pkgAcquire::Item::StatTransientNetworkError status
apt-pkg/acquire-item.cc:
- if we get a StatTransientNetworkError use old sigfile and indexfiles
apt-pkg/acquire-worker.cc:
- set StatTransientNetworkError on "Timeout", "TmpResolveFailure", "ConnectionRefused"
cmdline/apt-get.cc:
- handle a StatTransientNetworkError different than a normal error (warning instead of error)
|