Age | Commit message (Collapse) | Author |
|
apt-pkg/deb/deblistparser.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc and Release files
We can't write a "clean" file to disk as not all acquire methods copy
Release files before checking them (e.g. cdrom), so this reverts recombining,
but uses the method we use for dsc files also in the two places we
deal with Release files
|
|
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
|
|
|
|
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
|
|
|
|
- keep the last good InRelease file around just as we do it with
Release.gpg in case the new one we download isn't good for us
|
|
|
|
- ExecGPGV is a method which should never return, so mark it as such
and fix the inconsistency of returning in error cases
|
|
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
|
|
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
|
|
|
|
|
|
- fix package-pointer array memory leak in ResolveByKeepInternal()
|
|
- ensure pkgProblemResolver calls MarkDelete without FromUser set
so that it can't overrule holds and the protection flag
|
|
|
|
- don't call MarkInstall with the FromUser flag set for packages
which are dependencies of APT::Never-MarkAuto-Sections matchers
|
|
- do not do lock-step configuration for a M-A:same package if it isn't
unpacked yet in SmartConfigure and do not unpack a M-A:same package
again in SmartUnPack if we have already configured it (LP: #1062503)
|
|
- Fix crash if the cache is remapped while writing a Provides version
(LP: #1066445).
|
|
|
|
|
|
- remove the 64 char limit for login/password in internal usage
|
|
- match pins with(out) an architecture as we do on the commandline
(partly fixing #687255, b= support has to wait for jessie)
|
|
- include reinstall requests and already installed (= protected) packages
in the install-request for external resolvers (Closes: #689331)
|
|
as it is used for arch:all packages as a map to arch:native.
Otherwise arch comparisons later will see differences (Closes: #689323)
|
|
handled in NewVersion is already registered
|
|
|
|
- ignore negative dependencies applying in the same group for
M-A:same packages on the real package name as self-conflicts
|
|
we use the not remapped iterators after a move of the mmap again
|
|
- ensure that dependencies for packages:none are always generated
|
|
- do not create 'native' (or now 'none') package structures as a side
effect of description translation parsing as it pollutes the cache
|
|
by introducing a pseudo-architecture 'none' so that the small group of
users with these packages can get right of them without introducing too
much hassle for other users (Closes: #686346)
|
|
|
|
|
|
and avoid re-unpack otherwise (Closes: #670900)
|
|
- copy only configured translation files from a CD-ROM and not all
available translation files preventing new installs with d-i from
being initialized with all translations (Closes: #678227)
- handle Components in the reduction for the source.list as multi-arch CDs
otherwise create duplicated source entries (e.g. "wheezy main main")
|
|
architectures on multi-arch CD-ROMs
- do not warn about files which have a record in the Release file, but
are not present on the CD to mirror the behavior of the other methods
and to allow uncompressed indexes to be dropped without scaring users
- handle Components in the reduction for the source.list as multi-arch CDs
|
|
- handle Components in the reduction for the source.list as multi-arch cds
otherwise create duplicated source entries (e.g. "wheezy main main")
|
|
- do not create duplicated flat-archive cdrom sources for foreign
architectures on multi-arch cdroms
|
|
- unpack versions in case a different version from the package
is currently in unpack state to recover from broken system states
(like different file in M-A:same package and other dpkg errors)
|
|
|
|
(LP: #1008289)
|
|
- do not link() but rename() the cdroms.list to cdroms.list~ as a backup
to ensure that apt-cdrom can be run multiple times (Closes: #676302)
|
|
- do not use atomic writing if the target is /dev/null as we don't want
to replace it, not even automically. (Closes: #683410)
|
|
- remove _POSIX_SYNCHRONIZED_IO guard in FileFd::Sync() around fsync
as this guard is only needed for fdatasync and not defined on hurd
|
|
it is used for the msync call
|
|
- guard only the msync call with _POSIX_SYNCHRONIZED_IO rather
than also the fallback code as it breaks APT on hurd since 0.9.7.3
as the fallback is now always used on non-linux (Closes: #683354)
|
|
SyncToFd dummy just as we did for compressed files in 0.9.5
|
|
second (filebased) constructor of DynamicMMap (Closes: #677704)
|
|
- refer to APT::Cache-Start in case the growing failed as if -Limit is
really the offender it will be noted in a previous error message.
|
|
- do not segfault if nothing can be configured to statisfy
a pre-depends (e.g. in a pre-depends loop) (Closes: #681958)
|