summaryrefslogtreecommitdiff
path: root/apt-pkg
AgeCommit message (Collapse)Author
2011-08-11fix a few more cppcheck performance and scope warningsDavid Kalnischkies
2011-08-11cppcheck complains about some possible speed improvements which could beDavid Kalnischkies
done on the mirco-optimazation level, so lets fix them: (performance) Possible inefficient checking for emptiness. (performance) Prefer prefix ++/-- operators for non-primitive types.
2011-08-11fix some cppcheck: (warning) Member variable is not initialized in the ↵David Kalnischkies
constructor.
2011-08-11cppcheck is right that the check for preventing null deference of QueryDavid Kalnischkies
is redundant in Redirect() as we can't reach the code with null anyway [apt-pkg/acquire-method.cc:433]: (error) Possible null pointer dereference: Queue - otherwise it is redundant to check if Queue is null at line 425
2011-08-05* test/integration/test-hashsum-verification:Michael Vogt
- add regression test for hashsum verification * apt-pkg/acquire-item.cc: - if no Release.gpg file is found, still load the hashes for verification (closes: #636314) and add test
2011-08-05* apt-pkg/acquire-item.cc:Michael Vogt
- if no Release.gpg file is found, still load the hashes for verification (closes: #636314) and add test
2011-08-01apt-pkg/pkgcachegen.cc: copy Arch to avoid segfault on cache remapMichael Vogt
2011-07-29merged from debian-sidMichael Vogt
2011-07-29* apt-pkg/pkgcachegen.{cc,h}:Michael Vogt
- use ref-to-ptr semantic in NewDepends() to ensure that the libapt does not segfault if the cache is remapped in between (LP: #812862)
2011-07-28* apt-pkg/contrib/fileutl.{cc,h}:Michael Vogt
- add GetModificationTime() helper * apt-pkg/pkgcachegen.cc: - regenerate the cache if the sources.list changes to ensure that changes in the ordering there will be honored by apt * apt-pkg/sourcelist.{cc,h}: - add pkgSourceList::GetLastModifiedTime() helper
2011-07-28merged from lp:~donkult/apt/sidMichael Vogt
2011-07-27* apt-pkg/deb/deblistparser.cc:David Kalnischkies
- do not assume that the last char on a line is a \n (Closes: #633350)
2011-07-26merged from lp:~mvo/apt/mvoMichael Vogt
2011-07-26fix typos in changelog, make DeEscapeString const, improve descriptionMichael Vogt
2011-07-26add another escape test case, fixup octal one (its \0XX instead of \0XXX)Michael Vogt
2011-07-26apt-pkg/contrib/strutl.cc: kill unneeded debug outputMichael Vogt
2011-07-26* apt-pkg/contrib/strutl.{h,cc}, test/libapt/strutil_test.cc:Michael Vogt
- add new DeEscapeString() similar to DeQuoteQuotedWord but unescape charackter escapes like \0XXX and \xXX (plus add test)
2011-07-26* apt-pkg/contrib/sha1.cc:David Miller
- fix illegally casts of on-stack buffer to a type requiring more alignment than it has resulting in segfaults on sparc (Closes: #634696) The problem is how sha1.cc codes the SHA1 transform, it illegally casts the on-stack workspace buffer to a type requiring more alignment than 'workspace' is actually declared to have. This only shows up recently because gcc-4.6 now does a really aggressive optimization where it gets rid of the workspace buffer entirely and just accesses 'buffer' directly, and assumes it has the necessary alignment for 32-bit loads (which it doesn't).
2011-07-25* apt-pkg/contrib/cdromutl.cc:Michael Vogt
- fix escape problem when looking for the mounted devices
2011-07-25* apt-pkg/deb/deblistparser.cc:David Kalnischkies
- Strip only :any and :native if MultiArch should be stripped as it is save to ignore them in non-MultiArch contexts but if the dependency is a specific architecture (and not the native) do not strip
2011-07-25* apt-pkg/aptconfiguration.cc:David Kalnischkies
- ensure that native architecture is if not specified otherwise the first architecture in the Architectures vector
2011-07-16* apt-pkg/policy.cc:David Kalnischkies
- emit an error on unknown APT::Default-Release value (Closes: #407511)
2011-07-16do not require unused partial dirs in 'source' (Closes: #633510)David Kalnischkies
2011-07-15apt-pkg/contrib/configuration.cc: revert Configuration::Set() ABI breakMichael Vogt
2011-07-15* apt-pkg/depcache.cc:David Kalnischkies
- change default of APT::AutoRemove::SuggestsImportant to true
2011-07-14merge with debian-sid 0.8.15.2David Kalnischkies
2011-07-14merged from debian-sidMichael Vogt
2011-07-14make ResolveByKeep() more clever and hold back packages that would go into a ↵Michael Vogt
broken policy state by the upgrade
2011-07-13fix from David Kalnischkies for the InRelease gpg verification 0.8.15.2Michael Vogt
code (LP: #784473)
2011-07-13apt-pkg/aptconfiguration.h: fix copy/paste error in getCompressionTypes() ↵Michael Vogt
description
2011-07-06* apt-pkg/init.cc:David Kalnischkies
- use CndSet in pkgInitConfig (Closes: #629617)
2011-07-01apt-pkg/acquire-item.cc: improve error message for valid-untilMichael Vogt
2011-06-30* apt-pkg/pkgcachegen.cc:David Kalnischkies
- fallback to memory if file is not writeable even if access() told us the opposite before (e.g. in fakeroot 1.16) (Closes: #630591)
2011-06-30* doc/makefile:Michael Vogt
- create doxygen directory to avoid depending on magic (Closes: #628799) * cmdline/apt-key: - explicitly state that net-update is not supported if no url is set - require to be root for add, rm, update and net-update - clarify update vs. net-update in different distros (Closes: #632043) * debian/apt.symbols: - forgot 'mips' in the list for all architecture dependent symbols - comment out gcc-4.5 specific symbols as gcc-4.6 is now default - the symbol for PrintStatus() is architecture dependent * apt-pkg/policy.cc: - do not segfault in pinning if a package with this name doesn't exist. Thanks to Ferdinand Thommes for the report! - Defaults is a vector of Pin not of PkgPin - ensure that only the first specific stanza for a package is used - save all stanzas which had no effect in Unmatched - allow package:architecure in Package:
2011-06-30allow package:architecure in Package:David Kalnischkies
2011-06-29 - ensure that only the first specific stanza for a package is usedDavid Kalnischkies
- save all stanzas which had no effect in Unmatched
2011-06-29Defaults is a vector of Pin not of PkgPinDavid Kalnischkies
2011-06-29* apt-pkg/policy.cc:David Kalnischkies
- do not segfault in pinning if a package with this name doesn't exist. Thanks to Ferdinand Thommes for the report!
2011-06-29merge with debian-sid release 0.8.15David Kalnischkies
2011-06-28merged from lp:~mvo/apt/mvoMichael Vogt
2011-06-28merged from donkultMichael Vogt
2011-06-28cherry pick from donkultMichael Vogt
2011-06-27* apt-pkg/deb/dpkgpm.cc:Michael Vogt
- set permissions of term.log to root.adm and 644 (LP: #404724)
2011-06-09apt-pkg/deb/debindexfile.cc: kill off another TranslationsAvailable() usage ↵Michael Vogt
that is not needed
2011-06-09apt-pkg/deb/debindexfile.cc: remove tests for TranslationsAvailable() as ↵Michael Vogt
this will break adding translations to the cache if the current environment does not include the language (e.g. LANG=C but german translations). testing for existance of the file is the better approach
2011-06-09* apt-pkg/deb/deblistparser.cc:Michael Vogt
- include all known languages when building the apt cache (LP: #794907)
2011-06-06* apt-pkg/indexcopy.cc:David Kalnischkies
- Verify that the first line of an InRelease file is a PGP header for a signed message. Otherwise a man-in-the-middle can prefix a valid InRelease file with his own data! (CVE-2011-1829)
2011-05-31apt-pkg/acquire-item.cc: only test packages file for correctness if its not ↵Michael Vogt
empty (its ok to have empty packages files)
2011-05-30Reject files known to be invalid (LP: #346386) (Closes: #627642)Julian Andres Klode
2011-05-30apt-pkg/acquire-item.cc: Reject files known to be invalid (LP: #346386) ↵Julian Andres Klode
(Closes: #195301) This commit deals with the following cases: - First section of index file (Packages,Sources,Translation) without Package field - Signed release files without GPG data (NODATA) - i18n/Index files without hash sums Handling unsigned Release files is more complicated, and the example code using indexRecords is disabled as it can reject correct Release files without hashes. How we can reliably check unsigned Release files is another question, and not urgent anyway, as it should have no dramatic effect (we could check that it is a valid RFC-822 section, but that's a bit too long to write)