Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
- add regression test for hashsum verification
* apt-pkg/acquire-item.cc:
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
|
|
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
|
|
|
|
|
|
- use ref-to-ptr semantic in NewDepends() to ensure that the
libapt does not segfault if the cache is remapped in between
(LP: #812862)
|
|
- add GetModificationTime() helper
* apt-pkg/pkgcachegen.cc:
- regenerate the cache if the sources.list changes to ensure
that changes in the ordering there will be honored by apt
* apt-pkg/sourcelist.{cc,h}:
- add pkgSourceList::GetLastModifiedTime() helper
|
|
|
|
- do not assume that the last char on a line is a \n (Closes: #633350)
|
|
|
|
|
|
|
|
|
|
- add new DeEscapeString() similar to DeQuoteQuotedWord but
unescape charackter escapes like \0XXX and \xXX (plus add test)
|
|
- fix illegally casts of on-stack buffer to a type requiring more
alignment than it has resulting in segfaults on sparc (Closes: #634696)
The problem is how sha1.cc codes the SHA1 transform, it illegally
casts the on-stack workspace buffer to a type requiring more
alignment than 'workspace' is actually declared to have.
This only shows up recently because gcc-4.6 now does a really
aggressive optimization where it gets rid of the workspace
buffer entirely and just accesses 'buffer' directly, and assumes
it has the necessary alignment for 32-bit loads (which it
doesn't).
|
|
- fix escape problem when looking for the mounted devices
|
|
- Strip only :any and :native if MultiArch should be stripped as it is
save to ignore them in non-MultiArch contexts but if the dependency
is a specific architecture (and not the native) do not strip
|
|
- ensure that native architecture is if not specified otherwise the
first architecture in the Architectures vector
|
|
- emit an error on unknown APT::Default-Release value (Closes: #407511)
|
|
|
|
|
|
- change default of APT::AutoRemove::SuggestsImportant to true
|
|
|
|
|
|
broken policy state by the upgrade
|
|
code (LP: #784473)
|
|
description
|
|
- use CndSet in pkgInitConfig (Closes: #629617)
|
|
|
|
- fallback to memory if file is not writeable even if access()
told us the opposite before (e.g. in fakeroot 1.16) (Closes: #630591)
|
|
- create doxygen directory to avoid depending on magic (Closes: #628799)
* cmdline/apt-key:
- explicitly state that net-update is not supported if no url is set
- require to be root for add, rm, update and net-update
- clarify update vs. net-update in different distros (Closes: #632043)
* debian/apt.symbols:
- forgot 'mips' in the list for all architecture dependent symbols
- comment out gcc-4.5 specific symbols as gcc-4.6 is now default
- the symbol for PrintStatus() is architecture dependent
* apt-pkg/policy.cc:
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
- Defaults is a vector of Pin not of PkgPin
- ensure that only the first specific stanza for a package is used
- save all stanzas which had no effect in Unmatched
- allow package:architecure in Package:
|
|
|
|
- save all stanzas which had no effect in Unmatched
|
|
|
|
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
|
|
|
|
|
|
|
|
|
|
- set permissions of term.log to root.adm and 644 (LP: #404724)
|
|
that is not needed
|
|
this will break adding translations to the cache if the current environment does not include the language (e.g. LANG=C but german translations). testing for existance of the file is the better approach
|
|
- include all known languages when building the apt cache
(LP: #794907)
|
|
- Verify that the first line of an InRelease file is a PGP header
for a signed message. Otherwise a man-in-the-middle can prefix
a valid InRelease file with his own data! (CVE-2011-1829)
|
|
empty (its ok to have empty packages files)
|
|
|
|
(Closes: #195301)
This commit deals with the following cases:
- First section of index file (Packages,Sources,Translation) without Package field
- Signed release files without GPG data (NODATA)
- i18n/Index files without hash sums
Handling unsigned Release files is more complicated, and the example code
using indexRecords is disabled as it can reject correct Release files
without hashes. How we can reliably check unsigned Release files is
another question, and not urgent anyway, as it should have no
dramatic effect (we could check that it is a valid RFC-822 section,
but that's a bit too long to write)
|
|
- don't set deprecated APT::Acquire::Translation, thanks Jörg Sommer!
|