Age | Commit message (Collapse) | Author |
|
|
|
apt-pkg/deb/deblistparser.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc and Release files
We can't write a "clean" file to disk as not all acquire methods copy
Release files before checking them (e.g. cdrom), so this reverts recombining,
but uses the method we use for dsc files also in the two places we
deal with Release files
|
|
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
|
|
|
|
|
|
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
|
|
|
|
- keep the last good InRelease file around just as we do it with
Release.gpg in case the new one we download isn't good for us
|
|
|
|
- ExecGPGV is a method which should never return, so mark it as such
and fix the inconsistency of returning in error cases
|
|
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
|
|
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
|
|
version strings e.g. for implicit multi-arch dependencies
|
|
|
|
- do not store the MD5Sum for every description language variant as
it will be the same for all so it can be shared to save cache space
|
|
|
|
|
|
Guillem Jover
|
|
- prefer to install packages which have an already installed M-A:same
sibling while choosing providers (LP: #1130419)
|
|
- support '\r' in the Release file
|
|
|
|
- Make "..." translatable to fix inconsistencies in the output
of e.g. apt-get update. While this adds new translatable strings,
not having translations for them will not break anything.
Thanks to Guillem Jover. Closes: #696225
|
|
Closes: #697577
|
|
Closes: #697577
|
|
|
|
|
|
- fix package-pointer array memory leak in ResolveByKeepInternal()
|
|
- ensure pkgProblemResolver calls MarkDelete without FromUser set
so that it can't overrule holds and the protection flag
|
|
|
|
- don't call MarkInstall with the FromUser flag set for packages
which are dependencies of APT::Never-MarkAuto-Sections matchers
|
|
- do not do lock-step configuration for a M-A:same package if it isn't
unpacked yet in SmartConfigure and do not unpack a M-A:same package
again in SmartUnPack if we have already configured it (LP: #1062503)
|
|
- Fix crash if the cache is remapped while writing a Provides version
(LP: #1066445).
|
|
|
|
|
|
- remove the 64 char limit for login/password in internal usage
|
|
- match pins with(out) an architecture as we do on the commandline
(partly fixing #687255, b= support has to wait for jessie)
|
|
- include reinstall requests and already installed (= protected) packages
in the install-request for external resolvers (Closes: #689331)
|
|
as it is used for arch:all packages as a map to arch:native.
Otherwise arch comparisons later will see differences (Closes: #689323)
|
|
handled in NewVersion is already registered
|
|
|
|
- ignore negative dependencies applying in the same group for
M-A:same packages on the real package name as self-conflicts
|
|
we use the not remapped iterators after a move of the mmap again
|
|
- ensure that dependencies for packages:none are always generated
|
|
- do not create 'native' (or now 'none') package structures as a side
effect of description translation parsing as it pollutes the cache
|
|
by introducing a pseudo-architecture 'none' so that the small group of
users with these packages can get right of them without introducing too
much hassle for other users (Closes: #686346)
|
|
|
|
|
|
and avoid re-unpack otherwise (Closes: #670900)
|
|
- copy only configured translation files from a CD-ROM and not all
available translation files preventing new installs with d-i from
being initialized with all translations (Closes: #678227)
- handle Components in the reduction for the source.list as multi-arch CDs
otherwise create duplicated source entries (e.g. "wheezy main main")
|
|
architectures on multi-arch CD-ROMs
- do not warn about files which have a record in the Release file, but
are not present on the CD to mirror the behavior of the other methods
and to allow uncompressed indexes to be dropped without scaring users
- handle Components in the reduction for the source.list as multi-arch CDs
|