Age | Commit message (Collapse) | Author |
|
argument of the function
|
|
and also add master keyring to ensure that we can actually verify the signature
|
|
mdeslaur and infinity for the code review
|
|
|
|
|
|
|
|
master-keyring and add-keyring (see lp #857472) and add regression test
|
|
|
|
|
|
that it doesn't like that… remove superficial quoting to fix apt-key
|
|
- use a tmpfile instead of /etc/apt/secring.gpg (Closes: #632596)
* debian/apt.postinst:
- remove /etc/apt/secring.gpg if it is an empty file
|
|
|
|
- create doxygen directory to avoid depending on magic (Closes: #628799)
* cmdline/apt-key:
- explicitly state that net-update is not supported if no url is set
- require to be root for add, rm, update and net-update
- clarify update vs. net-update in different distros (Closes: #632043)
* debian/apt.symbols:
- forgot 'mips' in the list for all architecture dependent symbols
- comment out gcc-4.5 specific symbols as gcc-4.6 is now default
- the symbol for PrintStatus() is architecture dependent
* apt-pkg/policy.cc:
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
- Defaults is a vector of Pin not of PkgPin
- ensure that only the first specific stanza for a package is used
- save all stanzas which had no effect in Unmatched
- allow package:architecure in Package:
|
|
|
|
* cmdline/apt-key:
- fix root test which prevented setting of trustdb-name
which lets gpg fail if it adds/remove keys from trusted.gpg
as it tries to open the (maybe) not existent /root/.gnupg
|
|
|
|
- don't set trustdb-name as non-root so 'list' and 'finger'
can be used without being root (Closes: #393005, #592107)
|
|
- set timeout of wget for net-update to 90 seconds (thanks to \sh)
|
|
|
|
- support also Dir::Etc::Trusted so that apt-key works in the same
way as the library part which works with the trusted files
|
|
|
|
- Honor Apt::GPGV::TrustedKeyring (Closes: #316390)
|
|
|
|
* spot & fix various typos in all manpages
* German manpage translation update
* cmdline/apt-cache.cc:
- remove translatable marker from the "%4i %s\n" string
* buildlib/po4a_manpage.mak:
- instruct debiandoc to build files with utf-8 encoding
* buildlib/tools.m4:
- fix some warning from the buildtools
* apt-pkg/acquire-item.cc:
- add configuration PDiffs::Limit-options to not download
too many or too big patches (Closes: #554349)
* debian/control:
- let all packages depend on ${misc:Depends}
* share/*-archive.gpg:
- remove the horrible outdated files. We already depend on
the keyring so we don't need to ship our own version
* cmdline/apt-key:
- errors out if wget is not installed (Closes: #545754)
- add --keyring option as we have now possibly many
* methods/gpgv.cc:
- pass all keyrings (TrustedParts) to gpgv instead of
using only one trusted.gpg keyring (Closes: #304846)
* methods/https.cc:
- finally merge the rest of the patchset from Arnaud Ebalard
with the CRL and Issuers options, thanks! (Closes: #485963)
|
|
- Emit a warning if removed keys keyring is missing and skip associated
checks (LP: #218971)
|
|
- Emit a warning if removed keys keyring is missing and skip associated
checks (LP: #218971)
|
|
|
|
|
|
|
|
|
|
closes: #350575)
|
|
|
|
- only check against master-keys in net-update to not break
custom CDs (thanks to Colin Watson)
|
|
in update. it does not add any security in update (see comment in the source for rational)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
add_keys_with_verify_against_master_keyring
|
|
- add "net-update" command that fetches the
ubuntu-archive-keyring.gpg and add keys from it that are
signed by the ubuntu-master-keyring.gpg
(apt-archive-key-signatures spec)
|
|
- add support for net-update command that verifies all keys
against the master key keyring
|
|
|
|
|
|
|
|
|
|
- add support for a master-keyring that contains signing keys
that can be used to sign the archive signing keys. This should
make key-rollover easier.
|
|
|
|
apt-get to ignore time conflicts, closes: #451328.
|