Age | Commit message (Collapse) | Author |
|
The code is creating a secure temporary directory, but then creates
the changelog alongside the tmpdir in the same base directory. This
defeats the secure tmpdir creation, making the filename predictable.
Inject a '/' between the tmpdir and the changelog filename.
|
|
|
|
When apt-cache search with many args (> 130) is given the allocation
of PatternMatch on the stack may fail resulting in a segmentation
fault. By using the heap the max size is much bigger and we also
get a bad_alloc expection instead of a segfault (which we can catch
*if* this ever becomes a pratical problem). No test for the crash
as its not reproducable with the MALLOC_ settings in framework.
Closes: 759612
|
|
When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect
command for each host instead of only once. This should make using
"proxy" from libproxy-tools feasible which can then be used for PAC
style or other proxy configurations.
Closes: #759264
|
|
dpkg-source can be told to enforce signature checks with
--require-valid-signature, but while this isn't feasible as default for
Debian itself at the moment, a local admin should be able to use it.
This commit also fixes the size limit on the construction of the command
being called for dpkg-source and dpkg-buildpackage.
Closes: 757534
|
|
|
|
|
|
'mvo/bugfix/apt-get-source-unauthenticated-warning' into debian/sid
|
|
Closes: 742835
|
|
|
|
This will show the same unauthenticated warning for source packages
as for binary packages and will not download a source package if
it is unauthenticated. This can be overridden with
--allow-unauthenticated
Closes: #749795
|
|
Git-Dch: ignore
|
|
3163087b moved SigWinch(int) from apt-get.cc to private-output.cc
without moving #include <sys/ioctl.h>, making SigWinch a nop.
Closes: 748430, 747942
|
|
Closes: 748389
|
|
|
|
Those files are in apt-private and used from there.
Git-Dch: Ignore
|
|
Closes: 743413
|
|
|
|
Use mkstemp() in apt-extractemplates and add a integrationtest
for apt-extracttemplates too. Thanks to Steve Kemp for the report.
|
|
|
|
|
|
Git-Dch: Ignore
|
|
The preparation code to deal with auto-detection and co is the same for
both methods, so not sharing them would be bad. Deals also with the
prevention of side effects triggered by the auto-detection like
disabling mounting for the fallback.
Git-Dch: Ignore
|
|
The warning message from gcc doesn't make that much sense in my reading
as there is no loop which could overflow here, but it is better to use
our SPtrArray wrapping anyway which fixes the warning as well.
warning: cannot optimize loop, the loop counter may overflow [-Wunsafe-loop-optimizations]
delete[] Dsc;
Git-Dch: Ignore
Reported-By: gcc -Wunsafe-loop-optimizations
|
|
Git-Dch: Ignore
Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn}
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Reported-By: gcc -Wunused-parameter
Git-Dch: Ignore
|
|
Git-Dch: Ignore
Reported-By: gcc -Wmissing-declarations
|
|
Git-Dch: Ignore
Reported-By: gcc -Wpedantic
|
|
Reported-By: gcc
Git-Dch: Ignore
|
|
Inspired by the rest of the patch in 661537, but abstract the
parsing of various ways of setting the build profiles more so it can
potentially be reused and all apt parts have the same behaviour.
Especially config options, cmdline options and environment will not be
combined as proposed as this isn't APTs usual behaviour and dpkg doesn't
do it either, so one overrides the other as it normally does.
|
|
feature/apt-download-file
Conflicts:
cmdline/apt-helper.cc
test/integration/framework
test/integration/test-apt-https-no-redirect
|
|
|
|
|
|
|
|
Sync the deb(5) format support with latest dpkg, by allowing
uncompressed tar members and xz compressed control.tar. This
also refactors the control.tar member extraction by using
ExtractTarMember(), which also means future changes only need
to be implemented in a single place.
|
|
|
|
|
|
|
|
Conflicts:
test/integration/test-apt-get-download
|
|
Use a APT::VersionSet instead of a APT::VersionList in DoDownload()
to ensure that there is only one version in the set even if the
user passes multiple identical name/versions on the commandline
(Bug#738103)
|
|
If there are multiple CD-ROM drives, `apt-cdrom add` will abort with an
error if any of the drives do not contain a Debian CD which is against
the documentation we have saying "a CD-ROM" and also scripts do not
expect it this way.
This patch modifies apt-cdrom to return success if any of the drives
succeeded. If failures occur, apt-cdrom will still continue trying all
the drives and report the last failure (if none of them succeeded).
The 'ident' command was also changed to match the new 'add' behavior.
Closes: 728153
|
|
Closes: 738103
|
|
|
|
|
|
Conflicts:
apt-private/private-list.cc
doc/po/de.po
test/integration/framework
|
|
|
|
There is a new "apt full-upgrade" that performs a apt-get dist-upgrade.
"apt dist-upgrade" is still supported as a alias. The "apt upgrade" code
is changed so that it mirrors the behavior of
"apt-get upgrade --with-new-pkgs" and also honors
"apt uprade --no-new-pkgs".
|
|
|
|
|