summaryrefslogtreecommitdiff
path: root/debian/changelog
AgeCommit message (Collapse)Author
2012-03-04handle a SIGINT in all modes as a break after the currently runningDavid Kalnischkies
dpkg transaction instead of ignoring it completely
2012-03-04* apt-pkg/acquire-item.cc:David Kalnischkies
- remove 'old' InRelease file if we can't get a new one before proceeding with Release.gpg to avoid the false impression of a still trusted repository by a (still present) old InRelease file. Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214) Effected are all versions >= 0.8.11 Possible attack summary: - Attacker needs to find a user which has run at least one successful 'apt-get update' against an archive providing InRelease files. - Create a Packages file with his preferred content. - Attacker then prevents the download of InRelease, Release and Release.gpg (alternatively he creates a valid Release file and sends this, the other two files need to be missing either way). - User updates against this, getting the modified Packages file without any indication of being unsigned (beside the "Ign InRelease" and "Ign Release.gpg" in the output of 'apt-get update'). => deb files from this source are considered 'trusted' (and therefore the user isn't asked for an additional confirmation before install)
2012-03-03* apt-pkg/packagemanager.cc:David Kalnischkies
- do not try to a void a breaks if the broken package pre-depends on the breaker, but let dpkg auto-deconfigure it
2012-02-25* cmdline/apt-cache.cc:David Kalnischkies
- correct --pre-depends option by using dash consistently (LP: #940837)
2012-02-18improve 'error' message for packages which are only referencedDavid Kalnischkies
e.g. in a Depends line and are now requested for removal
2012-02-18* cmdline/apt-get.cc:David Kalnischkies
- if a package can't be removed as it is not installed, suggest to the user an (installed) multiarch silbing with 'Did you mean?'
2012-02-18use pdiff for Translation-* files if available (Closes: #657902)David Kalnischkies
Beware: pdiffs for Translation-* are only acquired if their availability is advertised in the Release file.
2012-02-18* apt-pkg/acquire-item.cc:David Kalnischkies
- drop support for i18n/Index file (introduced in 0.8.11) and use the Release file instead to get the Translations (Closes: #649314) * ftparchive/writer.cc: - add 'Translation-*' to the default patterns i18n/Index was never used outside debian - and even here it isn't used consistently as only 'main' has such a file. As the Release file now includes the Translation-* files we therefore drop support for i18n/Index. A version supporting it was never part of a debian release and still supporting it would mean that we get 99% of the time a 404 as response to the request anyway and confuse archive maintainers who want to provide all files APT tries to acquire.
2012-02-18* apt-pkg/indexrecords.cc:David Kalnischkies
- do not create empty Entries as a sideeffect of Lookup()
2012-02-11* apt-pkg/cachefile.cc:David Kalnischkies
- clean up lost atomic cachefiles with 'clean' (Closes: #650513)
2012-02-11remove the arbitrary MAXLEN limit for response lines (Closes: #658346)David Kalnischkies
2012-02-11save the universe by not printing messages about apport if a packageDavid Kalnischkies
with this name is not installed (Closes: #619646)
2012-02-11correctly ignore already (un)hold packagesDavid Kalnischkies
2012-02-10* cmdline/apt-mark.cc:David Kalnischkies
- detect if dpkg has multiarch support before calling --set-selections
2012-02-10ensure that architectures are not added multiple timesDavid Kalnischkies
2012-02-09call dpkg --assert-multi-arch with execvp instead of execvDavid Kalnischkies
2012-02-03* apt-pkg/contrib/fileutl.h:Michael Vogt
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
2012-02-03* apt-pkg/contrib/fileutl.h:Michael Vogt
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
2012-01-31Fix IndexCopy::CopyPackages and TranslationsCopy::CopyTranslations toMichael Vogt
handle compressed files again (LP: #924182, closes: #658096)
2012-01-30* apt-pkg/deb/dpkgpm.cc:Michael Vogt
- fix crash when a package is in removed but residual config state (LP: #923807)
2012-01-30* apt-pkg/aptconfiguration.cc:David Kalnischkies
- chroot if needed before calling dpkg --print-foreign-architectures
2012-01-30* methods/http{s,}.cc:David Kalnischkies
- if a file without an extension is requested send an 'Accept: text/*' header to avoid that the server chooses unsupported compressed files in a content-negotation attempt (Closes: #657560)
2012-01-30* apt-pkg/contrib/configuration.cc:David Kalnischkies
- do not stop parent transversal in FindDir if the value is empty See http://lists.debian.org/deity/2012/01/msg00053.html , too.
2012-01-29* apt-pkg/depcache.cc:David Kalnischkies
- if a M-A:same package is marked for reinstall, mark all it's installed silbings for reinstallation as well (LP: #859188)
2012-01-29* apt-pkg/algorithms.cc:Colin Watson
- use a signed int instead of short for score calculation as upgrades become so big now that it can overflow (Closes: #657732, LP: #917173)
2012-01-29* apt-pkg/algorithms.cc:Colin Watson
- don't break out of the main-resolver loop for Breaks to deal with all of them in a single iteration (Closes: #657695, LP: #922485)
2012-01-29* cmdline/apt-get.cc:Steve Langasek
- for cross-build-dependencies M-A: none should be DEB_HOST_ARCH, not DEB_BUILD_ARCH (Closes: #646288)
2012-01-29ensure that dpkg binary doesn't have the chroot-directory prefixedDavid Kalnischkies
2012-01-29* apt-pkg/deb/dpkgpm.cc:David Kalnischkies
- chroot if needed before dpkg --assert-multi-arch
2012-01-24releasing version 0.8.16~exp12Michael Vogt
2012-01-20* test/libapt/run-tests:David Kalnischkies
- hurd doesn't have dmesg yet and we don't really need it either, so use with $0 a more stable data source for hashsumming
2012-01-20* test/libapt/globalerror_test.cc:Pino Toscano
- errno 0 has a different strerror on hurd, so generate the expected message dynamically instead of hardcoding 'Success' (Closes: #656530)
2012-01-19* methods/https.cc:David Kalnischkies
- use curls list append instead of appending Range and If-Range by hand which generates malformed requests, thanks Mel Collins for the hint! (Closes: #646381)
2012-01-19apply typofixes by Pascal De Vuyst, thanks! (Closes: #652834, #652835)David Kalnischkies
2012-01-19* debian/rules:David Kalnischkies
- apply patch to enable usage of hardning CPPFLAGS and LDFLAGS by Moritz Muehlenhoff, thanks! (Closes: #653504)
2012-01-19* debian/control:David Kalnischkies
- remove APT from the short descriptions as lintian doesn't like it and it doesn't transport any information for a reader anyway
2012-01-19* apt-pkg/packagemanager.cc:David Kalnischkies
- ignore breaks on not-installed versions while searching for breakage loops as we don't have to avoid them
2012-01-19* apt-pkg/cacheiterators.h:David Kalnischkies
- return the correct version arch for all+foreign, too The flag is interpreted at a few other places in different styles so this commit ensures that the flag check is consistent everywhere (checking for Same in flag style is a bit too much as it isn't used in combination with others anyway, but who knows and just for consistency)
2012-01-19* apt-pkg/deb/dpkgpm.cc:Michael Vogt
- fix segfault on pkg removal
2012-01-19releasing version 0.8.16~exp11Michael Vogt
2012-01-19if multi-arch is detected ensure that pkg:all is reported as pkg:allDavid Kalnischkies
Versions with arch:all are added to the package with the native arch, so we can't rely on Pkg.Arch() for the architecture
2012-01-19* apt-pkg/deb/dpkgpm.cc:David Kalnischkies
- redirect out/input of dpkg --assert-multi-arch to /dev/null
2012-01-19releasing version 0.8.16~exp10Michael Vogt
2012-01-18* apt-pkg/contrib/fileutl.h:Michael Vogt
- store the offset in the internal fd before calculate size of the zlib-handled file to jump back to this place again * apt-pkg/contrib/fileutl.h:
2012-01-18* apt-pkg/aptconfiguration.cc:Michael Vogt
- parse dpkg --print-foreign-architectures correctly in case archs are separated by newline instead of space, too. (Closes: #655590) * Slovak (Ivan Masar). Closes: #652985 * Russian (Yuri Kozlov). Closes: #654844 * Hungarian (Gabor Kelemen). Closes: #655238
2012-01-18* apt-pkg/contrib/fileutils.h:Michael Vogt
- fix segfault from python-apt testsuite
2012-01-18* apt-pkg/contrib/fileutl.h:David Kalnischkies
- store the offset in the internal fd before calculate size of the zlib-handled file to jump back to this place again It jumped back to the position of the content - which is wrong as the internal fd is compressed and even reseting to the beginning of the file doesn't work as zlib uses an internal buffer, so while we might haven't read anything yet zlib might have done so already…
2012-01-16* apt-pkg/contrib/fileutils.h:Michael Vogt
- fix segfault from python-apt testsuite
2012-01-13add Closes tag for the --show-foreign newline changeDavid Kalnischkies
2012-01-13* apt-pkg/deb/dpkgpm.cc:David Kalnischkies
- check if dpkg supports multiarch with --assert-multi-arch and if it does be always explicit about the architecture