Age | Commit message (Collapse) | Author |
|
The missing auth.conf.d directory was an oversight, it should
be there.
LP: #1818996
(cherry picked from commit 192a152c3d818f49dbd1ecfd8028532558a57758)
|
|
|
|
This gives more protection for people where kernel metapackages
are accidentally removed.
LP: #1787460
(cherry picked from commit a4b0ce5a4f5068f780b3aa94473230b5093a837d)
(cherry picked from commit 890f21e846025701f4596a69399f798219357c76)
(cherry picked from commit 67fdc0cf55f4e91905b16e0f582ce70999997c8d)
|
|
|
|
|
|
apt (1.0.1ubuntu2.18) trusty; urgency=medium
* ExecFork: Use /proc/self/fd to determine which files to close
(Closes: #764204) (LP: #1332440).
apt (1.0.1ubuntu2.17) trusty-security; urgency=high
* SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
Thanks to Jann Horn, Google Project Zero for reporting the issue
(LP: #1647467)
apt (1.0.1ubuntu2.15) trusty; urgency=medium
* Fixes failure to download the Package index file when using
mirror:// URL in sources.list and the archive fails to profile
a file. APT would try the next archive in the list for .deb
packages but did not retry when the index file failed to download.
(LP: #1625667)
apt (1.0.1ubuntu2.14) trusty; urgency=medium
* When using the https transport mechanism, $no_proxy is ignored if apt is
getting it's proxy information from $https_proxy (as opposed to
Acquire::https::Proxy somewhere in apt config). If the source of proxy
information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
then $no_proxy is honored. This patch makes the behavior similar for
both methods of setting the proxy. (LP: #1575877)
apt (1.0.1ubuntu2.13) trusty; urgency=medium
* Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
systemd, util-linux, and other packages with Pre-Depends. Many thanks to
David Kalnischkies for figuring out the patch and Winfried PLappert for
testing! Patch taken from Debian git. (LP: #1560797)
apt (1.0.1ubuntu2.12) trusty; urgency=medium
[ Colin Watson ]
* Fix lzma write support to handle "try again" case (closes: #751688,
LP: #1553770).
[ David Kalnischkies ]
* Handle moved mmap after UniqFindTagWrite call (closes: #753941,
LP: #1445436).
apt (1.0.1ubuntu2.11) trusty; urgency=medium
* apt-pkg/packagemanager.cc:
- fix incorrect configure ordering in the SmartConfigure step by skipping
packages that do not need immediate action. (LP: #1347721, #1497688)
apt (1.0.1ubuntu2.10) trusty; urgency=medium
* Fix regression from the previous upload by ensuring we're actually
testing for the right member before iterating on it (LP: #1480592)
apt (1.0.1ubuntu2.9) trusty; urgency=medium
* Fix regression in the Never-MarkAuto-Sections feature caused by the
previous auto-removal fix, with inspiration drawn from the patches
and conversation from http://bugs.debian.org/793360 (LP: #1479207)
apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low
* fix crash for packages that have no section in their instVersion
(LP: #1449394)
apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low
* fix auto-removal behavior (thanks to Adam Conrad)
LP: #1429041
apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium
* apt-pkg/deb/dpkgpm.cc:
- update string matching for dpkg I/O errors. (LP: #1363257)
- properly parse the dpkg status line so that package name is properly set
and an apport report is created. Thanks to Anders Kaseorg for the patch.
(LP: #1353171)
apt (1.0.1ubuntu2.5) trusty-security; urgency=low
* SECURITY UPDATE:
- cmdline/apt-get.cc: fix insecure tempfile handling in
apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low
* SECURITY UPDATE:
- fix potential buffer overflow, thanks to the
Google Security Team (CVE-2014-6273)
* Fix regression from the previous upload when file:/// sources
are used and those are on a different partition than
the apt state directory
* Fix regression when Dir::state::lists is set to a relative path
* Fix regression when cdrom: sources got rewriten by apt-cdrom add
apt (1.0.1ubuntu2.3) trusty-security; urgency=low
* SECURITY UPDATE:
- incorrect invalidating of unauthenticated data (CVE-2014-0488)
- incorect verification of 304 reply (CVE-2014-0487)
- incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
|
|
|
|
|
|
|
|
Conflicts:
.travis.yml
|
|
Git-Dch: Ignore
Conflicts:
test/integration/framework
|
|
Conflicts:
configure.ac
debian/changelog
debian/control
test/integration/framework
|
|
|
|
Conflicts:
debian/changelog
|
|
|
|
|
|
This helps if people did unclean upgrades from squeeze, namely to
jessie directly.
|
|
This is a *hack* to work around unofficial packages for Java 7
and 8 that wrongly provide the Java 5 and 6 packages.
Closes: #743616
|
|
|
|
|
|
libapt-pkg depends on the other compressors, and now that
xz is the default in many cases, it should depend on that
one as well.
|
|
|
|
|
|
Conflicts:
debian/changelog
|
|
|
|
|
|
|
|
|
|
Conflicts:
apt-pkg/deb/dpkgpm.cc
debian/apt.auto-removal.sh
debian/changelog
vendor/debian/sources.list.in
|
|
Signed-off-by: Trần Ngọc Quân <vnwildman@gmail.com>
|
|
|
|
|
|
|
|
This methods should not be used by anyone expect the library itself as
they are helpers for the specific class and therefore perfect candidates
for hidding.
Git-Dch: Ignore
|
|
Closes: 702016
Reported-By: Mason Loring Bliss <mason@blisses.org>,
Jakub Wilk <jwilk@debian.org>
|
|
Metapackages like "linux-image-amd64" are otherwise matched by our
extraction as well, which later on can't be successfully compared via
dpkg --compare-versions as the 'amd64' bit isn't a version number.
(Luckily none of our architectures starts with a digit.)
This was broken by me in 0.9.16 as I moved a shell-glob matcher to a
regex-based one which has slightly different semantics regarding '*'.
Closes: 741962
|
|
|
|
|
|
We have xz/lzma support for a while, but only via an external binary
provided by xz-utils. Now that the Debian archive provides xz by default
and dpkg pre-depends on the library provided by liblzma-dev we can switch
now to use this library as well to avoid requiring an external binary.
For now the binary is in a prio:required package, but this might change
in the future.
API wise it is quiet similar to bz2 code expect that it doesn't provide
file I/O methods, so we piece this together on our own.
|
|
Mostly ensures that we use the build methods and not the system
provided methods in the tests (if we don't want it that way).
Git-Dch: Ignore
|
|
As we deal with regex matchers here the dots are treated as wildcards if
we don't take care of escaping them. Not very likely that this could be
a real-world problem, but just to be sure.
|
|
Pre-build kernel modules (like those build with module-assistent) are
commonly named in this way and it should be ungeneric enough to be added
by default for everyone.
|
|
kfreebsd as well as hurd kernel packages call the postinst script as
well so we just need to enable the correct parsing for installed
packages and disable the "protect every version" hammer for them.
|
|
With APT::VersionedKernelPackages users have the option of adding
packages like pre-build out-of-tree modules to the list of automatically
protected from being autoremoved.
|
|
Git-Dch: Ignore
Reported-By: gcc -Wmissing-declarations
|
|
Git-Dch: Ignore
|
|
Inspired by the rest of the patch in 661537, but abstract the
parsing of various ways of setting the build profiles more so it can
potentially be reused and all apt parts have the same behaviour.
Especially config options, cmdline options and environment will not be
combined as proposed as this isn't APTs usual behaviour and dpkg doesn't
do it either, so one overrides the other as it normally does.
|
|
libapt-pkg depends on the other compressors, and now that
xz is the default in many cases, it should depend on that
one as well.
|
|
Conflicts:
debian/changelog
|
|
|