Age | Commit message (Collapse) | Author |
|
* apt-pkg/packagemanager.cc:
- fix bug in predepends handling - ensure that packages that needs
unpackaging are unpacked before they are configured (LP: #927993)
[ Julian Andres Klode ]
* apt-pkg/deb/deblistparser.cc:
- Set the Essential flag on APT instead of only Important
* apt-pkg/packagemanager.cc:
- Do not use immediate configuration for packages with the Important flag
* Treat the Important flag like the Essential flag with those differences:
- No Immediate configuration (see above)
- Not automatically installed during dist-upgrade
- No higher score for installation ordering
|
|
- fix bug in predepends handling - ensure that packages that needs
unpackaging are unpacked before they are configured (LP: #927993)
|
|
- do not warn about the ignoring of directories (Closes: #662762)
|
|
* Treat the Important flag like the Essential flag with those differences:
- No higher score for installation ordering
|
|
- No Immediate configuration (see above)
- Not automatically installed during dist-upgrade
|
|
- Do not use immediate configuration for packages with the Important flag
|
|
- Set the Essential flag on APT instead of only Important
|
|
dpkg transaction instead of ignoring it completely
|
|
- remove 'old' InRelease file if we can't get a new one before
proceeding with Release.gpg to avoid the false impression of a still
trusted repository by a (still present) old InRelease file.
Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)
Effected are all versions >= 0.8.11
Possible attack summary:
- Attacker needs to find a user which has run at least one successful
'apt-get update' against an archive providing InRelease files.
- Create a Packages file with his preferred content.
- Attacker then prevents the download of InRelease, Release and
Release.gpg (alternatively he creates a valid Release file and sends
this, the other two files need to be missing either way).
- User updates against this, getting the modified Packages file without
any indication of being unsigned (beside the "Ign InRelease" and
"Ign Release.gpg" in the output of 'apt-get update').
=> deb files from this source are considered 'trusted' (and therefore the
user isn't asked for an additional confirmation before install)
|
|
- do not try to a void a breaks if the broken package pre-depends
on the breaker, but let dpkg auto-deconfigure it
|
|
- when calculating pre-dependencies ensure that both unpack and
configure are considered (instead of only configure) LP: #927993
|
|
- correct --pre-depends option by using dash consistently (LP: #940837)
|
|
e.g. in a Depends line and are now requested for removal
|
|
- if a package can't be removed as it is not installed, suggest to
the user an (installed) multiarch silbing with 'Did you mean?'
|
|
Beware: pdiffs for Translation-* are only acquired if their
availability is advertised in the Release file.
|
|
- drop support for i18n/Index file (introduced in 0.8.11) and use
the Release file instead to get the Translations (Closes: #649314)
* ftparchive/writer.cc:
- add 'Translation-*' to the default patterns
i18n/Index was never used outside debian - and even here it isn't used
consistently as only 'main' has such a file. As the Release file now
includes the Translation-* files we therefore drop support for i18n/Index.
A version supporting it was never part of a debian release and still
supporting it would mean that we get 99% of the time a 404 as response
to the request anyway and confuse archive maintainers who want to
provide all files APT tries to acquire.
|
|
- do not create empty Entries as a sideeffect of Lookup()
|
|
- clean up lost atomic cachefiles with 'clean' (Closes: #650513)
|
|
|
|
with this name is not installed (Closes: #619646)
|
|
|
|
- detect if dpkg has multiarch support before calling --set-selections
|
|
|
|
|
|
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
|
|
- fix compat with FileFd::OpenDescriptor() in ReadOnlyGzip mode
|
|
handle compressed files again (LP: #924182, closes: #658096)
|
|
- fix crash when a package is in removed but residual config state
(LP: #923807)
|
|
- chroot if needed before calling dpkg --print-foreign-architectures
|
|
- if a file without an extension is requested send an 'Accept: text/*'
header to avoid that the server chooses unsupported compressed files
in a content-negotation attempt (Closes: #657560)
|
|
- do not stop parent transversal in FindDir if the value is empty
See http://lists.debian.org/deity/2012/01/msg00053.html , too.
|
|
- if a M-A:same package is marked for reinstall, mark all it's installed
silbings for reinstallation as well (LP: #859188)
|
|
- use a signed int instead of short for score calculation as upgrades
become so big now that it can overflow (Closes: #657732, LP: #917173)
|
|
- don't break out of the main-resolver loop for Breaks to deal with all
of them in a single iteration (Closes: #657695, LP: #922485)
|
|
- for cross-build-dependencies M-A: none should be DEB_HOST_ARCH,
not DEB_BUILD_ARCH (Closes: #646288)
|
|
|
|
- chroot if needed before dpkg --assert-multi-arch
|
|
|
|
- hurd doesn't have dmesg yet and we don't really need it either,
so use with $0 a more stable data source for hashsumming
|
|
- errno 0 has a different strerror on hurd, so generate the expected
message dynamically instead of hardcoding 'Success' (Closes: #656530)
|
|
- use curls list append instead of appending Range and If-Range by hand
which generates malformed requests, thanks Mel Collins for the hint!
(Closes: #646381)
|
|
|
|
- apply patch to enable usage of hardning CPPFLAGS and LDFLAGS by
Moritz Muehlenhoff, thanks! (Closes: #653504)
|
|
- remove APT from the short descriptions as lintian doesn't like it
and it doesn't transport any information for a reader anyway
|
|
- ignore breaks on not-installed versions while searching for
breakage loops as we don't have to avoid them
|
|
- return the correct version arch for all+foreign, too
The flag is interpreted at a few other places in different styles so
this commit ensures that the flag check is consistent everywhere
(checking for Same in flag style is a bit too much as it isn't used
in combination with others anyway, but who knows and just for
consistency)
|
|
- fix segfault on pkg removal
|
|
|
|
Versions with arch:all are added to the package with the native arch,
so we can't rely on Pkg.Arch() for the architecture
|
|
- redirect out/input of dpkg --assert-multi-arch to /dev/null
|