summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2019-03-12Release 1.0.1ubuntu2.221.0.1ubuntu2.22Julian Andres Klode
2019-03-08apt.dirs: Install auth.conf.d directoryJulian Andres Klode
The missing auth.conf.d directory was an oversight, it should be there. LP: #1818996 (cherry picked from commit 192a152c3d818f49dbd1ecfd8028532558a57758)
2019-03-01Release 1.0.1ubuntu2.211.0.1ubuntu2.21Julian Andres Klode
2019-03-01NeverAutoRemove kernel meta packagesJulian Andres Klode
This gives more protection for people where kernel metapackages are accidentally removed. LP: #1787460 (cherry picked from commit a4b0ce5a4f5068f780b3aa94473230b5093a837d) (cherry picked from commit 890f21e846025701f4596a69399f798219357c76) (cherry picked from commit 67fdc0cf55f4e91905b16e0f582ce70999997c8d)
2019-02-08Release 1.0.1ubuntu2.201.0.1ubuntu2.20Julian Andres Klode
2019-01-18Release 1.0.1ubuntu2.19Julian Andres Klode
2019-01-18Import Debian version 1.0.1ubuntu2.18Julian Andres Klode
apt (1.0.1ubuntu2.18) trusty; urgency=medium * ExecFork: Use /proc/self/fd to determine which files to close (Closes: #764204) (LP: #1332440). apt (1.0.1ubuntu2.17) trusty-security; urgency=high * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252) Thanks to Jann Horn, Google Project Zero for reporting the issue (LP: #1647467) apt (1.0.1ubuntu2.15) trusty; urgency=medium * Fixes failure to download the Package index file when using mirror:// URL in sources.list and the archive fails to profile a file. APT would try the next archive in the list for .deb packages but did not retry when the index file failed to download. (LP: #1625667) apt (1.0.1ubuntu2.14) trusty; urgency=medium * When using the https transport mechanism, $no_proxy is ignored if apt is getting it's proxy information from $https_proxy (as opposed to Acquire::https::Proxy somewhere in apt config). If the source of proxy information is Acquire::https::Proxy set in apt.conf (or apt.conf.d), then $no_proxy is honored. This patch makes the behavior similar for both methods of setting the proxy. (LP: #1575877) apt (1.0.1ubuntu2.13) trusty; urgency=medium * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured Pre-Depends (which dpkg later fails on). Fixes upgrade failures of systemd, util-linux, and other packages with Pre-Depends. Many thanks to David Kalnischkies for figuring out the patch and Winfried PLappert for testing! Patch taken from Debian git. (LP: #1560797) apt (1.0.1ubuntu2.12) trusty; urgency=medium [ Colin Watson ] * Fix lzma write support to handle "try again" case (closes: #751688, LP: #1553770). [ David Kalnischkies ] * Handle moved mmap after UniqFindTagWrite call (closes: #753941, LP: #1445436). apt (1.0.1ubuntu2.11) trusty; urgency=medium * apt-pkg/packagemanager.cc: - fix incorrect configure ordering in the SmartConfigure step by skipping packages that do not need immediate action. (LP: #1347721, #1497688) apt (1.0.1ubuntu2.10) trusty; urgency=medium * Fix regression from the previous upload by ensuring we're actually testing for the right member before iterating on it (LP: #1480592) apt (1.0.1ubuntu2.9) trusty; urgency=medium * Fix regression in the Never-MarkAuto-Sections feature caused by the previous auto-removal fix, with inspiration drawn from the patches and conversation from http://bugs.debian.org/793360 (LP: #1479207) apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low * fix crash for packages that have no section in their instVersion (LP: #1449394) apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low * fix auto-removal behavior (thanks to Adam Conrad) LP: #1429041 apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium * apt-pkg/deb/dpkgpm.cc: - update string matching for dpkg I/O errors. (LP: #1363257) - properly parse the dpkg status line so that package name is properly set and an apport report is created. Thanks to Anders Kaseorg for the patch. (LP: #1353171) apt (1.0.1ubuntu2.5) trusty-security; urgency=low * SECURITY UPDATE: - cmdline/apt-get.cc: fix insecure tempfile handling in apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low * SECURITY UPDATE: - fix potential buffer overflow, thanks to the Google Security Team (CVE-2014-6273) * Fix regression from the previous upload when file:/// sources are used and those are on a different partition than the apt state directory * Fix regression when Dir::state::lists is set to a relative path * Fix regression when cdrom: sources got rewriten by apt-cdrom add apt (1.0.1ubuntu2.3) trusty-security; urgency=low * SECURITY UPDATE: - incorrect invalidating of unauthenticated data (CVE-2014-0488) - incorect verification of 304 reply (CVE-2014-0487) - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
2014-06-18releasing package apt version 1.0.1ubuntu2.2Michael Vogt
2014-06-18merge upload 1.0.1ubuntu2.1Michael Vogt
2014-06-12update changelogMichael Vogt
2014-06-12fix tests and add db-util to the test dependenciesMichael Vogt
Conflicts: .travis.yml
2014-06-12unset LANGUAGE in the testing framework directlyDavid Kalnischkies
Git-Dch: Ignore Conflicts: test/integration/framework
2014-06-12Merge tag '1.0.1ubuntu2' into ubuntu/trustyMichael Vogt
Conflicts: configure.ac debian/changelog debian/control test/integration/framework
2014-04-10prepare new upload1.0.1ubuntu2Michael Vogt
2014-04-10Merge remote-tracking branch 'origin/debian/sid' into ubuntu/master1.0.1ubuntu1Michael Vogt
Conflicts: debian/changelog
2014-04-10prepare 1.0.1 release1.0.1Michael Vogt
2014-04-10Merge branch 'debian/sid' into ubuntu/masterMichael Vogt
2014-04-07Add versioned openjdk-6-jdk breaksJulian Andres Klode
This helps if people did unclean upgrades from squeeze, namely to jessie directly.
2014-04-07Version the Breaks/Replaces for sun-java{5,6}-jdk (LP: #1302736)Julian Andres Klode
This is a *hack* to work around unofficial packages for Java 7 and 8 that wrongly provide the Java 5 and 6 packages. Closes: #743616
2014-04-04releasing package apt version 0.9.15.4ubuntu4Michael Vogt
2014-04-04prepare 0.9.15.4ubuntu3Michael Vogt
2014-04-04Promote xz-utils from apt Suggests to libapt-pkg DependsJulian Andres Klode
libapt-pkg depends on the other compressors, and now that xz is the default in many cases, it should depend on that one as well.
2014-04-04add sun-java{5,6}-jdk to breaks/replaces as that provided a "apt" binary as wellMichael Vogt
2014-04-04merge upload 0.9.15.4ubuntu20.9.15.4ubuntu2Michael Vogt
2014-04-01Merge branch 'debian/sid' into ubuntu/masterMichael Vogt
Conflicts: debian/changelog
2014-04-01Merge branch 'debian/sid' into ubuntu/masterMichael Vogt
2014-04-01releasing package apt version 1.01.0Michael Vogt
2014-04-01add sun-java{5,6}-jdk to breaks/replaces as that provided a "apt" binary as wellMichael Vogt
2014-04-01install "apt" binary by defaultMichael Vogt
2014-04-01Merge branch 'debian/sid' into ubuntu/masterMichael Vogt
Conflicts: apt-pkg/deb/dpkgpm.cc debian/apt.auto-removal.sh debian/changelog vendor/debian/sources.list.in
2014-04-01debian: Add default compress option to xzTrần Ngọc Quân
Signed-off-by: Trần Ngọc Quân <vnwildman@gmail.com>
2014-03-27Merge remote-tracking branch 'upstream/debian/sid' into debian/sidMichael Vogt
2014-03-27fix documentation for APT::Periodic::MaxSize "0" (closes: #740551)Michael Vogt
2014-03-23update symbols file to include new symbols from 0.9.16David Kalnischkies
2014-03-21mark optional (private) symbols as hiddenDavid Kalnischkies
This methods should not be used by anyone expect the library itself as they are helpers for the specific class and therefore perfect candidates for hidding. Git-Dch: Ignore
2014-03-21correct some reported typos in /etc/cron.daily/aptDavid Kalnischkies
Closes: 702016 Reported-By: Mason Loring Bliss <mason@blisses.org>, Jakub Wilk <jwilk@debian.org>
2014-03-21only consider versioned kernel packages in autoremoveDavid Kalnischkies
Metapackages like "linux-image-amd64" are otherwise matched by our extraction as well, which later on can't be successfully compared via dpkg --compare-versions as the 'amd64' bit isn't a version number. (Luckily none of our architectures starts with a digit.) This was broken by me in 0.9.16 as I moved a shell-glob matcher to a regex-based one which has slightly different semantics regarding '*'. Closes: 741962
2014-03-15Release 0.9.16.10.9.16.1Julian Andres Klode
2014-03-14prepare 0.9.16 release0.9.16Michael Vogt
2014-03-13use liblzma-dev to provide xz/lzma supportDavid Kalnischkies
We have xz/lzma support for a while, but only via an external binary provided by xz-utils. Now that the Debian archive provides xz by default and dpkg pre-depends on the library provided by liblzma-dev we can switch now to use this library as well to avoid requiring an external binary. For now the binary is in a prio:required package, but this might change in the future. API wise it is quiet similar to bz2 code expect that it doesn't provide file I/O methods, so we piece this together on our own.
2014-03-13correct LD_LIBRARY_PATH and config loading for apt-helperDavid Kalnischkies
Mostly ensures that we use the build methods and not the system provided methods in the tests (if we don't want it that way). Git-Dch: Ignore
2014-03-13ensure that a dot is a dot in the hookDavid Kalnischkies
As we deal with regex matchers here the dots are treated as wildcards if we don't take care of escaping them. Not very likely that this could be a real-world problem, but just to be sure.
2014-03-13add ".*-{kernel,modules}-$KERVER" matcher for hookDavid Kalnischkies
Pre-build kernel modules (like those build with module-assistent) are commonly named in this way and it should be ungeneric enough to be added by default for everyone.
2014-03-13support kfreebsd and hurd in the kernel hookDavid Kalnischkies
kfreebsd as well as hurd kernel packages call the postinst script as well so we just need to enable the correct parsing for installed packages and disable the "protect every version" hammer for them.
2014-03-13use a configurable list of versioned kernel packagesDavid Kalnischkies
With APT::VersionedKernelPackages users have the option of adding packages like pre-build out-of-tree modules to the list of automatically protected from being autoremoved.
2014-03-13warning: no previous declaration for foobar() [-Wmissing-declarations]David Kalnischkies
Git-Dch: Ignore Reported-By: gcc -Wmissing-declarations
2014-03-13unset LANGUAGE in the testing framework directlyDavid Kalnischkies
Git-Dch: Ignore
2014-03-13support DEB_BUILD_PROFILES and -P for build profilesDavid Kalnischkies
Inspired by the rest of the patch in 661537, but abstract the parsing of various ways of setting the build profiles more so it can potentially be reused and all apt parts have the same behaviour. Especially config options, cmdline options and environment will not be combined as proposed as this isn't APTs usual behaviour and dpkg doesn't do it either, so one overrides the other as it normally does.
2014-03-12Promote xz-utils from apt Suggests to libapt-pkg DependsJulian Andres Klode
libapt-pkg depends on the other compressors, and now that xz is the default in many cases, it should depend on that one as well.
2014-02-28Merge remote-tracking branch 'origin/debian/sid' into ubuntu/masterMichael Vogt
Conflicts: debian/changelog