| Age | Commit message (Collapse) | Author |
|---|
|
Arrays with predefined lengths are very fragile as they are
likely forgotten in future changes and the size in this case
is dynamic making it even more dangerous.
(cherry-picked from commit eb0d90f08d6a6f2ee334a94f8fb45c776f5bcd6e)
LP: #1817048
|
|
apt (1.0.1ubuntu2.18) trusty; urgency=medium
* ExecFork: Use /proc/self/fd to determine which files to close
(Closes: #764204) (LP: #1332440).
apt (1.0.1ubuntu2.17) trusty-security; urgency=high
* SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
Thanks to Jann Horn, Google Project Zero for reporting the issue
(LP: #1647467)
apt (1.0.1ubuntu2.15) trusty; urgency=medium
* Fixes failure to download the Package index file when using
mirror:// URL in sources.list and the archive fails to profile
a file. APT would try the next archive in the list for .deb
packages but did not retry when the index file failed to download.
(LP: #1625667)
apt (1.0.1ubuntu2.14) trusty; urgency=medium
* When using the https transport mechanism, $no_proxy is ignored if apt is
getting it's proxy information from $https_proxy (as opposed to
Acquire::https::Proxy somewhere in apt config). If the source of proxy
information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
then $no_proxy is honored. This patch makes the behavior similar for
both methods of setting the proxy. (LP: #1575877)
apt (1.0.1ubuntu2.13) trusty; urgency=medium
* Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
systemd, util-linux, and other packages with Pre-Depends. Many thanks to
David Kalnischkies for figuring out the patch and Winfried PLappert for
testing! Patch taken from Debian git. (LP: #1560797)
apt (1.0.1ubuntu2.12) trusty; urgency=medium
[ Colin Watson ]
* Fix lzma write support to handle "try again" case (closes: #751688,
LP: #1553770).
[ David Kalnischkies ]
* Handle moved mmap after UniqFindTagWrite call (closes: #753941,
LP: #1445436).
apt (1.0.1ubuntu2.11) trusty; urgency=medium
* apt-pkg/packagemanager.cc:
- fix incorrect configure ordering in the SmartConfigure step by skipping
packages that do not need immediate action. (LP: #1347721, #1497688)
apt (1.0.1ubuntu2.10) trusty; urgency=medium
* Fix regression from the previous upload by ensuring we're actually
testing for the right member before iterating on it (LP: #1480592)
apt (1.0.1ubuntu2.9) trusty; urgency=medium
* Fix regression in the Never-MarkAuto-Sections feature caused by the
previous auto-removal fix, with inspiration drawn from the patches
and conversation from http://bugs.debian.org/793360 (LP: #1479207)
apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low
* fix crash for packages that have no section in their instVersion
(LP: #1449394)
apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low
* fix auto-removal behavior (thanks to Adam Conrad)
LP: #1429041
apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium
* apt-pkg/deb/dpkgpm.cc:
- update string matching for dpkg I/O errors. (LP: #1363257)
- properly parse the dpkg status line so that package name is properly set
and an apport report is created. Thanks to Anders Kaseorg for the patch.
(LP: #1353171)
apt (1.0.1ubuntu2.5) trusty-security; urgency=low
* SECURITY UPDATE:
- cmdline/apt-get.cc: fix insecure tempfile handling in
apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low
* SECURITY UPDATE:
- fix potential buffer overflow, thanks to the
Google Security Team (CVE-2014-6273)
* Fix regression from the previous upload when file:/// sources
are used and those are on a different partition than
the apt state directory
* Fix regression when Dir::state::lists is set to a relative path
* Fix regression when cdrom: sources got rewriten by apt-cdrom add
apt (1.0.1ubuntu2.3) trusty-security; urgency=low
* SECURITY UPDATE:
- incorrect invalidating of unauthenticated data (CVE-2014-0488)
- incorect verification of 304 reply (CVE-2014-0487)
- incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
|
|
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Reported-By: gcc -Wunused-parameter
Git-Dch: Ignore
|
|
|
|
|
|
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
|
|
|
|
- handle the APT::FTPArchive::Packages::SHA512 option correctly instead
of overriding SHA256, thanks Christian Marillat! (Closes: #680252)
|
|
- include Contents-* files in Release files (Closes: #673647)
|
|
- drop support for i18n/Index file (introduced in 0.8.11) and use
the Release file instead to get the Translations (Closes: #649314)
* ftparchive/writer.cc:
- add 'Translation-*' to the default patterns
i18n/Index was never used outside debian - and even here it isn't used
consistently as only 'main' has such a file. As the Release file now
includes the Translation-* files we therefore drop support for i18n/Index.
A version supporting it was never part of a debian release and still
supporting it would mean that we get 99% of the time a 404 as response
to the request anyway and confuse archive maintainers who want to
provide all files APT tries to acquire.
|
|
on the FileFd instead
|
|
by again using the FileFd directly
|
|
|
|
size are pretty unlikely for now, but we need it for deb
packages which could become bigger than 4GB now (LP: #815895)
|
|
|
|
|
|
done on the mirco-optimazation level, so lets fix them:
(performance) Possible inefficient checking for emptiness.
(performance) Prefer prefix ++/-- operators for non-primitive types.
|
|
- generate all checksums in one run over the file for Release
|
|
|
|
|
|
- support adding new compressors by configuration
|
|
sha2_internal.{cc,h}
|
|
|
|
- support xz compressor to create xz-compressed Indexes and be able
to open data.tar.xz files
* ftparchive/writer.cc:
- include xz-compressed Packages and Sources files in Release file
|
|
- include xz-compressed Packages and Sources files in Release file
|
|
|
|
- ensure that Date and Valid-Until time strings are not localised
|
|
|
|
- add config option to search for more patterns in release command
|
|
- null the valid string instead of the date if Valid-Until is not set
* apt-pkg/acquire-item.cc:
- use also unsigned Release files again (Closes: #596189)
|
|
- write out {Files,Checksum-Sha1,Checksum-Sha256} only if
available LP: #633967. Thanks to Colin Watson
|
|
- null the valid string instead of the date if Valid-Until is not set
|
|
- init valid-until correctly to prevent garbage entering Release file
|
|
- add ValidTime option to generate a Valid-Until header in Release file
|
|
- remove 999 chars Files and Checksums rewrite limit (Closes: #577759)
|
|
the compressed files as we want them and to prevent the file to be
replaced without a reason which could save us from steady redownloads
of a file with the same content.
|
|
- write LongDescriptions if they shouldn't be included in Packages
file into i18n/Translation-en by default.
It is ensured that each package+description is listed only ones in the
Translation file even if we generate multiple Packages file in one run.
The file is only generated in "generate" - the simple file commands
can't create it by now. Also, the LongDescription is currently a
global setting, so generating archives with and without LongDescriptions
in the Packages file in the same run are currently not possible.
|
|
- if an arch is given accept only *_all.deb and *_arch.deb instead
of *.deb. Thanks Stephan Bosch for the patch! (Closes: #319710)
|
|
|
|
- Set Mode to Medium so that the correct prefix is used.
Thanks Stefan Haller for the patch! (Closes: #567304 LP: #275243)
* ftparchive/writer.cc:
- generate sha1 and sha256 checksums for dsc (Closes: #567343)
* cmdline/apt-get.cc:
- don't mark as manually if in download only (Closes: #468180)
|
|
- generate sha1 and sha256 checksums for dsc (Closes: #567343)
|
|
- merge crash fix for apt-ftparchive on hurd, thanks to
Samuel Thibault for the patch (closes: #566664)
|
|
thanks Karl Goetz! (Closes: #558757)
|
|
|
|
thanks Karl Goetz! (Closes: #558757)
|
|
|
|
caching if versions are build multiply times (not recommend)
Patch by Christoph Goehre, thanks! (Closes: #463260)
|
|
LongDescriptions in the generated Packages file.
|
