Age | Commit message (Collapse) | Author |
|
apt (1.0.1ubuntu2.18) trusty; urgency=medium
* ExecFork: Use /proc/self/fd to determine which files to close
(Closes: #764204) (LP: #1332440).
apt (1.0.1ubuntu2.17) trusty-security; urgency=high
* SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
Thanks to Jann Horn, Google Project Zero for reporting the issue
(LP: #1647467)
apt (1.0.1ubuntu2.15) trusty; urgency=medium
* Fixes failure to download the Package index file when using
mirror:// URL in sources.list and the archive fails to profile
a file. APT would try the next archive in the list for .deb
packages but did not retry when the index file failed to download.
(LP: #1625667)
apt (1.0.1ubuntu2.14) trusty; urgency=medium
* When using the https transport mechanism, $no_proxy is ignored if apt is
getting it's proxy information from $https_proxy (as opposed to
Acquire::https::Proxy somewhere in apt config). If the source of proxy
information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
then $no_proxy is honored. This patch makes the behavior similar for
both methods of setting the proxy. (LP: #1575877)
apt (1.0.1ubuntu2.13) trusty; urgency=medium
* Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
systemd, util-linux, and other packages with Pre-Depends. Many thanks to
David Kalnischkies for figuring out the patch and Winfried PLappert for
testing! Patch taken from Debian git. (LP: #1560797)
apt (1.0.1ubuntu2.12) trusty; urgency=medium
[ Colin Watson ]
* Fix lzma write support to handle "try again" case (closes: #751688,
LP: #1553770).
[ David Kalnischkies ]
* Handle moved mmap after UniqFindTagWrite call (closes: #753941,
LP: #1445436).
apt (1.0.1ubuntu2.11) trusty; urgency=medium
* apt-pkg/packagemanager.cc:
- fix incorrect configure ordering in the SmartConfigure step by skipping
packages that do not need immediate action. (LP: #1347721, #1497688)
apt (1.0.1ubuntu2.10) trusty; urgency=medium
* Fix regression from the previous upload by ensuring we're actually
testing for the right member before iterating on it (LP: #1480592)
apt (1.0.1ubuntu2.9) trusty; urgency=medium
* Fix regression in the Never-MarkAuto-Sections feature caused by the
previous auto-removal fix, with inspiration drawn from the patches
and conversation from http://bugs.debian.org/793360 (LP: #1479207)
apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low
* fix crash for packages that have no section in their instVersion
(LP: #1449394)
apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low
* fix auto-removal behavior (thanks to Adam Conrad)
LP: #1429041
apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium
* apt-pkg/deb/dpkgpm.cc:
- update string matching for dpkg I/O errors. (LP: #1363257)
- properly parse the dpkg status line so that package name is properly set
and an apport report is created. Thanks to Anders Kaseorg for the patch.
(LP: #1353171)
apt (1.0.1ubuntu2.5) trusty-security; urgency=low
* SECURITY UPDATE:
- cmdline/apt-get.cc: fix insecure tempfile handling in
apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low
* SECURITY UPDATE:
- fix potential buffer overflow, thanks to the
Google Security Team (CVE-2014-6273)
* Fix regression from the previous upload when file:/// sources
are used and those are on a different partition than
the apt state directory
* Fix regression when Dir::state::lists is set to a relative path
* Fix regression when cdrom: sources got rewriten by apt-cdrom add
apt (1.0.1ubuntu2.3) trusty-security; urgency=low
* SECURITY UPDATE:
- incorrect invalidating of unauthenticated data (CVE-2014-0488)
- incorect verification of 304 reply (CVE-2014-0487)
- incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
|
|
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Reported-By: gcc -Wunused-parameter
Git-Dch: Ignore
|
|
|
|
|
|
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
|
|
|
|
- handle the APT::FTPArchive::Packages::SHA512 option correctly instead
of overriding SHA256, thanks Christian Marillat! (Closes: #680252)
|
|
- include Contents-* files in Release files (Closes: #673647)
|
|
- drop support for i18n/Index file (introduced in 0.8.11) and use
the Release file instead to get the Translations (Closes: #649314)
* ftparchive/writer.cc:
- add 'Translation-*' to the default patterns
i18n/Index was never used outside debian - and even here it isn't used
consistently as only 'main' has such a file. As the Release file now
includes the Translation-* files we therefore drop support for i18n/Index.
A version supporting it was never part of a debian release and still
supporting it would mean that we get 99% of the time a 404 as response
to the request anyway and confuse archive maintainers who want to
provide all files APT tries to acquire.
|
|
on the FileFd instead
|
|
by again using the FileFd directly
|
|
|
|
size are pretty unlikely for now, but we need it for deb
packages which could become bigger than 4GB now (LP: #815895)
|
|
|
|
|
|
done on the mirco-optimazation level, so lets fix them:
(performance) Possible inefficient checking for emptiness.
(performance) Prefer prefix ++/-- operators for non-primitive types.
|
|
- generate all checksums in one run over the file for Release
|
|
|
|
|
|
- support adding new compressors by configuration
|
|
sha2_internal.{cc,h}
|
|
|
|
- support xz compressor to create xz-compressed Indexes and be able
to open data.tar.xz files
* ftparchive/writer.cc:
- include xz-compressed Packages and Sources files in Release file
|
|
- include xz-compressed Packages and Sources files in Release file
|
|
|
|
- ensure that Date and Valid-Until time strings are not localised
|
|
|
|
- add config option to search for more patterns in release command
|
|
- null the valid string instead of the date if Valid-Until is not set
* apt-pkg/acquire-item.cc:
- use also unsigned Release files again (Closes: #596189)
|
|
- write out {Files,Checksum-Sha1,Checksum-Sha256} only if
available LP: #633967. Thanks to Colin Watson
|
|
- null the valid string instead of the date if Valid-Until is not set
|
|
- init valid-until correctly to prevent garbage entering Release file
|
|
- add ValidTime option to generate a Valid-Until header in Release file
|
|
- remove 999 chars Files and Checksums rewrite limit (Closes: #577759)
|
|
the compressed files as we want them and to prevent the file to be
replaced without a reason which could save us from steady redownloads
of a file with the same content.
|
|
- write LongDescriptions if they shouldn't be included in Packages
file into i18n/Translation-en by default.
It is ensured that each package+description is listed only ones in the
Translation file even if we generate multiple Packages file in one run.
The file is only generated in "generate" - the simple file commands
can't create it by now. Also, the LongDescription is currently a
global setting, so generating archives with and without LongDescriptions
in the Packages file in the same run are currently not possible.
|
|
- if an arch is given accept only *_all.deb and *_arch.deb instead
of *.deb. Thanks Stephan Bosch for the patch! (Closes: #319710)
|
|
|
|
- Set Mode to Medium so that the correct prefix is used.
Thanks Stefan Haller for the patch! (Closes: #567304 LP: #275243)
* ftparchive/writer.cc:
- generate sha1 and sha256 checksums for dsc (Closes: #567343)
* cmdline/apt-get.cc:
- don't mark as manually if in download only (Closes: #468180)
|
|
- generate sha1 and sha256 checksums for dsc (Closes: #567343)
|
|
- merge crash fix for apt-ftparchive on hurd, thanks to
Samuel Thibault for the patch (closes: #566664)
|
|
thanks Karl Goetz! (Closes: #558757)
|
|
|
|
thanks Karl Goetz! (Closes: #558757)
|
|
|
|
caching if versions are build multiply times (not recommend)
Patch by Christoph Goehre, thanks! (Closes: #463260)
|
|
LongDescriptions in the generated Packages file.
|
|
acquire-items choose which compression file they should (try first to)
download to easily add new or change the order of the compression types.
And because it is easy now we directly add builtin lzma support.
The compression ratio is better than bzip2 but we prefer the later for now
as no (official) mirror uses lzma, so this would only generate useless
hits on the servers. Maybe sometime in the future lzma will be the default...
[apt-pkg/acquire-item.cc]
- use configsettings for dynamic compression type use and order.
Based on a patch by Jyrki Muukkonen, thanks! (LP: #71746)
[apt-pkg/init.cc]
- add default configuration for compression types and add lzma
support. Order is now bzip2, lzma, gzip, none (Closes: #510526)
[ftparchive/writer.cc]
- add lzma support also here, patch for this (and inspiration for
the one above) by Robert Millan, thanks!
|