| Age | Commit message (Collapse) | Author |
|---|
|
This allows us to install matching auth files for sources.list.d
files, for example; very useful.
This converts aptmethod's authfd from one FileFd to a vector of
pointers to FileFd, as FileFd cannot be copied, and move operators
are hard.
(parts cherry-picked from commit feed3ec105cd6be7b5d23da14c6cfca8572ee725)
LP: #1811120
TODO: test/integration/test-authentication-basic is missing, what to do?
|
|
apt (1.0.1ubuntu2.18) trusty; urgency=medium
* ExecFork: Use /proc/self/fd to determine which files to close
(Closes: #764204) (LP: #1332440).
apt (1.0.1ubuntu2.17) trusty-security; urgency=high
* SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
Thanks to Jann Horn, Google Project Zero for reporting the issue
(LP: #1647467)
apt (1.0.1ubuntu2.15) trusty; urgency=medium
* Fixes failure to download the Package index file when using
mirror:// URL in sources.list and the archive fails to profile
a file. APT would try the next archive in the list for .deb
packages but did not retry when the index file failed to download.
(LP: #1625667)
apt (1.0.1ubuntu2.14) trusty; urgency=medium
* When using the https transport mechanism, $no_proxy is ignored if apt is
getting it's proxy information from $https_proxy (as opposed to
Acquire::https::Proxy somewhere in apt config). If the source of proxy
information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
then $no_proxy is honored. This patch makes the behavior similar for
both methods of setting the proxy. (LP: #1575877)
apt (1.0.1ubuntu2.13) trusty; urgency=medium
* Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
systemd, util-linux, and other packages with Pre-Depends. Many thanks to
David Kalnischkies for figuring out the patch and Winfried PLappert for
testing! Patch taken from Debian git. (LP: #1560797)
apt (1.0.1ubuntu2.12) trusty; urgency=medium
[ Colin Watson ]
* Fix lzma write support to handle "try again" case (closes: #751688,
LP: #1553770).
[ David Kalnischkies ]
* Handle moved mmap after UniqFindTagWrite call (closes: #753941,
LP: #1445436).
apt (1.0.1ubuntu2.11) trusty; urgency=medium
* apt-pkg/packagemanager.cc:
- fix incorrect configure ordering in the SmartConfigure step by skipping
packages that do not need immediate action. (LP: #1347721, #1497688)
apt (1.0.1ubuntu2.10) trusty; urgency=medium
* Fix regression from the previous upload by ensuring we're actually
testing for the right member before iterating on it (LP: #1480592)
apt (1.0.1ubuntu2.9) trusty; urgency=medium
* Fix regression in the Never-MarkAuto-Sections feature caused by the
previous auto-removal fix, with inspiration drawn from the patches
and conversation from http://bugs.debian.org/793360 (LP: #1479207)
apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low
* fix crash for packages that have no section in their instVersion
(LP: #1449394)
apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low
* fix auto-removal behavior (thanks to Adam Conrad)
LP: #1429041
apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium
* apt-pkg/deb/dpkgpm.cc:
- update string matching for dpkg I/O errors. (LP: #1363257)
- properly parse the dpkg status line so that package name is properly set
and an apport report is created. Thanks to Anders Kaseorg for the patch.
(LP: #1353171)
apt (1.0.1ubuntu2.5) trusty-security; urgency=low
* SECURITY UPDATE:
- cmdline/apt-get.cc: fix insecure tempfile handling in
apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low
* SECURITY UPDATE:
- fix potential buffer overflow, thanks to the
Google Security Team (CVE-2014-6273)
* Fix regression from the previous upload when file:/// sources
are used and those are on a different partition than
the apt state directory
* Fix regression when Dir::state::lists is set to a relative path
* Fix regression when cdrom: sources got rewriten by apt-cdrom add
apt (1.0.1ubuntu2.3) trusty-security; urgency=low
* SECURITY UPDATE:
- incorrect invalidating of unauthenticated data (CVE-2014-0488)
- incorect verification of 304 reply (CVE-2014-0487)
- incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Reported-By: gcc -Wunused-parameter
Git-Dch: Ignore
|
|
Git-Dch: Ignore
Reported-By: gcc -Wpedantic
|
|
|
|
Git-Dch: Ignore
|
|
This change prevents changing the protocol from https to http.
|
|
Reporting it via progress means that e.g. a redirect will trigger it,
too, so you get a Get & Hit while http only reports a Hit as it should
be.
|
|
cppcheck complains about the obsolete utime as it was removed in
POSIX1.2008 and recommends usage of utimensat/futimens instead
as those are in POSIX and so commit 9ce3cfc9 switched to them.
It is just that they aren't as portable as the standard suggests:
At least our kFreeBSD and Hurd ports stumble over it at runtime.
So to make both, the ports and cppcheck happy, we use utimes instead.
Closes: 738567
|
|
The most "visible" change is from utime to utimensat/futimens
as the first one isn't part of POSIX anymore.
Reported-By: cppcheck
Git-Dch: Ignore
|
|
Servers might respond with a complete file either because they don't
support Ranges at all or the If-Range condition isn't statisfied, so we
have to parse the headers curl gets ourself to seek or truncate the file
we have so far.
This also finially adds the testcase testing a bunch of partial
situations for both, http and https - which is now all green.
Closes: 617643, 667699
LP: 1157943
|
|
As lengthy discussed in lp:1157943 partial https support was utterly
broken as a 206 response was handled as an (unhandled) error. This is
the first part of fixing it by supporting a 206 response and starting to
deal with 416.
|
|
|
|
|
|
(closes: #705648)
|
|
- reuse connection in https, thanks to Thomas Bushnell, BSG for the
patch. LP: #1087543, Closes: #695359
|
|
|
|
to the more standard PACKAGE_VERSION and make it work in every file
|
|
- if a file without an extension is requested send an 'Accept: text/*'
header to avoid that the server chooses unsupported compressed files
in a content-negotation attempt (Closes: #657560)
|
|
- use curls list append instead of appending Range and If-Range by hand
which generates malformed requests, thanks Mel Collins for the hint!
(Closes: #646381)
|
|
on the FileFd instead
|
|
|
|
- fix double delete (LP: #848907)
- ignore only the invalid regexp instead of all options
* apt-pkg/acquire-item.h, apt-pkg/deb/debmetaindex.cc:
- fix fetching language information by adding OptionalSubIndexTarget
* methods/https.cc:
- cleanup broken downloads properly
* ftparchive/cachedb.cc:
- fix buffersize in bytes2hex
* apt-pkg/deb/deblistparser.cc:
- fix crash when the dynamic mmap needs to be grown in
LoadReleaseInfo (LP: #854090)
|
|
- cleanup broken downloads properly
|
|
|
|
size are pretty unlikely for now, but we need it for deb
packages which could become bigger than 4GB now (LP: #815895)
|
|
|
|
- fix CURLOPT_SSL_VERIFYHOST by really passing 2 to it if enabled
|
|
* spot & fix various typos in all manpages
* German manpage translation update
* cmdline/apt-cache.cc:
- remove translatable marker from the "%4i %s\n" string
* buildlib/po4a_manpage.mak:
- instruct debiandoc to build files with utf-8 encoding
* buildlib/tools.m4:
- fix some warning from the buildtools
* apt-pkg/acquire-item.cc:
- add configuration PDiffs::Limit-options to not download
too many or too big patches (Closes: #554349)
* debian/control:
- let all packages depend on ${misc:Depends}
* share/*-archive.gpg:
- remove the horrible outdated files. We already depend on
the keyring so we don't need to ship our own version
* cmdline/apt-key:
- errors out if wget is not installed (Closes: #545754)
- add --keyring option as we have now possibly many
* methods/gpgv.cc:
- pass all keyrings (TrustedParts) to gpgv instead of
using only one trusted.gpg keyring (Closes: #304846)
* methods/https.cc:
- finally merge the rest of the patchset from Arnaud Ebalard
with the CRL and Issuers options, thanks! (Closes: #485963)
|
|
|
|
otherwise in the Configuration class.
|
|
method as this is more sane than using only the http options without
a possibility to override these for https.
|
|
thanks Timothy J. Miller! (Closes: #355782)
|
|
|
|
/etc/apt/auth.conf that can be used to store username/passwords
in a "netrc" style file (with the extension that it supports "/"
in a machine definition). Based on the maemo git branch.
* apt-pkg/deb/dpkgpm.cc:
- add "purge" to list of known actions
|
|
/etc/apt/auth.conf that can be used to store username/passwords
in a "netrc" style file (with the extension that it supports "/"
in a machine definition). Based on the maemo git branch.
|
|
- check for hostname and then host+path
- better debug output
* methods/https.cc:
- fix bug in netrc integration
|
|
- add output about pre-depends configuring when debug::pkgPackageManager
is used
* methods/https.cc:
- fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972
thanks to Brian Thomason for the patch
* apt-pkg/depcache.cc, apt-pkg/indexcopy.cc:
- typo fix (LP: #462328)
* cmdline/apt-key:
- Emit a warning if removed keys keyring is missing and skip associated
checks (LP: #218971)
|
|
|
|
- fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972
thanks to Brian Thomason for the patch
|
|
|
|
|
|
patch by Jussi Hakala <jussi.hakala@hut.fi>.
|
|
|
|
- add Acquire::https::AllowRedirect support
|
|
|
|
code.
|
|
|
|
|
