Age | Commit message (Collapse) | Author |
|
- remove 'old' InRelease file if we can't get a new one before
proceeding with Release.gpg to avoid the false impression of a still
trusted repository by a (still present) old InRelease file.
Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)
|
|
* apt-pkg/deb/debmetaindex.cc:
- none is a separator, not a language: no need for Index (Closes: #624218)
* apt-pkg/aptconfiguration.cc:
- do not builtin languages only if none is forced (Closes: #643787)
|
|
- accept generic release pin expressions again in -t (Closes: #644166)
|
|
if the archive is signed, but the signature can't be checked
as the key is missing (debbugs #597301 - fix in r2105)
|
|
packages first (LP: #835625)
|
|
|
|
* doc/apt.conf.5.xml:
- reword Acquire::Max-ValidTime documentation to make clear
that it doesn't provide the new Min-ValidTime functionality
|
|
- fix Acquire::Max-ValidTime option by interpreting it really
as seconds as specified in the manpage and not as days
|
|
invalid in most cases anyway
|
|
|
|
|
|
|
|
- ignore "self"-conflicts for all architectures of a package
instead of just for the architecture of the package locked at
in the ordering of installations too (Closes: #802901)
|
|
|
|
lp:~mvo/apt/mvo
|
|
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
|
|
- add regression test for hashsum verification
|
|
- do not assume that the last char on a line is a \n (Closes: #633350)
|
|
|
|
- emit an error on unknown APT::Default-Release value (Closes: #407511)
|
|
|
|
|
|
broken policy state by the upgrade
|
|
- restore all important dependencies for garbage packages (LP: #806274)
|
|
- create doxygen directory to avoid depending on magic (Closes: #628799)
* cmdline/apt-key:
- explicitly state that net-update is not supported if no url is set
- require to be root for add, rm, update and net-update
- clarify update vs. net-update in different distros (Closes: #632043)
* debian/apt.symbols:
- forgot 'mips' in the list for all architecture dependent symbols
- comment out gcc-4.5 specific symbols as gcc-4.6 is now default
- the symbol for PrintStatus() is architecture dependent
* apt-pkg/policy.cc:
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
- Defaults is a vector of Pin not of PkgPin
- ensure that only the first specific stanza for a package is used
- save all stanzas which had no effect in Unmatched
- allow package:architecure in Package:
|
|
|
|
- save all stanzas which had no effect in Unmatched
|
|
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
|
|
- Verify that the first line of an InRelease file is a PGP header
for a signed message. Otherwise a man-in-the-middle can prefix
a valid InRelease file with his own data! (CVE-2011-1829)
|
|
|
|
|
|
- ensure for Multi-Arch:same packages that they are unpacked in
lock step even in immediate configuration (Closes: #618288)
|
|
MarkInstall to be a bit more easy to read and possibily a bit faster -
and add a small testcase for these situations to ensure the same behaviour
|
|
|
|
quote an already quoted string in the request later (Closes: #602412)
|
|
|
|
- reimplement apt-mark in c++
|
|
|
|
- really include 'rc' packages in the delete count by fixing a
typo which exists since 1999 in the source… (LP: #761175)
|
|
|
|
|
|
|
|
- use dpkg --print-foreign-architectures to get multiarch configuration
if non is specified with APT::Architectures (Closes: #612958)
|
|
- return "all" instead of native architecture without breaking the abi
(too much) by extending enum instead of using bitflags (LP: #733741)
With the next abi break that enum should be a char bitflag instead
|
|
|
|
seperate IsModeChangeOk which checks sanity and dpkg holds
|
|
architectures in a row as it is needed for Multi-Arch:same that
the shared files are the same
|
|
Multi-Arch; instead, Arch: all packages only satisfy dependencies for
the native arch, except where the Arch: all package is declared
Multi-Arch: foreign. (Closes: #613584)
This has the sideeffect that arch:all packages internally show up as
coming from the native arch - so packages with the architecture "all"
doesn't exist any longer in the pkgcache
|
|
|
|
- support xz compressor to create xz-compressed Indexes and be able
to open data.tar.xz files
* ftparchive/writer.cc:
- include xz-compressed Packages and Sources files in Release file
|