From 081fbea14d12f79c8d91ce4fe1f1004c7bc08656 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Wed, 12 Apr 2017 17:39:06 +0200
Subject: error in update on Release information changes

The value of Origin, Label, Codename and co can be used in user
configuration from apts own pinning to unattended upgrades.
A repository changing this values can therefore have serious effects on
the behaviour of apt and other tools using these values.

In a first step we will generate error messages for these changes now
explaining the need for explicit confirmation and provide config options
and commandline flags to accept them.
---
 apt-private/private-cmndline.cc | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'apt-private')

diff --git a/apt-private/private-cmndline.cc b/apt-private/private-cmndline.cc
index 06683ae61..b035d99f0 100644
--- a/apt-private/private-cmndline.cc
+++ b/apt-private/private-cmndline.cc
@@ -203,6 +203,15 @@ static bool addArgumentsAPTGet(std::vector<CommandLine::Args> &Args, char const
    else if (CmdMatches("update"))
    {
       addArg(0, "list-cleanup", "APT::Get::List-Cleanup", 0);
+      addArg(0, "allow-insecure-repositories", "Acquire::AllowInsecureRepositories", 0);
+      addArg(0, "allow-weak-repositories", "Acquire::AllowWeakRepositories", 0);
+      addArg(0, "allow-releaseinfo-change", "Acquire::AllowReleaseInfoChange", 0);
+      addArg(0, "allow-releaseinfo-change-origin", "Acquire::AllowReleaseInfoChange::Origin", 0);
+      addArg(0, "allow-releaseinfo-change-label", "Acquire::AllowReleaseInfoChange::Label", 0);
+      addArg(0, "allow-releaseinfo-change-version", "Acquire::AllowReleaseInfoChange::Version", 0);
+      addArg(0, "allow-releaseinfo-change-codename", "Acquire::AllowReleaseInfoChange::Codename", 0);
+      addArg(0, "allow-releaseinfo-change-suite", "Acquire::AllowReleaseInfoChange::Suite", 0);
+      addArg(0, "allow-releaseinfo-change-defaultpin", "Acquire::AllowReleaseInfoChange::DefaultPin", 0);
    }
    else if (CmdMatches("source"))
    {
@@ -273,8 +282,6 @@ static bool addArgumentsAPTGet(std::vector<CommandLine::Args> &Args, char const
    addArg(0,"remove","APT::Get::Remove",0);
    addArg(0,"only-source","APT::Get::Only-Source",0);
    addArg(0,"allow-unauthenticated","APT::Get::AllowUnauthenticated",0);
-   addArg(0,"allow-insecure-repositories","Acquire::AllowInsecureRepositories",0);
-   addArg(0,"allow-weak-repositories","Acquire::AllowWeakRepositories",0);
    addArg(0,"install-recommends","APT::Install-Recommends",CommandLine::Boolean);
    addArg(0,"install-suggests","APT::Install-Suggests",CommandLine::Boolean);
    addArg(0,"fix-policy","APT::Get::Fix-Policy-Broken",0);
-- 
cgit v1.2.3