From 2f5b615169aef2d9c74bb337af229dee2dce595e Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 14:17:01 +0100 Subject: * apt-pkg/indexcopy.cc: - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 9ed9b4d61..ac630ad7e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +apt (0.9.7.9) UNRELEASED; urgency=low + + [ David Kalnischkies ] + * apt-pkg/indexcopy.cc: + - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc + + -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 + apt (0.9.7.8) unstable; urgency=criticial * SECURITY UPDATE: InRelease verification bypass -- cgit v1.2.3 From 99ed26d32226f0dffe5a37fb78c5588f9d9ecfd5 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 14:29:46 +0100 Subject: * apt-pkg/contrib/gpgv.cc: - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases --- debian/changelog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index ac630ad7e..bd4116406 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,9 @@ apt (0.9.7.9) UNRELEASED; urgency=low [ David Kalnischkies ] * apt-pkg/indexcopy.cc: - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc + * apt-pkg/contrib/gpgv.cc: + - ExecGPGV is a method which should never return, so mark it as such + and fix the inconsistency of returning in error cases -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 -- cgit v1.2.3 From b38bb727530a7e836689ef100b07926522066986 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 14:49:05 +0100 Subject: don't close stdout/stderr if it is also the statusfd --- debian/changelog | 1 + 1 file changed, 1 insertion(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index bd4116406..0423cefa6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,7 @@ apt (0.9.7.9) UNRELEASED; urgency=low * apt-pkg/contrib/gpgv.cc: - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases + - don't close stdout/stderr if it is also the statusfd -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 -- cgit v1.2.3 From 39f38a81b85edf2e1bdc4e92267a63cc6c928734 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 14:55:43 +0100 Subject: * apt-pkg/acquire-item.cc: - keep the last good InRelease file around just as we do it with Release.gpg in case the new one we download isn't good for us --- debian/changelog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 0423cefa6..77e8674a0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,9 @@ apt (0.9.7.9) UNRELEASED; urgency=low - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases - don't close stdout/stderr if it is also the statusfd + * apt-pkg/acquire-item.cc: + - keep the last good InRelease file around just as we do it with + Release.gpg in case the new one we download isn't good for us -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 -- cgit v1.2.3 From 2d3fe9cfadb33556b7563a98bb5a4698888e6c40 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 18:53:53 +0100 Subject: - if ExecGPGV deals with a clear-signed file it will split this file into data and signatures, pass it to gpgv for verification and recombines it after that in a known-good way without unsigned blocks and whitespaces resulting usually in more or less the same file as before, but later code can be sure about the format * apt-pkg/deb/debmetaindex.cc: - reenable InRelease by default --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 77e8674a0..7ebbb1cb4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,9 +7,16 @@ apt (0.9.7.9) UNRELEASED; urgency=low - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases - don't close stdout/stderr if it is also the statusfd + - if ExecGPGV deals with a clear-signed file it will split this file + into data and signatures, pass it to gpgv for verification and + recombines it after that in a known-good way without unsigned blocks + and whitespaces resulting usually in more or less the same file as + before, but later code can be sure about the format * apt-pkg/acquire-item.cc: - keep the last good InRelease file around just as we do it with Release.gpg in case the new one we download isn't good for us + * apt-pkg/deb/debmetaindex.cc: + - reenable InRelease by default -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 -- cgit v1.2.3