-apt (0.9.7.6) UNRELEASED; urgency=low
+apt (0.9.7.8) unstable; urgency=criticial
+
+ * SECURITY UPDATE: InRelease verification bypass
+ - CVE-2013-1051
+
+ [ David Kalnischk ]
+ * apt-pkg/deb/debmetaindex.cc,
+ test/integration/test-bug-595691-empty-and-broken-archive-files,
+ test/integration/test-releasefile-verification:
+ - disable InRelease downloading until the verification issue is
+ fixed, thanks to Ansgar Burchardt for finding the flaw
+
+ -- Michael Vogt <mvo@debian.org> Thu, 14 Mar 2013 07:47:36 +0100
+
+apt (0.9.7.7) unstable; urgency=low
+
+ [ Program translation updates ]
+ * Catalan (Jordi Mallach)
+ * Drop a confusing non-breaking space. Closes: #691024
+ * Thai (Theppitak Karoonboonyanan). Closes: #691613
+ * Vietnamese (Trần Ngọc Quân). Closes: #693773
+ * Fix Plural forms in German, French, Japanese and Portuguese
+ translations. Thanks to Jakub Wilk for reporting these errors.
+
+ [ David Kalnischkies ]
+ * apt-pkg/packagemanager.cc:
+ - do not do lock-step configuration for a M-A:same package if it isn't
+ unpacked yet in SmartConfigure and do not unpack a M-A:same package
+ again in SmartUnPack if we have already configured it (LP: #1062503)
+ * apt-pkg/depcache.cc:
+ - don't call MarkInstall with the FromUser flag set for packages
+ which are dependencies of APT::Never-MarkAuto-Sections matchers
+ - no mode changes should obviously be ok for pkgDepCache::IsModeChangeOk
+ * cmdline/apt-get.cc:
+ - do not call Mark{Install,Delete} from the autoremove code with
+ the FromUser bit set to avoid modifying the auto-installed bit
+ * apt-pkg/algorithms.cc:
+ - ensure pkgProblemResolver calls MarkDelete without FromUser set
+ so that it can't overrule holds and the protection flag
+
+ [ Michael Vogt ]
+ * change permissions of /var/log/apt/term.log to 0640 (LP: #975199)
+
+ [ Jonathan Thomas ]
+ * apt-pkg/algorithms.cc:
+ - fix package-pointer array memory leak in ResolveByKeepInternal()
+
+ -- Michael Vogt <mvo@debian.org> Thu, 13 Dec 2012 09:52:19 +0100
+
+apt (0.9.7.6) unstable; urgency=low
[ Program translation updates ]
* Ukrainian (A. Bondarenko)
as it is used for arch:all packages as a map to arch:native.
Otherwise arch comparisons later will see differences (Closes: #689323)
* apt-pkg/pkgcache.cc:
- - ignore negative dependencies applying in the same group for
- M-A:same packages on the real package name as self-conflicts
+ - ignore negative dependencies applying in the same group for M-A:same
+ packages on the real package name as self-conflicts (Closes: #688863)
* cmdline/apt-cache.cc:
- print versioned dependency relations in (r)depends if the option
APT::Cache::ShowVersion is true (default: false) as discussed in
* apt-pkg/edsp.cc:
- include reinstall requests and already installed (= protected) packages
in the install-request for external resolvers (Closes: #689331)
+ * apt-pkg/policy.cc:
+ - match pins with(out) an architecture as we do on the commandline
+ (partly fixing #687255, b= support has to wait for jessie)
+ * apt-pkg/contrib/netrc.cc:
+ - remove the 64 char limit for login/password in internal usage
+ - remove 256 char line limit by using getline() (POSIX.1-2008)
+
+ [ Colin Watson ]
+ * apt-pkg/pkgcachegen.cc:
+ - Fix crash if the cache is remapped while writing a Provides version
+ (LP: #1066445).
- -- David Kalnischkies <kalnischkies@gmail.com> Wed, 19 Sep 2012 11:29:56 +0200
+ -- Michael Vogt <mvo@debian.org> Tue, 16 Oct 2012 18:08:53 +0200
apt (0.9.7.5) unstable; urgency=low
projects / apt.git / blobdiff