X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/30b683f4f3021cd191ffef04bfaf2deb65820a52..05f64ca2e483709faa6bc69dfa79129d2d4c679e:/debian/changelog diff --git a/debian/changelog b/debian/changelog index 5b885ad6c..b0d518b17 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,169 @@ +apt (1.1~exp8) experimental; urgency=medium + + [ Michael Vogt ] + * merge unstable upload version 1.0.9.3 + * Ensure /etc/apt/auth.conf has _apt:root owner + * Use sysconf(_SC_ARG_MAX) to find the size of Dpkg::MaxArgBytes + * Only support Translation-* that are listed in the {In,}Release file + * Call "Dequeue()" for items in AbortTransaction() to fix race + * prepare ABI for feature/socketpair + * Bump ABI to 4.15 + + [ David Kalnischkies ] + * reenable support for -s (and co) in apt-get source (Closes: 742578) + * run acquire transactions only once + * aborted reverify restores file owner and permission + * test if TMPDIR is accessible before using (Closes: 765951) + * chown finished partial files earlier + * promote filesize to a hashstring + + -- Michael Vogt Thu, 06 Nov 2014 10:01:21 +0100 + +apt (1.1~exp7) experimental; urgency=medium + + [ David Kalnischkies ] + * don't cleanup cdrom files in apt-get update (Closes: 765458) + * ignore Acquire::GzipIndexes for cdrom sources + + -- David Kalnischkies Wed, 15 Oct 2014 20:12:15 +0200 + +apt (1.1~exp6) experimental; urgency=medium + + [ josch ] + * implement the updated build profile spec + + [ Michael Vogt ] + * methods/rsh.cc: replace strcat with std::string (Closes: #76442) + * Add new configallowinsecurerepositories to the test framework + + [ Guillem Jover ] + * Update Status field values handling + + [ David Kalnischkies ] + * don't drop privileges if _apt has not enough rights + * check for available space, excluding root reserved blocks + + -- Michael Vogt Wed, 15 Oct 2014 07:47:36 +0200 + +apt (1.1~exp5) experimental; urgency=medium + + [ Michael Vogt ] + * Only rename StatError files in AbortTransaction() + * Document Acquire{MaxReleaseFileSize,AllowInsecureRepositories, + AllowDowngradeToInsecureRepositories} and + --no-allow-insecure-repositories + * Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie() + * Change default of Acquire::AllowInsecureRepositories to "true" + so that this change is less disruptive, this will be switched + to "false" again after jessie + + [ David Kalnischkies ] + * remove useless pdiff filename output (Closes: 764737) + * make --allow-insecure-repositories message an error + * display a warning for unsigned repos + * trusted=yes sources are secure, we just don't know why + + -- Michael Vogt Mon, 13 Oct 2014 16:15:22 +0200 + +apt (1.1~exp4) experimental; urgency=medium + + [ Michael Vogt ] + * Merge sid version 1.0.9.2 + * feature/acq-trans: + - Make apt-get update more transactional by keeping all data from + a sources.list line in partial/ until all data is good and only + then move it into lists/ in one step + - add new -o Debug::Acquire::Transaction=1 debug option + * feature/expected-size: + Do not download more data in the mehotds than expected if we know + the size. For the InRelease/Release/Release.gpg add new + Acquire::MaxReleaseFileSize that defaults to 10Mb for now + * Verify the the hashes of the downloaded compressed files early + * Only load unauthenticated data into our parsers when the user + explicitly asked for it via --allow-insecure-repositories + (Acquire::AllowInsecureRepositories) + * Print warning when trying to use unauthenticated repositories + * Use /var/empty as the homedir for _apt + * Revert making pkgAcquire::Item::DescURI() "const" to not break + API + * Do not allow going from a authenticated to unauthenticated repository + * Add missing "adduser" dependency (for the new _apt user) + Thanks to Russ Allbery (Closes: #763004) + * Test if TMPDIR is a directory in apt-key and if not unset it + * add early verification for the .diff/Index download + * Bump library version to libapt-pkg4.14 + * Rework pkgAcqMeta{Index,Sig,ClearSig}::{Done,Failed]() for readability + * Ignore EINVAL from prctl(PR_SET_NO_NEW_PRIVS) (closes: 764066) + + [ David Kalnischkies ] + * deprecate Pkg->Name in favor of Grp->Name + * drop stored StringItems in favor of in-memory mappings + * de-duplicate version strings in the cache + * fix progress output for (dist-)upgrade calculation + * move PCI::From* methods into CacheSetHelper class (Closes: 686221) + * add a (hidden) --quiet option for apt-key + * only create new trusted.gpg if directory is writeable + * support (multiple) arguments properly in apt-key + * set a primary-keyring only if we have access to it + * merge fragment keyrings in apt-key to avoid hitting gpg limits + (Closes: 733028) + * use apt-key adv (+ gnupg) instead of gpgv for verify + * support gnupg2 as drop-in replacement for gnupg + * allow to specify fingerprints in 'apt-key del' + * use only one --keyring in gpg interactions + * add and use 'apt-key verify' which prefers gpgv over gpg + * remove empty keyrings in trusted.gpg.d on upgrade + * store source name and version in binary cache + * allow fetcher setup without directory creation (Closes: 762898) + * cleanup partial directory of lists in apt-get clean (Closes: #762889) + * allow options between command and -- on commandline + * update symbols file + * support parsing of all hashes for pdiff + * ensure world-readability for trusted.gpg in postinst (Closes: 647001) + * ensure partial dirs are 0700 and owned by _apt:root + * use _apt:root only for partial directories + * display errortext for all Err + * set PR_SET_NO_NEW_PRIVS also if run as non-root + + [ James McCoy ] + * ensure apt-key del handles 16-byte key ids (Closes: 754436) + + [ Kenshi Muto ] + * Japanese program translation update (Closes: 763033) + + [ Trần Ngọc Quân ] + * Set STRIP_FROM_PATH for doxygen + + [ Mert Dirik ] + * Turkish program translation update (Closes: 763379) + + [ Guillem Jover ] + * apt-get: Create the temporary downloaded changelog inside tmpdir + + [ Miroslav Kure ] + * [l10n] Updated Czech translation of apt (Closes: #764055) + + -- Michael Vogt Wed, 08 Oct 2014 09:37:35 +0200 + +apt (1.1~exp3) experimental; urgency=medium + + [ Michael Vogt ] + * merged changes from debian/sid up to 1.0.9.1 + * Make /var/lib/apt/lists and /var/cache/apt/archives owned + by the new _apt user + * Drop Privileges in the following acquire methods: + copy, http, https, ftp, gpgv, gzip/bzip2/lzma/xz + * DropPrivs: Improvements based on feedback from error@debian.org + + [ Julian Andres Klode ] + * DropPriv: Really call seteuid and not setuid, and add more checks + * Use _apt as our unprivileged user name + * DropPrivs: Also check for saved set-user-ID and set-group-ID + * methods: Fail if we cannot drop privileges + * DropPrivs: Also check for saved set-user-ID and set-group-ID + + -- Michael Vogt Wed, 24 Sep 2014 22:30:09 +0200 + apt (1.1~exp2) experimental; urgency=medium [ Guillem Jover ] @@ -68,6 +234,233 @@ apt (1.1~exp1) experimental; urgency=low -- Michael Vogt Thu, 19 Jun 2014 12:01:48 +0200 +apt (1.0.9.8) unstable; urgency=medium + + [ David Kalnischkies ] + * fix another d(e)select-upgrade typo (LP: #1399037) + * properly handle expected filesize in https. + Thanks to Robert Edmonds and Anders Kaseorg for initial patchs + (Closes: 777565, 781509) (LP: #807303) + * avoid depends on std::string implementation for pkgAcquire::Item::Mode + (Closes: 781858) + * demote VectorizeString gcc attribute from const to pure + * keyids in "apt-key del" should be case-insensitive (Closes: 781696) + * parse specific-arch dependencies correctly on single-arch systems + (Closes: 777760) + + [ Michael Vogt ] + * fix crash in order writing in pkgDPkgPM::WriteApportReport() (LP: #1436626) + + -- David Kalnischkies Mon, 13 Apr 2015 07:14:36 +0200 + +apt (1.0.9.7) unstable; urgency=medium + + [ Tomasz Buchert ] + * Fix crash in the apt-transport-https when Owner is NULL (Closes: #778375) + + -- Michael Vogt Mon, 23 Feb 2015 12:54:03 +0100 + +apt (1.0.9.6) unstable; urgency=medium + + [ Michael Vogt ] + * Fix missing URIStart() for https downloads + * Add regression test for the previous commit + + [ David Kalnischkies ] + * 128 KiB DSC files ought to be enough for everyone (Closes: 774893) + * award points for positive dependencies again (Closes: 774924) + + -- Michael Vogt Fri, 16 Jan 2015 08:37:25 +0100 + +apt (1.0.9.5) unstable; urgency=medium + + [ David Kalnischkies ] + * dispose http(s) 416 error page as non-content (Closes: 768797) + * do not make PTY slave the controlling terminal (Closes: 772641) + * always run 'dpkg --configure -a' at the end of our dpkg callings + (Closes: 769609) + * pass-through stdin fd instead of content if not a terminal (Closes: 773061) + + [ James McCoy ] + * tighten filtering of kernel images in apt.auto-removal (Closes: 772732) + + [ Jean-Pierre Giraud ] + * French manpages translation update (Closes: 771967) + + [ Zhou Mo ] + * Chinese (simplified) program translation update (Closes: 771982) + + [ Kenshi Muto ] + * Japanese program translation update (Closes: 772678) + + [ Theppitak Karoonboonyanan ] + * Thai program translation update (Closes: 772913) + + -- David Kalnischkies Tue, 23 Dec 2014 13:22:42 +0100 + +apt (1.0.9.4) unstable; urgency=medium + + [ David Kalnischkies ] + * use 'best' hash for source authentication (LP: 1098738) + * deprecate the Section member from package struct + * allow options between command and -- on commandline + * re-enable support for -s (and co) in apt-get source (Closes: 742578) + * change codenames to jessie as stable POV in docs + * close leaking slave fd after setting up pty magic (Closes: 767774) + * fix PTY interaction on linux and kfreebsd (Closes: 765687) + + [ James McCoy ] + * support long keyids in "apt-key del" instead of ignoring them + (Closes: 754436) + + [ Michael Vogt ] + * Use sysconf(_SC_ARG_MAX) to find the size of Dpkg::MaxArgBytes + + [ Frans Spiesschaert ] + * Dutch program translation update (Closes: 771039) + + [ Julien Patriarca ] + * French program translation update (Closes: 766755) + + [ Zhou Mo ] + * Chinese (simplified) program translation update (Closes: 766170) + + [ Miroslav Kure ] + * Czech program translation update (Closes: 764055) + + [ Mert Dirik ] + * Turkish program translation update (Closes: 763379) + + [ Kenshi Muto ] + * Japanese program translation update (Closes: 763033) + + [ Manuel "Venturi" Porras Peralta ] + * Spanish program translation update (Closes: 771815) + + -- David Kalnischkies Wed, 03 Dec 2014 14:26:04 +0100 + +apt (1.0.9.3) unstable; urgency=medium + + [ josch ] + * implement the updated build profile spec + + [ Michael Vogt ] + * methods/rsh.cc: replace strcat with std::string (Closes: #76442) + + [ Guillem Jover ] + * Update Status field values handling + + [ David Kalnischkies ] + * don't cleanup cdrom files in apt-get update (Closes: 765458) + + -- Michael Vogt Wed, 15 Oct 2014 19:49:38 +0200 + +apt (1.0.9.2) unstable; urgency=medium + + [ Michael Vogt ] + * test/integration/test-apt-update-file: improve test + * Fix regression when copy: is used for a relative path (Closes: #762160) + * generalize Acquire::GzipIndex to support all compressions that + apt supports + * Fix regression for cdrom: sources from latest security update + * Ensure that iTFRewritePackageOrder is "MD5sum" to match + apt-ftparchive + * debian/rules: add hardening=+all. + Thanks to Simon Ruderich, Markus Waldeck + + [ Holger Wansing ] + * German program translation update (Closes: 762223) + + [ Jérémy Bobbio ] + * disable timestamps in the footer of docs by doxygen + + [ Trần Ngọc Quân ] + * Set STRIP_FROM_PATH for doxygen + + [ Guillem Jover ] + * apt-get: Create the temporary downloaded changelog inside tmpdir + (closes: #763780) (CVE-2014-7206) + + -- Michael Vogt Thu, 02 Oct 2014 22:05:39 +0200 + +apt (1.0.9.1) unstable; urgency=high + + [ Michael Vogt ] + * Allow override of Proxy-Auto-Detect by the users configuration + (Closes: 759264) + * fix ci autopkgtest + * fix regression from 1.0.9 when file:/// source are used and + those are on a different partition than the apt state directory + and add regression test + + [ Trần Ngọc Quân ] + * l10n: vi.po (636t): Update program translation + + [ Chris Leick ] + * Updated German documentation translation + + [ Mert Dirik ] + * Turkish program translation update (Closes: 761394) + + -- Michael Vogt Tue, 16 Sep 2014 20:52:25 +0200 + +apt (1.0.9) unstable; urgency=high + + * SECURITY UPDATE: + - incorrect invalidating of unauthenticated data (CVE-2014-0488) + - incorect verification of 304 reply (CVE-2014-0487) + - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) + + -- Michael Vogt Mon, 15 Sep 2014 08:34:46 +0200 + +apt (1.0.8) unstable; urgency=medium + + [ Holger Wansing ] + * German program translation update (Closes: 758837) + + [ Américo Monteiro ] + * Portuguese manpages translation update (Closes: 759608) + + [ Warren He ] + * initialize iPolicyBrokenCount in DepCache::Update (Closes: 758397) + + [ Andreas Oberritter ] + * Avoid yielding blank lines with APT::Cmd::use-format=true + + [ Michael Vogt ] + * Make Proxy-Auto-Detect check for each host (Closes: #759264) + * Add testcase for apt list --all-versions + * * apt-pkg/deb/dpkgpm.cc: + - update string matching for dpkg I/O errors. (LP: #1363257) + - properly parse the dpkg status line so that package name + is properly set and an apport report is created. Thanks + to Anders Kaseorg for the patch (LP: #1353171) + * Use heap to allocate PatternMatch to avoid potential stack overflow + (Closes: 759612) + * Run autopkgtest tests with "env -i" to avoid pollution from the host env + (Closes: #759655) + * test/integration/test-ubuntu-bug-346386-apt-get-update-paywall: + - use downloadfile() to fix test failure + * Fix incorrect upgradable listing in "apt list" + (thanks to Michael Musenbrock) (Closes: #753297) + * apt-pkg/cachefile.cc: + - ensure we have a Policy in CacheFile.BuildDepCache() + * methods/http.cc: + - Improve Debug::Acquire::http debug output + + [ Dimitri John Ledkov ] + * apt-ftparchive: make Packages & Sources generation optional, + during Generate call + + [ David Kalnischkies ] + * support regular expressions in 'apt search' + * implement --full in apt search + * fix progress report for upgrade and reinstall + * rework PTY magic to fix stair-stepping on kfreebsd (Closes: 759684) + * don't call pager in non-terminals for changelog (Closes: 755040) + + -- Michael Vogt Tue, 09 Sep 2014 20:09:11 +0200 + apt (1.0.7) unstable; urgency=medium [ Michael Vogt ]