X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/343325f4cc460b709fc929f85bc2a3d4691d63fe..4b30c1dc053278a6b9bdb50f0d91b3f934e8613d:/debian/changelog diff --git a/debian/changelog b/debian/changelog index 1c959bc20..acbe7ddba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,36 @@ +apt (1.1~exp3) experimental; urgency=medium + + [ Michael Vogt ] + * merged changes from debian/sid up to 1.0.9.1 + * Make /var/lib/apt/lists and /var/cache/apt/archives owned + by the new _apt user + * Drop Privileges in the following acquire methods: + copy, http, https, ftp, gpgv, gzip/bzip2/lzma/xz + * DropPrivs: Improvements based on feedback from error@debian.org + + [ Julian Andres Klode ] + * DropPriv: Really call seteuid and not setuid, and add more checks + * Use _apt as our unprivileged user name + * DropPrivs: Also check for saved set-user-ID and set-group-ID + * methods: Fail if we cannot drop privileges + * DropPrivs: Also check for saved set-user-ID and set-group-ID + + -- Michael Vogt Wed, 24 Sep 2014 22:30:09 +0200 + +apt (1.1~exp2) experimental; urgency=medium + + [ Guillem Jover ] + * Add new Base256ToNum long long overload function + * Fix ar and tar code to be LFS-safe (Closes: #742882) + + [ Michael Vogt ] + * increase libapt-inst to version 1.6 + * Only allow "apt-get build-dep path" when path starts with ./ or / + * Allow passing a full path to apt-get install /foo/bar.deb (CLoses: #752327) + * merge changes from the 1.0.6 upload + + -- Michael Vogt Thu, 10 Jul 2014 13:18:08 +0200 + apt (1.1~exp1) experimental; urgency=low [ David Kalnischkies ] @@ -54,6 +87,117 @@ apt (1.1~exp1) experimental; urgency=low -- Michael Vogt Thu, 19 Jun 2014 12:01:48 +0200 +apt (1.0.9.1) unstable; urgency=high + + [ Michael Vogt ] + * Allow override of Proxy-Auto-Detect by the users configuration + (Closes: 759264) + * fix ci autopkgtest + * fix regression from 1.0.9 when file:/// source are used and + those are on a different partition than the apt state directory + and add regression test + + [ Trần Ngọc Quân ] + * l10n: vi.po (636t): Update program translation + + [ Chris Leick ] + * Updated German documentation translation + + [ Mert Dirik ] + * Turkish program translation update (Closes: 761394) + + -- Michael Vogt Tue, 16 Sep 2014 20:52:25 +0200 + +apt (1.0.9) unstable; urgency=high + + * SECURITY UPDATE: + - incorrect invalidating of unauthenticated data (CVE-2014-0488) + - incorect verification of 304 reply (CVE-2014-0487) + - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) + + -- Michael Vogt Mon, 15 Sep 2014 08:34:46 +0200 + +apt (1.0.8) unstable; urgency=medium + + [ Holger Wansing ] + * German program translation update (Closes: 758837) + + [ Américo Monteiro ] + * Portuguese manpages translation update (Closes: 759608) + + [ Warren He ] + * initialize iPolicyBrokenCount in DepCache::Update (Closes: 758397) + + [ Andreas Oberritter ] + * Avoid yielding blank lines with APT::Cmd::use-format=true + + [ Michael Vogt ] + * Make Proxy-Auto-Detect check for each host (Closes: #759264) + * Add testcase for apt list --all-versions + * * apt-pkg/deb/dpkgpm.cc: + - update string matching for dpkg I/O errors. (LP: #1363257) + - properly parse the dpkg status line so that package name + is properly set and an apport report is created. Thanks + to Anders Kaseorg for the patch (LP: #1353171) + * Use heap to allocate PatternMatch to avoid potential stack overflow + (Closes: 759612) + * Run autopkgtest tests with "env -i" to avoid pollution from the host env + (Closes: #759655) + * test/integration/test-ubuntu-bug-346386-apt-get-update-paywall: + - use downloadfile() to fix test failure + * Fix incorrect upgradable listing in "apt list" + (thanks to Michael Musenbrock) (Closes: #753297) + * apt-pkg/cachefile.cc: + - ensure we have a Policy in CacheFile.BuildDepCache() + * methods/http.cc: + - Improve Debug::Acquire::http debug output + + [ Dimitri John Ledkov ] + * apt-ftparchive: make Packages & Sources generation optional, + during Generate call + + [ David Kalnischkies ] + * support regular expressions in 'apt search' + * implement --full in apt search + * fix progress report for upgrade and reinstall + * rework PTY magic to fix stair-stepping on kfreebsd (Closes: 759684) + * don't call pager in non-terminals for changelog (Closes: 755040) + + -- Michael Vogt Tue, 09 Sep 2014 20:09:11 +0200 + +apt (1.0.7) unstable; urgency=medium + + [ Michael Vogt ] + * add REAMDE.md + * StringToBool: only act if the entire string is consumed by strtol() + * Use @builddeps@ in the debian/tests/control file + * apt-pkg/acquire-item.cc: make pkgAcqDiffIndex more uniform + * Fix SmartConfigure to ignore ordering of packages that are already valid + * doc/apt.8.xml: fix typo, thanks to Jakub Wilk (Closes: #756056) + * doc/po/pt.po: updated, thanks to Américo Monteir (Closes: #756200) + + [ victory ] + * Update Japanese documentation translation (Closes: #754817) + + [ Trần Ngọc Quân ] + * l10n: vi.po (636t): Update one new string + + [ Julian Andres Klode ] + * Fix debListParser to accept "no" as a value for the Multi-Arch field + (Closes: #759099) + + [ Mert Dirik ] + * Turkish program translation update (Closes: 756710) + + [ Miroslav Kure ] + * Czech program translation update (Closes: 758208) + + [ David Kalnischkies ] + * add dpkg::source-options for dpkg-source invocation (Closes: 757534) + * support versioned provides as implemented by dpkg (Closes: 758153) + + -- Michael Vogt Wed, 27 Aug 2014 17:11:42 -0700 + apt (1.0.6) unstable; urgency=medium [ Chris Leick ]