X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/609bb2ead3adef6e56daac1d12a9bdc482a4ae77..4b30c1dc053278a6b9bdb50f0d91b3f934e8613d:/debian/changelog?ds=inline diff --git a/debian/changelog b/debian/changelog index b140cd7cd..acbe7ddba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,631 @@ +apt (1.1~exp3) experimental; urgency=medium + + [ Michael Vogt ] + * merged changes from debian/sid up to 1.0.9.1 + * Make /var/lib/apt/lists and /var/cache/apt/archives owned + by the new _apt user + * Drop Privileges in the following acquire methods: + copy, http, https, ftp, gpgv, gzip/bzip2/lzma/xz + * DropPrivs: Improvements based on feedback from error@debian.org + + [ Julian Andres Klode ] + * DropPriv: Really call seteuid and not setuid, and add more checks + * Use _apt as our unprivileged user name + * DropPrivs: Also check for saved set-user-ID and set-group-ID + * methods: Fail if we cannot drop privileges + * DropPrivs: Also check for saved set-user-ID and set-group-ID + + -- Michael Vogt Wed, 24 Sep 2014 22:30:09 +0200 + +apt (1.1~exp2) experimental; urgency=medium + + [ Guillem Jover ] + * Add new Base256ToNum long long overload function + * Fix ar and tar code to be LFS-safe (Closes: #742882) + + [ Michael Vogt ] + * increase libapt-inst to version 1.6 + * Only allow "apt-get build-dep path" when path starts with ./ or / + * Allow passing a full path to apt-get install /foo/bar.deb (CLoses: #752327) + * merge changes from the 1.0.6 upload + + -- Michael Vogt Thu, 10 Jul 2014 13:18:08 +0200 + +apt (1.1~exp1) experimental; urgency=low + + [ David Kalnischkies ] + * [API Break] change "std::string pkgAcquire::Item::DescURI()" to + "std::string pkgAcquire::Item::DescURI() const" + * [ABI-Break] increase hashtable size for packages/groups by factor 5 + * [ABI-Break] cleanup datatypes mix used in binary cache + * [internal API-Break] remove the Section member from package struct + * use 'best' hash for source authentication (LP: 1098738) + * use HashStringList in the acquire system + * deal with hashes in ftparchive more dynamic as well + * reenable pipelining via hashsum reordering support + * parse and retrieve multiple Descriptions in one record + * improve pkgTagSection scanning and parsing + * invalid cache if architecture set doesn't match (Closes: 745036) + + [ Michael Vogt ] + * add support for "apt-get build-dep foo.dsc" + * add support for "apt-get build-dep unpacked-source-dir" + * add support for "apt-get install foo_1.0_all.deb" + * make "apt-get update" progress much more accurate by loading the + sizes of the targets into the fetcher early + * Implement simple by-hash for apt update to improve reliability of + the update. Apt will try to fetch the Packages file via + /by-hash/$hash_type/$hash_value if the repo supports that. + - add APT::Acquire::$(host)::By-Hash=1 knob + - add Acquire-By-Hash=1 to Release file + * add Debug::Acquire::Progress debug option + * [ABI-Break] lp:~mvo/apt/source-hashes: + - use sha{512,256,1} for deb-src when available LP: #1098738 + * [ABI-Break] stop exporting the accidently exported parsenetrc() symbol + * [ABI-Break] remove the PACKAGE_MATCHER_ABI_COMPAT defines + * [ABI BREAK] apt-pkg/pkgcache.h: + - adjust pkgCache::State::VerPriority enum, to match reality + * test/integration/test-debsrc-hashes: + - add integration test, thanks to Daniel Hartwig + * [ABI-Break] remove the PACKAGE_MATCHER_ABI_COMPAT defines + * [ABI-Break] Pass struct IndexTarget/indexRecords to + pkgAcqIndex{,Merge}Diffs + * [internal API-Break] rename pkgCache::Package::NextPackage to + pkgCache::Package::Next + * Calculate Percent as part of pkgAcquireStatus to provide a weighted + percent for both items and bytes + * apt-pkg/contrib/macros.h: bump library version to 4.13 + * apt-private/acqprogress.cc: do not show file size on IMSHit, it wasn't + fetched + * Fix warnings from clang -Wall/clang -fsanitize=address + * add DropPrivs() and drop privileges to nobody when running the + the buildin apt and dump solvers + * lp:~mvo/apt/webserver-simulate-broken-with-fix346386: + - fix invalid InRelease file download checking and add regression + test to server broken files to the buildin test webserver + - add regression test for LP: #34638 + + -- Michael Vogt Thu, 19 Jun 2014 12:01:48 +0200 + +apt (1.0.9.1) unstable; urgency=high + + [ Michael Vogt ] + * Allow override of Proxy-Auto-Detect by the users configuration + (Closes: 759264) + * fix ci autopkgtest + * fix regression from 1.0.9 when file:/// source are used and + those are on a different partition than the apt state directory + and add regression test + + [ Trần Ngọc Quân ] + * l10n: vi.po (636t): Update program translation + + [ Chris Leick ] + * Updated German documentation translation + + [ Mert Dirik ] + * Turkish program translation update (Closes: 761394) + + -- Michael Vogt Tue, 16 Sep 2014 20:52:25 +0200 + +apt (1.0.9) unstable; urgency=high + + * SECURITY UPDATE: + - incorrect invalidating of unauthenticated data (CVE-2014-0488) + - incorect verification of 304 reply (CVE-2014-0487) + - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) + + -- Michael Vogt Mon, 15 Sep 2014 08:34:46 +0200 + +apt (1.0.8) unstable; urgency=medium + + [ Holger Wansing ] + * German program translation update (Closes: 758837) + + [ Américo Monteiro ] + * Portuguese manpages translation update (Closes: 759608) + + [ Warren He ] + * initialize iPolicyBrokenCount in DepCache::Update (Closes: 758397) + + [ Andreas Oberritter ] + * Avoid yielding blank lines with APT::Cmd::use-format=true + + [ Michael Vogt ] + * Make Proxy-Auto-Detect check for each host (Closes: #759264) + * Add testcase for apt list --all-versions + * * apt-pkg/deb/dpkgpm.cc: + - update string matching for dpkg I/O errors. (LP: #1363257) + - properly parse the dpkg status line so that package name + is properly set and an apport report is created. Thanks + to Anders Kaseorg for the patch (LP: #1353171) + * Use heap to allocate PatternMatch to avoid potential stack overflow + (Closes: 759612) + * Run autopkgtest tests with "env -i" to avoid pollution from the host env + (Closes: #759655) + * test/integration/test-ubuntu-bug-346386-apt-get-update-paywall: + - use downloadfile() to fix test failure + * Fix incorrect upgradable listing in "apt list" + (thanks to Michael Musenbrock) (Closes: #753297) + * apt-pkg/cachefile.cc: + - ensure we have a Policy in CacheFile.BuildDepCache() + * methods/http.cc: + - Improve Debug::Acquire::http debug output + + [ Dimitri John Ledkov ] + * apt-ftparchive: make Packages & Sources generation optional, + during Generate call + + [ David Kalnischkies ] + * support regular expressions in 'apt search' + * implement --full in apt search + * fix progress report for upgrade and reinstall + * rework PTY magic to fix stair-stepping on kfreebsd (Closes: 759684) + * don't call pager in non-terminals for changelog (Closes: 755040) + + -- Michael Vogt Tue, 09 Sep 2014 20:09:11 +0200 + +apt (1.0.7) unstable; urgency=medium + + [ Michael Vogt ] + * add REAMDE.md + * StringToBool: only act if the entire string is consumed by strtol() + * Use @builddeps@ in the debian/tests/control file + * apt-pkg/acquire-item.cc: make pkgAcqDiffIndex more uniform + * Fix SmartConfigure to ignore ordering of packages that are already valid + * doc/apt.8.xml: fix typo, thanks to Jakub Wilk (Closes: #756056) + * doc/po/pt.po: updated, thanks to Américo Monteir (Closes: #756200) + + [ victory ] + * Update Japanese documentation translation (Closes: #754817) + + [ Trần Ngọc Quân ] + * l10n: vi.po (636t): Update one new string + + [ Julian Andres Klode ] + * Fix debListParser to accept "no" as a value for the Multi-Arch field + (Closes: #759099) + + [ Mert Dirik ] + * Turkish program translation update (Closes: 756710) + + [ Miroslav Kure ] + * Czech program translation update (Closes: 758208) + + [ David Kalnischkies ] + * add dpkg::source-options for dpkg-source invocation (Closes: 757534) + * support versioned provides as implemented by dpkg (Closes: 758153) + + -- Michael Vogt Wed, 27 Aug 2014 17:11:42 -0700 + +apt (1.0.6) unstable; urgency=medium + + [ Chris Leick ] + * German translation reviewed by Erik Pfannenstein + + [ Michael Vogt ] + * methods/http.cc: use Req.str() in debug output + * Do not try to parse invalid translation files (LP: #756317) + * Do not clean "/" in pkgAcquire::Clean/pkgArchiveCleaner (Closes: #753531) + * Only show packages as upgradable if the have a CandidateVer != 0 + (Closes: #753297) + + [ Trần Ngọc Quân ] + * l10n: vi.po: Update 3 new messages + + [ Joe Hansen ] + * Danish program translation update (Closes: 753979) + + [ David Kalnischkies ] + * handle moved mmap after UniqFindTagWrite call (Closes: #753941) + + [ Michele Orrù ] + * use printf instead of echo in testing framework + + [ Cédric Barboiron ] + * Improve description how to turn off the caches (Closes: #753531) + + [ Guillem Jover ] + * po: Fill or add missing Language field + * po: Remove fuzzy from file msgid header + * po: Fill Project-Id-Version with correct project id and version + * po: Fix Plural-Forms fields + * po: Fix or add missing email addresses + * po: Fix encoding issues + * po: Fix format specifier order in translation + * build: Set the XSL parameter through the command line instead of sed + * build: Convert from DebianDoc SGML to DocBook XML + * doc: Convert from DebianDoc SGML to DocBook XML + * doc: Unfuzzy DocBook translations + + -- Michael Vogt Thu, 10 Jul 2014 11:46:07 +0200 + +apt (1.0.5) unstable; urgency=low + + [ Michael Vogt ] + * fix autopkgtest tests + * fix test-apt-ftparchive-cachedb-lp1274466 and apt-internal-solver tests + * test/integration/test-essential-force-loopbreak: fix on non-amd64 systems + * Tell the user if no updates are available after apt update (Closes: #751388) + + [ Michele Orrù ] + * Check for gtest's header before building. + + [ Chris Leick ] + * Updated translation of german documentation + + [ Konstantin Manna ] + * fix two german manpage spelling mistakes (Closes: 751635) + * add missing comma in SEE ALSO of apt-secure manpage (Closes: 748506) + + [ Fredrik Fornwall ] + * use P_ instead of ngettext to compiling with --disable-nls (Closes: 751857) + + [ David Kalnischkies ] + * don't send pkg from an unknown architecture via EDSP + * fix SubstVar to be usable as a replace_all method + * show our broken packages message in 'apt' solver + * do not call resolver twice on (dist-)upgrade + + [ Stefano Zacchiroli ] + * EDSP doc: clarify that Install/Remove packages are arch-qualified + + -- Michael Vogt Wed, 18 Jun 2014 13:35:13 +0200 + +apt (1.0.4) unstable; urgency=low + + [ Michael Vogt ] + * Implement CacheDB for source packages in apt-ftparchive + * apt-private/acqprogress.cc: reset color in apt update + * Show progress in run-tests + * Never parse Version/Architecture tags in a Translation-$lang file + * Show upgradable packages after apt update (Closes: 748389) + * Fix various errors found by clang -fsanitize=address + * Fix various errors foudn by clang scan-build + * Show unauthenticated warning for source packages as well (Closes: #749795) + * Add compat mode for old (32bit FileSize) CacheDB (LP: #1274466) + * cmdline/apt-helper.cc: use less generic description/short-description + in apt-helper download + * add pkgSrcRecords::Step() to step through all the pkgSrcRecords + (thanks to Helmut Grohne) + + [ David Kalnischkies ] + * initialize Verify in second pkgAcqIndex constructor + * consistently fail if Smart* packagemanager actions fail + * fix tight loop detection and temporary removes + * if Resolver fails, do not continue even if not broken + * check exit status of external solvers + * do not revert candidate for protected packages (Closes: 745046) + * support Acquire::GzipIndexes in dumpavail (Closes: 742835) + + [ Stefano Zacchiroli ] + * EDSP doc: fix typo in Request stanza description + * EDSP: bump protocol version to 0.5 + * EDSP: add Architecture(s) multi-arch fields to the Request stanza + * EDSP: add Source field to Package stanzas + * EDSP: add APT-Release field to Package stanzas + + [ Sebastian Schmidt ] + * fix screen width detection for apt/apt-get lists (Closes: 748430, 747942) + + [ Milo Casagrande ] + * Italian program translation update (Closes: 750009) + + -- Michael Vogt Tue, 10 Jun 2014 14:55:05 +0200 + +apt (1.0.3) unstable; urgency=medium + + [ Michael Vogt ] + * reduce delta to ubuntu + * provide support for vendor specific config files + * debian/apt-doc.docs: remove README.MultiArch + * Fix missing ScreenWidth check in apt.cc + * Only do openpty() if both stdin/stdout are terminals (Closes: 746434) + + [ David Kalnischkies ] + * add a README for vendor information + * remove outdated README.MultiArch + * build http request in a stringstream + * enforce LFS for partial files in https range requests + * handle pkgnames shorter than modifiers (Closes: 744940) + * allow vendors to install configuration files + + [ John Ogness ] + * properly undo CD-ROM mount in all error cases + + [ Mahyuddin Ramli ] + * add vendor information for BlankOn (Closes: 743595) + + [ Adam Conrad ] + * fix FileFd::Size bitswap on big-endian architectures (Closes: 745866) + + [ Trần Ngọc Quân ] + * l10n: vi.po: Update one new string + + -- Michael Vogt Mon, 05 May 2014 14:03:15 +0200 + +apt (1.0.2) unstable; urgency=medium + + [ Michael Vogt ] + * fix apt list output for pkgs in dpkg ^rc state + * Notice the user about "apt list -a" when only a single hit if found + * fix test-failure in adt + * apt-private/acqprogress.cc: fix output when ctrl-c is hit during + apt update (LP: #1310548, closes: #744297) + * Fix option name DPkg::Progress-Fancy in apt.8 manpage + (LP: #1310506) + + [ David Kalnischkies ] + * don't double-count seeks in FileFd::Skip for bzip/xz + * deal with umask only if we really need to for mkstemp + * consider priorities only for downloadable pkgs in resolver + * force fancy progressbar redraw on window size change + * clear HitEof flag in FileFd::Seek + * use Google C++ Testing Framework for libapt tests + * support dist-upgrade options in full-upgrade + + [ Trần Ngọc Quân ] + * l10n: vi.po (624t): Update translation + + [ Theppitak Karoonboonyanan ] + * Updated Thai program translation (closes: #745120) + + [ James McCoy ] + * Consistently use Dpkg::Progress* in documentation (Closes: 745452) + + -- Michael Vogt Fri, 25 Apr 2014 13:15:03 +0200 + +apt (1.0.1) unstable; urgency=medium + + [ Michael Vogt ] + * Fix crash in "apt list" when a sources.list file is unreable + (Closes: 743413) + * make apt search case-insensitive by default + * Fix possible race when stunnel/aptwebserver create their PID files + in the tests + * Fix insecure file permissions when using FileFd with OpenMode::Atomic + (LP: #1304657) + + [ Julian Andres Klode ] + * Version the Breaks/Replaces for sun-java{5,6}-jdk (LP: #1302736) + (Closes: #743616) + * Add versioned openjdk-6-jdk breaks + + [ Josef Vitu ] + * apt: Minor typo in 'apt' man page (closes: #743657) + + -- Michael Vogt Thu, 10 Apr 2014 09:48:56 +0200 + +apt (1.0) unstable; urgency=low + + The "Happy birthday and 10000b years in the making" release + + [ Julian Andres Klode ] + * apt-inst: Do not try to create a substring of an empty string in + error reporting (LP: #1288718) + + [ Beatrice Torracca ] + * Italian manpages translation update (Closes: 741867) + + [ Kenshi Muto ] + * Japanese programs translation update (Closes: 742255) + + [ David Kalnischkies ] + * continue reading in xz even if it outputs nothing + * only consider versioned kernel packages in autoremove (Closes: 741962) + * correct some reported typos in /etc/cron.daily/apt (Closes: 702016) + * ensure proper teardown in dpkg error cases (Closes: 738969) + * update symbols file to include new symbols from 0.9.16 + * do IsInstallOk call in MarkInstall unconditionally + * discard candidates via IsInstallOk to allow override (Closes: 740750) + + [ Michael Vogt ] + * install apt binary + * add apt.8.xml manpage + * make fancy-progress fg/bg color configurable via something like + Dpkg::Progress-Fancy::Progress-{bg,fg}="%1b[30m" + (thanks to Tim Wasser for the suggestion) + * Add progressbar to "Dpkg::Progress-Fancy" + * fix documentation for APT::Periodic::MaxSize "0" (closes: #740551) + * Use mkstemp() in apt-extracttemplaes (closes: #741627) + * Add new Debug::RunScripts debug option + * do not crash on SIGPIPE in pkgDPkgPM::RunScriptsWithPkgs() + * enable DPkg::Progress-Fancy by default when "apt" is used + * refresh po/pot and unfuzzy apt-extracttemplate manpage change + * remove no longer needed apt.7 page + * install "apt" binary by default + * add sun-java{5,6}-jdk to breaks/replaces as they provided a + "apt" binary as well + + [ Trần Ngọc Quân ] + * l10n: vi.po (623t): Update Vietnamese translation + * debian: Add default compress option to xz + + -- Michael Vogt Tue, 01 Apr 2014 15:48:46 +0200 + +apt (0.9.16.1) unstable; urgency=medium + + [ Chris Leick ] + * Updated German doc translation + + [ Julian Andres Klode ] + * Fix handling of autoclosing for compressed files (Closes: #741685) + + -- Julian Andres Klode Sat, 15 Mar 2014 18:05:25 +0100 + +apt (0.9.16) unstable; urgency=medium + + [ Michael Vogt ] + * add hashsum support in apt-helper download-file and + add more tests + + [ Trần Ngọc Quân ] + * l10n: vi.po (624t): Update Vietnamese translation + + [ David Kalnischkies ] + * propagate a negative score point along breaks/conflicts + * check version before adding scores in resolver + * autogenerate makefile for vendor system + * add default and override handling for Cnf::FindVector + * support DEB_BUILD_PROFILES and -P for build profiles + * do not configure already unpacked packages needlessly (Closes: 740843) + * if mountpoint has a ".disk" directory it is mounted + * no error for non-existing mountpoints in MountCdrom + * apt-cdrom ident shouldn't be interactive (Closes: 740673) + * support very long mtab entries in mountpoint discovery + * msgstr with elipses need three dots + * cmdline parsing: apt-config is not apt-cdrom + * use a configurable list of versioned kernel packages + * support kfreebsd and hurd in the kernel hook + * add ".*-{kernel,modules}-$KERVER" matcher for hook + * ensure that a dot is a dot in the hook + * use liblzma-dev to provide xz/lzma support + * use the pretty fullname of a pkg as download desciption + + [ Johannes Schauer ] + * implement BuildProfileSpec support as dpkg has in 1.17.2 (Closes: 661537) + + [ Wojciech Górski ] + * fix polish --install-suggests text in apt-get manpage (Closes: 741056) + + -- Michael Vogt Fri, 14 Mar 2014 09:45:05 +0100 + +apt (0.9.15.5) unstable; urgency=medium + + [ Michael Vogt ] + * vendor/tanglu/makefile: add missing clean/sources.list + * run the acquire tests with the new apt-helper binary, this + fixes the autopkgtest failures + + [ Martin Pitt ] + * Fix autopkgtest missing dependencies and locale (closes: #739988) + + -- Michael Vogt Fri, 28 Feb 2014 08:44:25 +0100 + +apt (0.9.15.4) unstable; urgency=low + + [ Michael Vogt ] + * remove auto-generated apt-key and sources.list on clean (closes: 739749) + * add testcase for Bug#718329 + * various fixes for ADT failures + + [ Jon Severinsson ] + * add apt-vendor information for tanglu + + [ Guillem Jover ] + * ExtractTar: Allow an empty decompressor program + * DebFile: Refactor ExtractTarMember() out from ExtractArchive() + * Add support for data.tar, control.tar and control.tar.xz + * debian: Add debDebFile::ExtractTarMember to the symbols file + * Fix typos in documentation (codespell) + + -- Michael Vogt Sun, 23 Feb 2014 00:27:12 +0100 + +apt (0.9.15.3) unstable; urgency=medium + + [ Michael Vogt ] + * disable https->http redirects in libcurl, thanks to Julien Cristau + * ADT: use "Restrictions: allow-stderr and avoid apt-stderr.log in + debian/tests/run-tests + * test/integration/test-bug-723705-tagfile-truncates-fields: + - fix autopkgtest failure + * add missing canNotFindFnmatch/showFnmatchSelection + (for the next ABI break) + * disable fnmatch() matching from the commandline + * merge testcase for the autoremove feature from the ubuntu branch + + [ David Kalnischkies ] + * do not recommend dselect in apt-get manpage (Closes: 617625) + * report https download start only if we really get it + * allow http protocol to switch to https + * do not compress .xhtml files and remove junk files (Closes: 738933) + * simplify code some more to make reddit happy + * update symbols file with hints from the buildlogs + + -- Michael Vogt Thu, 20 Feb 2014 14:42:39 +0100 + +apt (0.9.15.2) unstable; urgency=medium + + [ Michael Vogt ] + * move isatty() check into InitOutput() + * Use a APT::VersionSet instead of a VersionList + (closes: #738103) + + [ David Kalnischkies ] + * simplify code to make compilers happy + * update libapt-pkg.symbols file + * bump Standards-Version to 3.9.5 (no changes needed) + * do not use an empty APT_CONFIG environment variable + * always cleanup patchfiles at the end of rred call + * use VersionSet in download to handle repeats (Closes: 738103) + * use utimes instead of utimensat/futimens (Closes: 738567) + + [ John Ogness ] + * apt-cdrom should succeed if any drive succeeds (Closes: 728153) + + [ Trần Ngọc Quân ] + * l10n: vi.po (621t): Update and review + + -- Michael Vogt Thu, 13 Feb 2014 09:50:04 +0100 + +apt (0.9.15.1) unstable; urgency=medium + + [ David Kalnischkies ] + * use gpg --homedir instead of explicit file placement + * use svg in doxygen and ensure dot is around for it + * pkgTagFile: if we have seen the end, do not try to see more + * restart debSrcRecordParsers only if needed + * discard impossible candidates in MarkInstall (Closes: #735967) + + [ Chris Leick ] + * update german manpage translation + * Trivian unfuzzies of the German po4a translation + + [ Michael Vogt ] + * fix apt-get download truncation (closes: #736962) + * do not crash if VF.File()/VF.File().Archive() is NULL + * show "status" in apt list last to be more awk friendly + (thanks to Axel Beckert) + * Fix multiarch package upgrade issue + * add test for Suite with path + + [ Colin Watson ] + * multicompress with externals sets wrong file modes (Closes: 737130) + + -- Michael Vogt Thu, 06 Feb 2014 18:09:19 +0100 + +apt (0.9.15) unstable; urgency=low + + * upload version from debian/experimental to unstable + + -- Michael Vogt Sat, 25 Jan 2014 21:57:00 +0100 + +apt (0.9.14.3~exp5) experimental; urgency=medium + + [ Anthony Towns ] + * methods/rred: minor robustness improvements + + [ Michael Vogt ] + * make "apt-mark help" shows all commands + * make "apt show" output more user friendly + * add "apt full-upgrade" and tweak "apt upgrade" + * set APT::Sources::Use-Deb822=false until the format + is fully finalized + + -- Michael Vogt Fri, 24 Jan 2014 23:21:04 +0100 + +apt (0.9.14.3~exp4) experimental; urgency=medium + + * implement deb822 suggestions by Anthony Towns and Julian Andres Klode: + - add Description tag for deb822 sources + - add support for Enabled: no in deb822 sources.list + - add support for multiple URIs in deb822 style sources.list + - add support for multipl types in one line + * add integration test for apt search and apt show + * do not ignore ioctl(TIOCSCTTY) errors + + -- Michael Vogt Wed, 22 Jan 2014 18:59:07 +0100 + apt (0.9.14.3~exp3) experimental; urgency=low * implement deb822 suggestions by donkult (thanks!):