X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/9ed80cdd1faceb32963393449bc94a5d93a9115f..e3b402f40373365e169f30d276e467f708074ffc:/debian/changelog diff --git a/debian/changelog b/debian/changelog index 09d818e20..f0eb0421d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,284 @@ -apt (0.9.7.6) UNRELEASED; urgency=low +apt (0.9.8.2) UNRELEASED; urgency=low + + [ Programs translations ] + * French translation : typo fix. Closes: #677272 + + [ Guillem Jover ] + * Update Vcs fields (Closes: #708562) + + [ Michael Vogt ] + * buildlib/apti18n.h.in: + - fix build failure when building without NLS (closes: #671587) + + [ Gregoire Menuel ] + * fix double free (closes: #711045) + + -- Christian Perrier Thu, 16 May 2013 22:28:22 +0200 + +apt (0.9.8.1) unstable; urgency=low + + [ David Kalnischkies ] + * apt-pkg/indexcopy.cc: + - non-inline RunGPGV methods to restore ABI compatibility with previous + versions to fix partial upgrades (Closes: #707771) + + [ Michael Vogt ] + * moved source to http://git.debian.org/apt/apt.git + * updated gbp.conf to match what bzr-buildpackage is doing + * remove .bzr-buildpackage/default.conf (superseeded by gbp.conf) + + -- Michael Vogt Thu, 16 May 2013 14:50:43 +0200 + +apt (0.9.8) unstable; urgency=low + + [ Ludovico Cavedon ] + * properly handle if-modfied-since with libcurl/https + (closes: #705648) + + [ Andreas Beckman ] + * apt-pkg/algorithms.cc: + - Do not propagate negative scores from rdepends. Propagating the absolute + value of a negative score may boost obsolete packages and keep them + installed instead of installing their successors. (Closes: #699759) + + [ Michael Vogt ] + * apt-pkg/sourcelist.cc: + - fix segfault when a hostname contains a [, thanks to + Tzafrir Cohen (closes: #704653) + * debian/control: + - replace manpages-it (closes: #704723) + + [ David Kalnischkies ] + * various simple changes to fix cppcheck warnings + * apt-pkg/pkgcachegen.cc: + - do not store the MD5Sum for every description language variant as + it will be the same for all so it can be shared to save cache space + - handle language tags for descriptions are unique strings to be shared + - factor version string creation out of NewDepends, so we can easily reuse + version strings e.g. for implicit multi-arch dependencies + - equal comparisions are used mostly in same-source relations, + so use this to try to reuse some version strings + - sort group and package names in the hashtable on insert + - share version strings between same versions (of different architectures) + to save some space and allow quick comparisions later on + * apt-pkg/pkgcache.cc: + - assume sorted hashtable entries for groups/packages + * apt-pkg/cacheiterators.h: + - provide DepIterator::IsSatisfied as a nicer shorthand for DepCheck + * apt-pkg/deb/debversion.cc: + - add a string-equal shortcut for equal version comparisions + + [ Marc Deslauriers ] + * make apt-ftparchive generate missing deb-src hashes (LP: #1078697) + + [ Yaroslav Halchenko ] + * Fix English spelling error in a message ('A error'). Unfuzzy + translations. Closes: #705087 + + [ Programs translations ] + * French translation completed (Christian Perrier) + + [ Manpages translations ] + * French translation completed (Christian Perrier) + + [ Daniel Hartwig ] + * apt-pkg/contrib/strutl.cc: + - include port in shortened URIs (e.g. with apt-cache policy, progress + display) thanks to James McCoy (Closes: #154868, #322074) + - percent-encode username and password when writing URIs + * methods/http.cc: + - properly escape IP-literals (e.g. IPv6 address) when building + Host headers and URIs (Closes: #620344) + * methods/https.cc: + - use https_proxy environment variable if present, falling back to + http_proxy otherwise + - use authentication credentials from proxy URI + (Closes: #651640, LP: #1087512) + - environment variables do not override an explicit no proxy + directive ("DIRECT") in apt.conf + - disregard all_proxy environment variable, like other methods + + -- Michael Vogt Wed, 08 May 2013 18:43:28 +0200 + +apt (0.9.7.9~exp2) experimental; urgency=low + + [ Programs translations ] + * Update all PO files and apt-all.pot + * French translation completed (Christian Perrier) + + [ Daniel Hartwig ] + * cmdline/apt-get.cc: + - do not have space between "-a" and option when cross building + (closes: #703792) + * test/integration/test-apt-get-download: + - fix test now that #1098752 is fixed + * po/{ca,cs,ru}.po: + - fix merge artifact + + [ David Kalnischkies ] + * apt-pkg/indexcopy.cc: + - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc + * apt-pkg/contrib/gpgv.cc: + - ExecGPGV is a method which should never return, so mark it as such + and fix the inconsistency of returning in error cases + - don't close stdout/stderr if it is also the statusfd + - if ExecGPGV deals with a clear-signed file it will split this file + into data and signatures, pass it to gpgv for verification + - add method to open (maybe) clearsigned files transparently + * apt-pkg/acquire-item.cc: + - keep the last good InRelease file around just as we do it with + Release.gpg in case the new one we download isn't good for us + * apt-pkg/deb/debmetaindex.cc: + - reenable InRelease by default + * ftparchive/writer.cc, + apt-pkg/deb/debindexfile.cc, + apt-pkg/deb/deblistparser.cc: + - use OpenMaybeClearSignedFile to be free from detecting and + skipping clearsigning metadata in dsc and Release files + + [ Michael Vogt ] + * add regression test for CVE-2013-1051 + * implement GPGSplit() based on the idea from Ansgar Burchardt + (many thanks!) + * methods/connect.cc: + - use Errno() instead of strerror(), thanks to David Kalnischk + * doc/apt.conf.5.xml: + - document Acquire::ForceIPv{4,6} + + -- Michael Vogt Wed, 03 Apr 2013 14:19:58 +0200 + +apt (0.9.7.9~exp1) experimental; urgency=low + + [ Niels Thykier ] + * test/libapt/assert.h, test/libapt/run-tests: + - exit with status 1 on test failure + + [ Daniel Hartwig ] + * test/integration/framework: + - continue after test failure but preserve exit status + + [ Programs translation updates ] + * Turkish (Mert Dirik). Closes: #703526 + + [ Colin Watson ] + * methods/connect.cc: + - provide useful error message in case of EAI_SYSTEM + (closes: #703603) + + [ Michael Vogt ] + * add new config options "Acquire::ForceIPv4" and + "Acquire::ForceIPv6" to allow focing one or the other + (closes: #611891) + * lp:~mvo/apt/fix-tagfile-hash: + - fix false positives in pkgTagSection.Exists(), thanks to + Niels Thykier for the testcase (closes: #703240) + - this will require rebuilds of the clients as this used to + be a inline function + + -- Michael Vogt Fri, 22 Mar 2013 21:57:08 +0100 + +apt (0.9.7.8) unstable; urgency=criticial + + * SECURITY UPDATE: InRelease verification bypass + - CVE-2013-1051 + + [ David Kalnischk ] + * apt-pkg/deb/debmetaindex.cc, + test/integration/test-bug-595691-empty-and-broken-archive-files, + test/integration/test-releasefile-verification: + - disable InRelease downloading until the verification issue is + fixed, thanks to Ansgar Burchardt for finding the flaw + + -- Michael Vogt Thu, 14 Mar 2013 07:47:36 +0100 + +apt (0.9.7.8~exp2) experimental; urgency=low + + * include two missing patches to really fix bug #696225, thanks to + Guillem Jover + * ensure sha512 is really used when available, thanks to Tyler Hicks + (LP: #1098752) + + -- Michael Vogt Fri, 01 Mar 2013 19:06:55 +0100 + +apt (0.9.7.8~exp1) experimental; urgency=low + + [ Manpages translation updates ] + * Italian (Beatrice Torracca). Closes: #696601 + + [ Programs translation updates ] + * Japanese (Kenshi Muto). Closes: #699783 + + [ Michael Vogt ] + * fix pkgProblemResolver::Scores, thanks to Paul Wise. + Closes: #697577 + * fix missing translated apt.8 manpages, thanks to Helge Kreutzmann + for the report. Closes: #696923 + * apt-pkg/contrib/progress.cc: + - Make "..." translatable to fix inconsistencies in the output + of e.g. apt-get update. While this adds new translatable strings, + not having translations for them will not break anything. + Thanks to Guillem Jover. Closes: #696225 + * debian/apt.cron.daily: + - when reading from /dev/urandom, use less entropy and fix a rare + bug when the random number chksum is less than 1000. + Closes: #695285 + * methods/https.cc: + - reuse connection in https, thanks to Thomas Bushnell, BSG for the + patch. LP: #1087543, Closes: #695359 + - add missing curl_easy_cleanup() + * methods/http.cc: + - quote spaces in filenames to ensure as the http method is also + (potentially) used for non deb,dsc content that may contain + spaces, thanks to Daniel Hartwig and Thomas Bushnell + (LP: #1086997) + - quote plus in filenames to work around a bug in the S3 server + (LP: #1003633) + * apt-pkg/indexrecords.cc: + - support '\r' in the Release file + + [ David Kalnischkies ] + * apt-pkg/depcache.cc: + - prefer to install packages which have an already installed M-A:same + sibling while choosing providers (LP: #1130419) + + -- Michael Vogt Fri, 01 Mar 2013 14:16:42 +0100 + +apt (0.9.7.7) unstable; urgency=low + + [ Program translation updates ] + * Catalan (Jordi Mallach) + * Drop a confusing non-breaking space. Closes: #691024 + * Thai (Theppitak Karoonboonyanan). Closes: #691613 + * Vietnamese (Trần Ngọc Quân). Closes: #693773 + * Fix Plural forms in German, French, Japanese and Portuguese + translations. Thanks to Jakub Wilk for reporting these errors. + + [ David Kalnischkies ] + * apt-pkg/packagemanager.cc: + - do not do lock-step configuration for a M-A:same package if it isn't + unpacked yet in SmartConfigure and do not unpack a M-A:same package + again in SmartUnPack if we have already configured it (LP: #1062503) + * apt-pkg/depcache.cc: + - don't call MarkInstall with the FromUser flag set for packages + which are dependencies of APT::Never-MarkAuto-Sections matchers + - no mode changes should obviously be ok for pkgDepCache::IsModeChangeOk + * cmdline/apt-get.cc: + - do not call Mark{Install,Delete} from the autoremove code with + the FromUser bit set to avoid modifying the auto-installed bit + * apt-pkg/algorithms.cc: + - ensure pkgProblemResolver calls MarkDelete without FromUser set + so that it can't overrule holds and the protection flag + + [ Michael Vogt ] + * change permissions of /var/log/apt/term.log to 0640 (LP: #975199) + + [ Jonathan Thomas ] + * apt-pkg/algorithms.cc: + - fix package-pointer array memory leak in ResolveByKeepInternal() + + -- Michael Vogt Thu, 13 Dec 2012 09:52:19 +0100 + +apt (0.9.7.6) unstable; urgency=low [ Program translation updates ] * Ukrainian (A. Bondarenko) @@ -12,8 +292,8 @@ apt (0.9.7.6) UNRELEASED; urgency=low as it is used for arch:all packages as a map to arch:native. Otherwise arch comparisons later will see differences (Closes: #689323) * apt-pkg/pkgcache.cc: - - ignore negative dependencies applying in the same group for - M-A:same packages on the real package name as self-conflicts + - ignore negative dependencies applying in the same group for M-A:same + packages on the real package name as self-conflicts (Closes: #688863) * cmdline/apt-cache.cc: - print versioned dependency relations in (r)depends if the option APT::Cache::ShowVersion is true (default: false) as discussed in @@ -25,8 +305,16 @@ apt (0.9.7.6) UNRELEASED; urgency=low * apt-pkg/policy.cc: - match pins with(out) an architecture as we do on the commandline (partly fixing #687255, b= support has to wait for jessie) + * apt-pkg/contrib/netrc.cc: + - remove the 64 char limit for login/password in internal usage + - remove 256 char line limit by using getline() (POSIX.1-2008) + + [ Colin Watson ] + * apt-pkg/pkgcachegen.cc: + - Fix crash if the cache is remapped while writing a Provides version + (LP: #1066445). - -- David Kalnischkies Wed, 19 Sep 2012 11:29:56 +0200 + -- Michael Vogt Tue, 16 Oct 2012 18:08:53 +0200 apt (0.9.7.5) unstable; urgency=low