]>
git.saurik.com Git - apt.git/log
Michael Vogt [Thu, 6 Jun 2013 16:20:35 +0000 (18:20 +0200)]
Fix double free (closes: #711045)
* Fix double free (closes: #711045)
* Fix crash when the "mirror" method does not find any entry
(closes: #699303)
Michael Vogt [Thu, 6 Jun 2013 16:17:14 +0000 (18:17 +0200)]
fix double free (closes: #711045)
Michael Vogt [Thu, 16 May 2013 21:12:37 +0000 (23:12 +0200)]
* buildlib/apti18n.h.in:
- fix build failure when building without NLS (closes: #671587)
Michael Vogt [Thu, 16 May 2013 20:38:21 +0000 (22:38 +0200)]
debian/gbp.conf: add debian-tag key to ensure git-dch works
Julian Andres Klode [Thu, 16 May 2013 20:34:04 +0000 (22:34 +0200)]
Update changelog to include Vcs-* changes
Christian PERRIER [Thu, 16 May 2013 20:28:52 +0000 (22:28 +0200)]
French translation : typo fix. Closes: #677272
Guillem Jover [Thu, 16 May 2013 17:45:25 +0000 (19:45 +0200)]
Update Vcs fields
Use the canonical URLs. Rename Vcs-Bzr to Vcs-Git and use the more
efficient git protocol instead of http. Point Vcs-Browser to the
gitweb interface.
Michael Vogt [Thu, 16 May 2013 13:30:23 +0000 (15:30 +0200)]
add export-dir and debian-branch
Michael Vogt [Thu, 16 May 2013 13:02:24 +0000 (15:02 +0200)]
update .gitignore
Michael Vogt [Thu, 16 May 2013 12:58:56 +0000 (14:58 +0200)]
prepare upload
Michael Vogt [Thu, 16 May 2013 12:31:14 +0000 (14:31 +0200)]
merged previous bzr commit
Michael Vogt [Thu, 16 May 2013 12:22:12 +0000 (14:22 +0200)]
moved to git, updated gbp.conf to match the bzr version
David Kalnischkies [Sat, 11 May 2013 08:10:07 +0000 (10:10 +0200)]
non-inline RunGPGV methods to restore ABI compatibility with previous versions to fix partial upgrades (Closes: #707771)
The rename in 0.9.7.9~exp2 moved the method body to the class definition
which means it became inline, which isn't ABI compatibile. The reverse of
moving inline to non-inline is safe though.
Michael Vogt [Thu, 16 May 2013 09:35:32 +0000 (11:35 +0200)]
rebuild po
Michael Vogt [Thu, 16 May 2013 09:34:38 +0000 (11:34 +0200)]
add .gitignore and gbp.conf
Michael Vogt [Wed, 8 May 2013 16:58:29 +0000 (18:58 +0200)]
releasing version 0.9.8
Michael Vogt [Wed, 8 May 2013 16:58:10 +0000 (18:58 +0200)]
fix uri test
Michael Vogt [Wed, 8 May 2013 16:57:09 +0000 (18:57 +0200)]
refresh translations
Michael Vogt [Wed, 8 May 2013 15:50:15 +0000 (17:50 +0200)]
merged patch from Daniel Hartwig to fix URI and proxy releated issues
Michael Vogt [Wed, 8 May 2013 15:48:31 +0000 (17:48 +0200)]
merged from the debian-wheezy branch
Michael Vogt [Wed, 8 May 2013 15:46:31 +0000 (17:46 +0200)]
* apt-pkg/algorithms.cc:
- Do not propagate negative scores from rdepends. Propagating the absolute
value of a negative score may boost obsolete packages and keep them
installed instead of installing their successors. (Closes: #699759)
Michael Vogt [Wed, 8 May 2013 15:45:17 +0000 (17:45 +0200)]
properly handle if-modfied-since with libcurl/https
(closes: #705648)
bubulle@debian.org [Wed, 10 Apr 2013 09:28:11 +0000 (11:28 +0200)]
Fix English spelling error in a message ('A error'). Unfuzzy
translations. Closes: #705087
bubulle@debian.org [Tue, 9 Apr 2013 05:59:33 +0000 (07:59 +0200)]
Changelog entry for translation fixes
bubulle@debian.org [Tue, 9 Apr 2013 05:58:34 +0000 (07:58 +0200)]
Complete French translation
bubulle@debian.org [Tue, 9 Apr 2013 05:56:45 +0000 (07:56 +0200)]
Complete translation
bubulle@debian.org [Tue, 9 Apr 2013 05:54:52 +0000 (07:54 +0200)]
Reformat PO file
bubulle@debian.org [Tue, 9 Apr 2013 05:54:11 +0000 (07:54 +0200)]
Fix typo
Michael Vogt [Mon, 8 Apr 2013 15:30:18 +0000 (17:30 +0200)]
releasing version 0.9.7.9~exp3
Michael Vogt [Mon, 8 Apr 2013 15:29:47 +0000 (17:29 +0200)]
po: refresh
Michael Vogt [Mon, 8 Apr 2013 13:38:45 +0000 (15:38 +0200)]
merged bundle from david
Michael Vogt [Mon, 8 Apr 2013 06:45:06 +0000 (08:45 +0200)]
merged lp:~mvo/apt/add-missing-dsc-hashes
Michael Vogt [Mon, 8 Apr 2013 06:41:51 +0000 (08:41 +0200)]
* debian/control:
- replace manpages-it (closes: #704723)
Michael Vogt [Thu, 4 Apr 2013 16:22:16 +0000 (18:22 +0200)]
* apt-pkg/sourcelist.cc:
- fix segfault when a hostname contains a [, thanks to
Tzafrir Cohen (closes: #704653)
David Kalnischkies [Wed, 3 Apr 2013 17:43:03 +0000 (19:43 +0200)]
share version strings between same versions (of different architectures)
to save some space and allow quick comparisions later on
David Kalnischkies [Wed, 3 Apr 2013 17:34:47 +0000 (19:34 +0200)]
* apt-pkg/cacheiterators.h:
- provide DepIterator::IsSatisfied as a nicer shorthand for DepCheck
Michael Vogt [Wed, 3 Apr 2013 12:40:08 +0000 (14:40 +0200)]
releasing version 0.9.7.9~exp2
Michael Vogt [Wed, 3 Apr 2013 12:39:40 +0000 (14:39 +0200)]
po/*: refreshed
Michael Vogt [Wed, 3 Apr 2013 12:19:34 +0000 (14:19 +0200)]
apt-pkg/contrib/gpgv.cc: fix InRelease check
David Kalnischkies [Wed, 3 Apr 2013 10:44:36 +0000 (12:44 +0200)]
- sort group and package names in the hashtable on insert
* apt-pkg/pkgcache.cc:
- assume sorted hashtable entries for groups/packages
Michael Vogt [Tue, 2 Apr 2013 13:20:16 +0000 (15:20 +0200)]
merged lp:~mvo/apt/fix-inrelease5
Michael Vogt [Tue, 2 Apr 2013 13:08:34 +0000 (15:08 +0200)]
po/{ca,cs,ru}.po: fix merge artifacts harder
David Kalnischkies [Mon, 1 Apr 2013 21:27:16 +0000 (23:27 +0200)]
micro-optimize and enhance readability of ListParser::VersionHash
David Kalnischkies [Mon, 1 Apr 2013 13:41:02 +0000 (15:41 +0200)]
equal comparisions are used mostly in same-source relations,
so use this to try to reuse some version strings
David Kalnischkies [Mon, 1 Apr 2013 11:19:43 +0000 (13:19 +0200)]
* apt-pkg/deb/debversion.cc:
- add a string-equal shortcut for equal version comparisions
Michael Vogt [Tue, 26 Mar 2013 13:54:31 +0000 (14:54 +0100)]
merge stuff from donkult
Michael Vogt [Mon, 25 Mar 2013 12:55:07 +0000 (13:55 +0100)]
* doc/apt.conf.5.xml:
- document Acquire::ForceIPv{4,6}
Michael Vogt [Mon, 25 Mar 2013 08:03:48 +0000 (09:03 +0100)]
* methods/connect.cc:
- use Errno() instead of strerror(), thanks to David Kalnischk
Michael Vogt [Mon, 25 Mar 2013 07:56:42 +0000 (08:56 +0100)]
merge patches from daniel to fix merge artifact and test failure
Michael Vogt [Mon, 25 Mar 2013 07:52:20 +0000 (08:52 +0100)]
merge patch from Daniel Hartwig
bubulle@debian.org [Sun, 24 Mar 2013 07:58:27 +0000 (08:58 +0100)]
* Update all PO files and apt-all.pot
* French translation completed (Christian Perrier)
bubulle@debian.org [Sun, 24 Mar 2013 07:54:14 +0000 (08:54 +0100)]
Update POT and PO files
Michael Vogt [Fri, 22 Mar 2013 21:10:02 +0000 (22:10 +0100)]
releasing version 0.9.7.9~exp1
Michael Vogt [Fri, 22 Mar 2013 20:53:30 +0000 (21:53 +0100)]
prepare upload
Michael Vogt [Fri, 22 Mar 2013 20:52:42 +0000 (21:52 +0100)]
merged lp:~mvo/apt/fix-tagfile-hash
Michael Vogt [Fri, 22 Mar 2013 20:49:22 +0000 (21:49 +0100)]
merged the debian-wheezy branch
Michael Vogt [Fri, 22 Mar 2013 20:46:53 +0000 (21:46 +0100)]
add new config options "Acquire::ForceIPv4" and
"Acquire::ForceIPv6" to allow focing one or the other
(closes: #611891)
bubulle@debian.org [Fri, 22 Mar 2013 06:17:05 +0000 (07:17 +0100)]
Turkish (Mert Dirik). Closes: #703526
Michael Vogt [Thu, 21 Mar 2013 15:18:58 +0000 (16:18 +0100)]
merge patch from Colin to fix error message from getaddrinfo() (#703603)
Michael Vogt [Wed, 20 Mar 2013 11:18:16 +0000 (12:18 +0100)]
apt-pkg/edsp.cc: do not use stderr in WriteSolution at all
Michael Vogt [Wed, 20 Mar 2013 11:17:05 +0000 (12:17 +0100)]
apt-pkg/edsp.cc: do not spam stderr in WriteSolution
David Kalnischkies [Tue, 19 Mar 2013 11:37:50 +0000 (12:37 +0100)]
support dash-escaped text in clearsigned files as implementations are
free to escape all lines (we have no lines in our files which need
to be escaped as these would be invalid fieldnames) and while ExecGPGV
would detect dash-escaped text as invalid (as its not expected in
messages with detached signatures) it would be possible to "comment"
lines in (signed) dsc files which are only parsed but not verified
David Kalnischkies [Tue, 19 Mar 2013 09:49:57 +0000 (10:49 +0100)]
use FileFd instead of int fds to tidy up the interface a bit
David Kalnischkies [Mon, 18 Mar 2013 21:57:08 +0000 (22:57 +0100)]
* apt-pkg/deb/debindexfile.cc,
apt-pkg/deb/deblistparser.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc and Release files
We can't write a "clean" file to disk as not all acquire methods copy
Release files before checking them (e.g. cdrom), so this reverts recombining,
but uses the method we use for dsc files also in the two places we
deal with Release files
David Kalnischkies [Mon, 18 Mar 2013 18:36:55 +0000 (19:36 +0100)]
- add method to open (maybe) clearsigned files transparently
* ftparchive/writer.cc:
- use OpenMaybeClearSignedFile to be free from detecting and
skipping clearsigning metadata in dsc files
David Kalnischkies [Mon, 18 Mar 2013 16:06:51 +0000 (17:06 +0100)]
rename testcase to mention CVE number, make the code more consistent with
the rest and add some more tests (by fixing commented ones)
Michael Vogt [Mon, 18 Mar 2013 12:52:43 +0000 (13:52 +0100)]
test/libapt/tagfile_test.cc: add missing "unistd.h" (thanks to Niels Thykier)
Michael Vogt [Mon, 18 Mar 2013 11:10:35 +0000 (12:10 +0100)]
fix pkgTagSection::Exists() and add test
Michael Vogt [Mon, 18 Mar 2013 10:46:20 +0000 (11:46 +0100)]
test/integration/framework: use EXIT_CODE to be consistent with the run-tests code
Michael Vogt [Mon, 18 Mar 2013 10:38:19 +0000 (11:38 +0100)]
report failures via exit and ensure we don't overflow
Michael Vogt [Mon, 18 Mar 2013 07:08:37 +0000 (08:08 +0100)]
* test/integration/framework:
- continue after test failure but preserve exit status
Michael Vogt [Sun, 17 Mar 2013 18:51:02 +0000 (19:51 +0100)]
* test/libapt/assert.h, test/libapt/run-tests:
- exit with status 1 on test failure
David Kalnischkies [Sat, 16 Mar 2013 11:40:43 +0000 (12:40 +0100)]
ensure that we fclose/unlink/free in the new gpg-code as soon as possible
Michael Vogt [Sat, 16 Mar 2013 09:08:28 +0000 (10:08 +0100)]
add testcase and update changelog
Michael Vogt [Sat, 16 Mar 2013 08:15:46 +0000 (09:15 +0100)]
merged from davids bundle
David Kalnischkies [Fri, 15 Mar 2013 17:53:53 +0000 (18:53 +0100)]
- if ExecGPGV deals with a clear-signed file it will split this file
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
Michael Vogt [Fri, 15 Mar 2013 13:57:27 +0000 (14:57 +0100)]
split out a method to strip whitespaces only on the right side
David Kalnischkies [Fri, 15 Mar 2013 13:55:43 +0000 (14:55 +0100)]
* apt-pkg/acquire-item.cc:
- keep the last good InRelease file around just as we do it with
Release.gpg in case the new one we download isn't good for us
David Kalnischkies [Fri, 15 Mar 2013 13:49:05 +0000 (14:49 +0100)]
don't close stdout/stderr if it is also the statusfd
David Kalnischkies [Fri, 15 Mar 2013 13:29:46 +0000 (14:29 +0100)]
* apt-pkg/contrib/gpgv.cc:
- ExecGPGV is a method which should never return, so mark it as such
and fix the inconsistency of returning in error cases
David Kalnischkies [Fri, 15 Mar 2013 13:17:01 +0000 (14:17 +0100)]
* apt-pkg/indexcopy.cc:
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
Michael Vogt [Thu, 14 Mar 2013 13:26:43 +0000 (14:26 +0100)]
* SECURITY UPDATE: InRelease verification bypass
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
David Kalnischkies [Wed, 13 Mar 2013 18:00:19 +0000 (19:00 +0100)]
factor version string creation out of NewDepends, so we can easily reuse
version strings e.g. for implicit multi-arch dependencies
David Kalnischkies [Tue, 12 Mar 2013 22:47:48 +0000 (23:47 +0100)]
handle language tags for descriptions are unique strings to be shared
David Kalnischkies [Tue, 12 Mar 2013 22:28:16 +0000 (23:28 +0100)]
* apt-pkg/pkgcachegen.cc:
- do not store the MD5Sum for every description language variant as
it will be the same for all so it can be shared to save cache space
David Kalnischkies [Sun, 10 Mar 2013 11:24:13 +0000 (12:24 +0100)]
various simple changes to fix cppcheck warnings
Michael Vogt [Fri, 1 Mar 2013 18:20:53 +0000 (19:20 +0100)]
releasing version 0.9.7.8~exp2
Michael Vogt [Fri, 1 Mar 2013 18:04:15 +0000 (19:04 +0100)]
merged lp:~mvo/apt/hash-order
Michael Vogt [Fri, 1 Mar 2013 17:50:59 +0000 (18:50 +0100)]
include two missing patches to really fix bug #696225, thanks to
Guillem Jover
Michael Vogt [Fri, 1 Mar 2013 13:55:19 +0000 (14:55 +0100)]
releasing version 0.9.7.8~exp1
Michael Vogt [Fri, 1 Mar 2013 11:48:07 +0000 (12:48 +0100)]
merged lp:~donkult/apt/sid
Michael Vogt [Fri, 1 Mar 2013 11:17:08 +0000 (12:17 +0100)]
add changelog
Michael Vogt [Fri, 1 Mar 2013 11:12:05 +0000 (12:12 +0100)]
add changelog
David Kalnischkies [Sun, 24 Feb 2013 15:20:43 +0000 (16:20 +0100)]
* apt-pkg/depcache.cc:
- prefer to install packages which have an already installed M-A:same
sibling while choosing providers (LP: #
1130419 )
bubulle@debian.org [Tue, 5 Feb 2013 06:00:04 +0000 (07:00 +0100)]
Japanese (Kenshi Muto). Closes: #699783
Michael Vogt [Fri, 1 Feb 2013 06:07:33 +0000 (07:07 +0100)]
add a integration test for bug
1078697
Michael Vogt [Thu, 31 Jan 2013 13:41:41 +0000 (14:41 +0100)]
merge patch apt_0.9.7.7ubuntu2~md1.debdiff, thanks to Marc Deslauriers
Michael Vogt [Thu, 24 Jan 2013 17:55:44 +0000 (18:55 +0100)]
* apt-pkg/indexrecords.cc:
- support '\r' in the Release file
Michael Vogt [Thu, 24 Jan 2013 17:52:25 +0000 (18:52 +0100)]
quote plus in filenames to work around a bug in the S3 server
(LP: #
1003633 )
Michael Vogt [Mon, 14 Jan 2013 05:31:51 +0000 (06:31 +0100)]
ensure sha512 is really used when available (thanks to Tyler Hicks )