HCoop / ntk / apt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 032ad73) | patch
* apt-pkg/acquire-item.cc:
authorMichael Vogt <egon@debian-devbox>
Tue, 6 Mar 2012 16:22:44 +0000 (17:22 +0100)
committerMichael Vogt <egon@debian-devbox>
Tue, 6 Mar 2012 16:22:44 +0000 (17:22 +0100)
commitb7a6594d1e5ed199a7a472b78b33e070375d6f92
treebc48e5e11c76282abe9fee5baef949181cbc9caetree | snapshot (tar.gz zip)
parent032ad7384e4529d95966a9c88fd5e11dd11c31f3commit | diff
* apt-pkg/acquire-item.cc:
  - remove 'old' InRelease file if we can't get a new one before
    proceeding with Release.gpg to avoid the false impression of a still
    trusted repository by a (still present) old InRelease file.
    Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)
apt-pkg/acquire-item.cc diff | blob | blame | history
debian/changelog diff | blob | blame | history
test/integration/test-releasefile-verification diff | blob | blame | history
ntk's bugfix for apt