David Kalnischkies [Thu, 11 Aug 2011 17:20:53 +0000 (19:20 +0200)]
fix some cppcheck: (warning) Member variable is not initialized in the constructor.
David Kalnischkies [Thu, 11 Aug 2011 16:42:19 +0000 (18:42 +0200)]
cppcheck is right that the check for preventing null deference of Query
is redundant in Redirect() as we can't reach the code with null anyway
[apt-pkg/acquire-method.cc:433]: (error) Possible null pointer dereference:
Queue - otherwise it is redundant to check if Queue is null at line 425
Michael Vogt [Fri, 5 Aug 2011 10:29:40 +0000 (12:29 +0200)]
* test/integration/test-hashsum-verification:
- add regression test for hashsum verification
* apt-pkg/acquire-item.cc:
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
Michael Vogt [Fri, 5 Aug 2011 10:26:35 +0000 (12:26 +0200)]
* apt-pkg/acquire-item.cc:
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
Michael Vogt [Fri, 5 Aug 2011 09:49:59 +0000 (11:49 +0200)]
* test/integration/test-hashsum-verification:
- add regression test for hashsum verification
Michael Vogt [Mon, 1 Aug 2011 11:57:28 +0000 (13:57 +0200)]
merged from lp:~mvo/apt/mvo
Michael Vogt [Mon, 1 Aug 2011 10:57:04 +0000 (12:57 +0200)]
apt-pkg/pkgcachegen.cc: copy Arch to avoid segfault on cache remap
Michael Vogt [Fri, 29 Jul 2011 13:45:06 +0000 (15:45 +0200)]
merged from debian-sid
Michael Vogt [Fri, 29 Jul 2011 11:37:33 +0000 (13:37 +0200)]
* apt-pkg/pkgcachegen.{cc,h}:
- use ref-to-ptr semantic in NewDepends() to ensure that the
libapt does not segfault if the cache is remapped in between
(LP: #812862)
Michael Vogt [Thu, 28 Jul 2011 14:56:33 +0000 (16:56 +0200)]
releasing version 0.8.15.5
Michael Vogt [Thu, 28 Jul 2011 13:16:18 +0000 (15:16 +0200)]
* apt-pkg/contrib/fileutl.{cc,h}:
- add GetModificationTime() helper
* apt-pkg/pkgcachegen.cc:
- regenerate the cache if the sources.list changes to ensure
that changes in the ordering there will be honored by apt
* apt-pkg/sourcelist.{cc,h}:
- add pkgSourceList::GetLastModifiedTime() helper
Michael Vogt [Thu, 28 Jul 2011 07:28:29 +0000 (09:28 +0200)]
merged from lp:~donkult/apt/sid
David Kalnischkies [Wed, 27 Jul 2011 21:50:55 +0000 (23:50 +0200)]
* apt-pkg/deb/deblistparser.cc:
- do not assume that the last char on a line is a \n (Closes: #633350)
Michael Vogt [Tue, 26 Jul 2011 10:23:04 +0000 (12:23 +0200)]
releasing version 0.8.15.4
Michael Vogt [Tue, 26 Jul 2011 10:10:00 +0000 (12:10 +0200)]
refresh po/*
Michael Vogt [Tue, 26 Jul 2011 10:02:40 +0000 (12:02 +0200)]
merged from lp:~mvo/apt/mvo
Michael Vogt [Tue, 26 Jul 2011 09:57:16 +0000 (11:57 +0200)]
merged from lp:~donkult/apt/sid
Michael Vogt [Tue, 26 Jul 2011 09:52:42 +0000 (11:52 +0200)]
fix typos in changelog, make DeEscapeString const, improve description
Michael Vogt [Tue, 26 Jul 2011 09:10:47 +0000 (11:10 +0200)]
add another escape test case, fixup octal one (its \0XX instead of \0XXX)
Michael Vogt [Tue, 26 Jul 2011 08:50:43 +0000 (10:50 +0200)]
apt-pkg/contrib/strutl.cc: kill unneeded debug output
Michael Vogt [Tue, 26 Jul 2011 08:49:28 +0000 (10:49 +0200)]
* apt-pkg/contrib/strutl.{h,cc}, test/libapt/strutil_test.cc:
- add new DeEscapeString() similar to DeQuoteQuotedWord but
unescape charackter escapes like \0XXX and \xXX (plus add test)
David Miller [Tue, 26 Jul 2011 07:00:10 +0000 (09:00 +0200)]
* apt-pkg/contrib/sha1.cc:
- fix illegally casts of on-stack buffer to a type requiring more
alignment than it has resulting in segfaults on sparc (Closes: #634696)
The problem is how sha1.cc codes the SHA1 transform, it illegally
casts the on-stack workspace buffer to a type requiring more
alignment than 'workspace' is actually declared to have.
This only shows up recently because gcc-4.6 now does a really
aggressive optimization where it gets rid of the workspace
buffer entirely and just accesses 'buffer' directly, and assumes
it has the necessary alignment for 32-bit loads (which it
doesn't).
Michael Vogt [Mon, 25 Jul 2011 14:53:18 +0000 (16:53 +0200)]
* apt-pkg/contrib/cdromutl.cc:
- fix escape problem when looking for the mounted devices
Michael Vogt [Mon, 25 Jul 2011 13:55:31 +0000 (15:55 +0200)]
releasing version 0.8.15.3
Michael Vogt [Mon, 25 Jul 2011 13:54:03 +0000 (15:54 +0200)]
merged from lp:~donkult/apt/sid
David Kalnischkies [Mon, 25 Jul 2011 12:40:22 +0000 (14:40 +0200)]
implement MultiarchCross for build-dep and source (Closes: #632221)
David Kalnischkies [Mon, 25 Jul 2011 11:55:23 +0000 (13:55 +0200)]
the order of languages after "none" is not important, so ignore it in tests
David Kalnischkies [Mon, 25 Jul 2011 11:40:50 +0000 (13:40 +0200)]
update the testcase to reflect that native is always on top if
it is not in the config provided list of Architectures
David Kalnischkies [Mon, 25 Jul 2011 10:52:50 +0000 (12:52 +0200)]
* apt-pkg/deb/deblistparser.cc:
- Strip only :any and :native if MultiArch should be stripped as it is
save to ignore them in non-MultiArch contexts but if the dependency
is a specific architecture (and not the native) do not strip
David Kalnischkies [Mon, 25 Jul 2011 10:37:06 +0000 (12:37 +0200)]
* apt-pkg/aptconfiguration.cc:
- ensure that native architecture is if not specified otherwise the
first architecture in the Architectures vector
David Kalnischkies [Sun, 24 Jul 2011 17:37:49 +0000 (19:37 +0200)]
move debug message about attempt install/remove to the responsible method
David Kalnischkies [Sun, 24 Jul 2011 17:26:38 +0000 (19:26 +0200)]
alternatively check in a versioned depends if the candidate is good
The old code used to do move on to versions behind the candidate in
cases the candidate wasn't a match, but as the Install request later
always installs the candidate (witch wasn't switched) this could have
never worked - and shouldn't in most cases anyway as:
a) it could only work for <, <=, != depends which are unusal
b) doesn't respect pinning, so it could install -1 versions
David Kalnischkies [Sun, 24 Jul 2011 17:15:20 +0000 (19:15 +0200)]
after this consider providing packages (if it is not a versioned dep)
David Kalnischkies [Sun, 24 Jul 2011 17:06:01 +0000 (19:06 +0200)]
move the detection for installed versions up as it is the easiest case
David Kalnischkies [Sun, 24 Jul 2011 17:04:18 +0000 (19:04 +0200)]
first round of reorder code without changing result
David Kalnischkies [Sun, 24 Jul 2011 17:03:15 +0000 (19:03 +0200)]
buildconflicts effect all architectures
David Kalnischkies [Sat, 23 Jul 2011 09:50:49 +0000 (11:50 +0200)]
you want to be nice and quote a filename just to be reminded by gpg
that it doesn't like that… remove superficial quoting to fix apt-key
Michael Vogt [Fri, 22 Jul 2011 14:01:00 +0000 (16:01 +0200)]
merged from donkult
Michael Vogt [Fri, 22 Jul 2011 09:13:48 +0000 (11:13 +0200)]
merged from the mvo branch
Michael Vogt [Fri, 22 Jul 2011 09:12:14 +0000 (11:12 +0200)]
* cmdline/apt-get.cc:
- fix missing download progress in apt-get download
David Kalnischkies [Sat, 16 Jul 2011 14:48:03 +0000 (16:48 +0200)]
* apt-pkg/policy.cc:
- emit an error on unknown APT::Default-Release value (Closes: #407511)
David Kalnischkies [Sat, 16 Jul 2011 12:57:37 +0000 (14:57 +0200)]
do not require unused partial dirs in 'source' (Closes: #633510)
John Feuerstein [Sat, 16 Jul 2011 12:37:52 +0000 (14:37 +0200)]
* doc/apt-cache.8.xml:
- apply madison typofix from John Feuerstein, thanks! (Closes: #633455)
David Kalnischkies [Sat, 16 Jul 2011 12:21:51 +0000 (14:21 +0200)]
* cmdline/apt-key:
- use a tmpfile instead of /etc/apt/secring.gpg (Closes: #632596)
* debian/apt.postinst:
- remove /etc/apt/secring.gpg if it is an empty file
Michael Vogt [Fri, 15 Jul 2011 08:39:58 +0000 (10:39 +0200)]
apt-pkg/contrib/configuration.cc: revert Configuration::Set() ABI break
Michael Vogt [Fri, 15 Jul 2011 07:45:33 +0000 (09:45 +0200)]
merged from lp:~donkult/apt/sid
David Kalnischkies [Fri, 15 Jul 2011 07:33:36 +0000 (09:33 +0200)]
* apt-pkg/depcache.cc:
- change default of APT::AutoRemove::SuggestsImportant to true
David Kalnischkies [Thu, 14 Jul 2011 19:28:50 +0000 (21:28 +0200)]
merge with debian-sid 0.8.15.2
Michael Vogt [Thu, 14 Jul 2011 09:30:02 +0000 (11:30 +0200)]
merged from the mvo branch and add proper changelog
Michael Vogt [Thu, 14 Jul 2011 09:20:28 +0000 (11:20 +0200)]
merged from debian-sid
Michael Vogt [Thu, 14 Jul 2011 09:03:55 +0000 (11:03 +0200)]
make ResolveByKeep() more clever and hold back packages that would go into a broken policy state by the upgrade
Michael Vogt [Wed, 13 Jul 2011 17:02:10 +0000 (19:02 +0200)]
fix from David Kalnischkies for the InRelease gpg verification
code (LP: #784473)
Michael Vogt [Wed, 13 Jul 2011 11:47:25 +0000 (13:47 +0200)]
apt-pkg/aptconfiguration.h: fix copy/paste error in getCompressionTypes() description
David Kalnischkies [Wed, 6 Jul 2011 11:41:18 +0000 (13:41 +0200)]
* apt-pkg/init.cc:
- use CndSet in pkgInitConfig (Closes: #629617)
David Kalnischkies [Wed, 6 Jul 2011 10:46:29 +0000 (12:46 +0200)]
* cmdline/apt-get.cc:
- restore all important dependencies for garbage packages (LP: #806274)
David Kalnischkies [Tue, 5 Jul 2011 13:34:43 +0000 (15:34 +0200)]
* doc/apt.conf.5.xml:
- document APT::Architectures list (Closes: #612102)
David Kalnischkies [Tue, 5 Jul 2011 13:14:25 +0000 (15:14 +0200)]
* doc/sources.list.5.xml:
- document available [options] for sources.list entries (Closes: 632441)
Michael Vogt [Fri, 1 Jul 2011 13:10:28 +0000 (14:10 +0100)]
apt-pkg/acquire-item.cc: improve error message for valid-until
David Kalnischkies [Thu, 30 Jun 2011 12:24:59 +0000 (14:24 +0200)]
remove empty line dpkg-gensymbols complains about
David Kalnischkies [Thu, 30 Jun 2011 12:05:03 +0000 (14:05 +0200)]
* apt-pkg/pkgcachegen.cc:
- fallback to memory if file is not writeable even if access()
told us the opposite before (e.g. in fakeroot 1.16) (Closes: #630591)
David Kalnischkies [Thu, 30 Jun 2011 11:59:36 +0000 (13:59 +0200)]
merge with debian-sid 0.8.15.1
Michael Vogt [Thu, 30 Jun 2011 08:14:38 +0000 (10:14 +0200)]
releasing version 0.8.15.1
Michael Vogt [Thu, 30 Jun 2011 07:33:19 +0000 (08:33 +0100)]
* doc/makefile:
- create doxygen directory to avoid depending on magic (Closes: #628799)
* cmdline/apt-key:
- explicitly state that net-update is not supported if no url is set
- require to be root for add, rm, update and net-update
- clarify update vs. net-update in different distros (Closes: #632043)
* debian/apt.symbols:
- forgot 'mips' in the list for all architecture dependent symbols
- comment out gcc-4.5 specific symbols as gcc-4.6 is now default
- the symbol for PrintStatus() is architecture dependent
* apt-pkg/policy.cc:
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
- Defaults is a vector of Pin not of PkgPin
- ensure that only the first specific stanza for a package is used
- save all stanzas which had no effect in Unmatched
- allow package:architecure in Package:
David Kalnischkies [Wed, 29 Jun 2011 22:03:26 +0000 (00:03 +0200)]
allow package:architecure in Package:
David Kalnischkies [Wed, 29 Jun 2011 21:26:38 +0000 (23:26 +0200)]
- ensure that only the first specific stanza for a package is used
- save all stanzas which had no effect in Unmatched
David Kalnischkies [Wed, 29 Jun 2011 21:16:00 +0000 (23:16 +0200)]
Defaults is a vector of Pin not of PkgPin
David Kalnischkies [Wed, 29 Jun 2011 20:38:59 +0000 (22:38 +0200)]
* apt-pkg/policy.cc:
- do not segfault in pinning if a package with this name doesn't exist.
Thanks to Ferdinand Thommes for the report!
David Kalnischkies [Wed, 29 Jun 2011 16:46:20 +0000 (18:46 +0200)]
the symbol for PrintStatus() is architecture dependent
David Kalnischkies [Wed, 29 Jun 2011 16:46:01 +0000 (18:46 +0200)]
comment out gcc-4.5 specific symbols as gcc-4.6 is now default
David Kalnischkies [Wed, 29 Jun 2011 16:15:56 +0000 (18:15 +0200)]
* debian/apt.symbols:
- forgot 'mips' in the list for all architecture dependent symbols
David Kalnischkies [Wed, 29 Jun 2011 16:15:44 +0000 (18:15 +0200)]
clarify update vs. net-update in different distros (Closes: #632043)
David Kalnischkies [Wed, 29 Jun 2011 15:24:47 +0000 (17:24 +0200)]
require to be root for add, rm, update and net-update
David Kalnischkies [Wed, 29 Jun 2011 15:15:56 +0000 (17:15 +0200)]
* cmdline/apt-key:
- explicitly state that net-update is not supported if no url is set
David Kalnischkies [Wed, 29 Jun 2011 14:38:49 +0000 (16:38 +0200)]
* doc/makefile:
- create doxygen directory to avoid depending on magic (Closes: #628799)
David Kalnischkies [Wed, 29 Jun 2011 14:29:54 +0000 (16:29 +0200)]
merge with debian-sid release 0.8.15
Michael Vogt [Wed, 29 Jun 2011 10:15:35 +0000 (11:15 +0100)]
merged from debian-sid
Michael Vogt [Tue, 28 Jun 2011 16:49:01 +0000 (18:49 +0200)]
releasing version 0.8.15
Michael Vogt [Tue, 28 Jun 2011 16:00:07 +0000 (17:00 +0100)]
various typo and syntax corrections in doc/*.xml
Michael Vogt [Tue, 28 Jun 2011 15:27:48 +0000 (16:27 +0100)]
update symbol file (thanks to david)
Michael Vogt [Tue, 28 Jun 2011 14:51:33 +0000 (15:51 +0100)]
merged from lp:~mvo/apt/mvo
Michael Vogt [Tue, 28 Jun 2011 14:49:45 +0000 (15:49 +0100)]
merged from donkult
Michael Vogt [Tue, 28 Jun 2011 14:46:28 +0000 (15:46 +0100)]
change to 0.8.14.2
Michael Vogt [Tue, 28 Jun 2011 14:45:59 +0000 (15:45 +0100)]
cherry pick from donkult
Michael Vogt [Mon, 27 Jun 2011 08:46:41 +0000 (10:46 +0200)]
* apt-pkg/deb/dpkgpm.cc:
- set permissions of term.log to root.adm and 644 (LP: #404724)
bubulle@debian.org [Sat, 18 Jun 2011 11:56:21 +0000 (13:56 +0200)]
Catalan translation update (Jordi Mallach). Closes: #630657
bubulle@debian.org [Thu, 9 Jun 2011 20:48:35 +0000 (22:48 +0200)]
German documentation translation update (Chris Leick). Closes: #629949
Michael Vogt [Thu, 9 Jun 2011 12:02:03 +0000 (14:02 +0200)]
update changelog for the previous two commits
Michael Vogt [Thu, 9 Jun 2011 11:30:08 +0000 (13:30 +0200)]
apt-pkg/deb/debindexfile.cc: kill off another TranslationsAvailable() usage that is not needed
Michael Vogt [Thu, 9 Jun 2011 11:24:36 +0000 (13:24 +0200)]
apt-pkg/deb/debindexfile.cc: remove tests for TranslationsAvailable() as this will break adding translations to the cache if the current environment does not include the language (e.g. LANG=C but german translations). testing for existance of the file is the better approach
Michael Vogt [Thu, 9 Jun 2011 09:51:45 +0000 (11:51 +0200)]
* apt-pkg/deb/deblistparser.cc:
- include all known languages when building the apt cache
(LP: #794907)
Michael Vogt [Tue, 7 Jun 2011 11:21:47 +0000 (13:21 +0200)]
append the dist (e.g. sid, wheezy) as a query string when
asking for a suitable mirror
Michael Vogt [Tue, 7 Jun 2011 06:48:09 +0000 (08:48 +0200)]
* methods/mirror.cc:
- ignore lines starting with "#" in the mirror file
- ignore non http urls in the mirrors
David Kalnischkies [Mon, 6 Jun 2011 19:33:55 +0000 (21:33 +0200)]
revert 2114.1.12 as doxygen does this for use now
David Kalnischkies [Mon, 6 Jun 2011 19:29:16 +0000 (21:29 +0200)]
* apt-pkg/indexcopy.cc:
- Verify that the first line of an InRelease file is a PGP header
for a signed message. Otherwise a man-in-the-middle can prefix
a valid InRelease file with his own data! (CVE-2011-1829)
David Kalnischkies [Mon, 6 Jun 2011 19:23:00 +0000 (21:23 +0200)]
add a very dumb pause method to stop test-execution
Michael Vogt [Tue, 31 May 2011 08:56:06 +0000 (10:56 +0200)]
merge from lp:~mvo/apt/mvo
Michael Vogt [Tue, 31 May 2011 08:40:53 +0000 (10:40 +0200)]
apt-pkg/acquire-item.cc: only test packages file for correctness if its not empty (its ok to have empty packages files)
Michael Vogt [Tue, 31 May 2011 08:34:56 +0000 (10:34 +0200)]
merged from the debian branch
Julian Andres Klode [Mon, 30 May 2011 12:14:11 +0000 (14:14 +0200)]
Reject files known to be invalid (LP: #346386) (Closes: #627642)
Julian Andres Klode [Mon, 30 May 2011 12:04:01 +0000 (14:04 +0200)]
apt-pkg/acquire-item.cc: Reject files known to be invalid (LP: #346386) (Closes: #195301)
This commit deals with the following cases:
- First section of index file (Packages,Sources,Translation) without Package field
- Signed release files without GPG data (NODATA)
- i18n/Index files without hash sums
Handling unsigned Release files is more complicated, and the example code
using indexRecords is disabled as it can reject correct Release files
without hashes. How we can reliably check unsigned Release files is
another question, and not urgent anyway, as it should have no
dramatic effect (we could check that it is a valid RFC-822 section,
but that's a bit too long to write)