lp:ubuntu/maverick-security/apt

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/maverick-security/apt
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

125. By Marc Deslauriers

* SECURITY UPDATE: sensitive information disclosure via incorrect
  hostname validation (LP: #868353)
  - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
  - CVE-2011-3634
* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
  - cmdline/apt-key: improve key validation.

124. By Marc Deslauriers

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is insecure. (LP: #856489)
  - cmdline/apt-key: exit immediately out of net_update().
  - CVE number pending

123. By Michael Vogt

[ David Kalnischkies ]
* apt-pkg/depcache.cc:
  - do not remove packages which the user requested for installation
    explicitly while satisfying other install requests (Closes: #598669)
  Test case: debootstrap, install exim4, run "apt-get install postfix"
  This will result in exim4-heavy instead of postfix

122. By Michael Vogt

[ Michael Vogt ]
* debian/apt.cron.daily:
  - source /etc/default/locale (if available) so that the
    apt-get update cron job fetches the right translated package
    descriptions (LP: #652951)

[ David Kalnischkies ]
* apt-pkg/depcache.cc:
  - do not check endpointer packages instead of only those which prevented
    NeverAutoRemove settings from having an effect (Closes: #598452)
* cmdline/apt-cache.cc:
  - use the TranslatedDescription for searching and not the first
    available one as it is maybe not an expected language (Closes: #597925)

121. By Michael Vogt

* debian/apt.dirs:
  - add missing /usr/share/apt so that the keyring is installed
    into the right place (LP: #620576)

120. By Michael Vogt

merged lp:~mvo/apt/conflicts-on-virtuals to better deal
with conflicts/breaks against virtual packages (LP: #614993)

119. By Michael Vogt

* merged fixes from debian-sid

[ Michael Vogt ]
* apt-pkg/contrib/cdromutl.cc:
  - if apt-cdrom is used on writable media (like usb-sticks), do
    not use the root directory to identify the medium (as all
    changes there change the ident id). Use the .disk directory
    instead

[ David Kalnischkies ]
* ftparchive/writer.cc:
  - null the valid string instead of the date if Valid-Until is not set
* apt-pkg/acquire-item.cc:
  - use also unsigned Release files again (Closes: #596189)

[ Christian Perrier ]
* Fix missing space after dot in a message from apt-pkg
  Translations unfuzzied. Thanks to Holger Wansing.

118. By Michael Vogt

* ftparchive/writer.cc:
  - write out {Files,Checksum-Sha1,Checksum-Sha256} only if
    available LP: #633967. Thanks to Colin Watson

117. By Michael Vogt

* merged fixes from debian-sid
* debian/rules:
  - put ubuntu-archive.gpg back into the package (LP: #620576)
* apt-pkg/init.cc:
  - ignore ".distUpgrade" and ".save" files in sources.list.d
    (LP: #631770)

116. By Michael Vogt

* merged fixes from the debian-sid bzr branch:

[ Programs translations ]
* Simplified Chinese (Aron Xu). Closes: #594458
* Bulgarian (Damyan Ivanov). Closes: #594627
* Portuguese (Miguel Figueiredo). Closes: #594668
* Korean (Changwoo Ryu). Closes: #594809

[ Manpages translations ]
* Portuguese (Américo Monteiro)

[ David Kalnischkies ]
* cmdline/apt-cache.cc:
  - remove useless GetInitialize method
* cmdline/apt-get.cc:
  - remove direct calls of ReadMainList and use the wrapper instead
    to protect us from useless re-reads and two-times notice display
  - remove death code by removing unused GetInitialize
* apt-pkg/depcache.cc:
  - now that apt-get purge works on 'rc' packages let the MarkDelete
    pass this purge forward to the non-pseudo package for pseudos
* apt-pkg/contrib/fileutl.cc:
  - apply SilentlyIgnore also on files without an extension
* apt-pkg/contrib/configuration.cc:
  - fix autoremove by using correct config-option name and
    don't make faulty assumptions in error handling (Closes: #594689)
* apt-pkg/versionmatch.cc:
  - let the pin origin actually work as advertised in the manpage
    which means "" are optional and pinning a local archive does
    work - even if it is a non-flat archive (Closes: #594435)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/oneiric/apt
This branch contains Public information 
Everyone can see this information.

Subscribers