ubuntu/+source/apt:debian/wheezy

Last commit made on 2015-01-10
Get this branch:
git clone -b debian/wheezy https://git.launchpad.net/ubuntu/+source/apt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/wheezy
Repository:
lp:ubuntu/+source/apt

Recent commits

024547a... by Michael Vogt on 2014-10-17

Import patches-unapplied version 0.9.7.9+deb7u7 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: da6736b4ade4ec74bcf4f53a1262fd10280d4515

New changelog entries:
  [ David Kalnischkies ]
  * methods/http.cc:
    - retry without partial data after a 416 response (closes: 710924)

  [ Michael Vogt ]
  * debian/rules:
    - add missing dh_clean

da6736b... by Michael Vogt on 2014-10-08

Import patches-unapplied version 0.9.7.9+deb7u6 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 1ae93df03a16451c235ee4631caba0cafcf9c9dc

New changelog entries:
  * SECURITY UPDATE:
    - cmdline/apt-get.cc: fix insecure tempfile handling in
      apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
  * SECURITY UPDATE:
    - methods/http.cc: fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * fix regression when Dir::state::lists is set to a relative
    path (closes: 762160)
  * fix regression when cdrom: sources got rewriten by apt-cdrom
    add
  * Fix regression in 0.9.7.9+deb7u3 when file:/// sources
    are used and those are on a different partition than
    the apt state directory (closes: 762079)
  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
    - incorrect apt-get download validation (CVE-2014-0490)

1ae93df... by Michael Vogt on 2014-06-12

Import patches-unapplied version 0.9.7.9+deb7u2 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: b158fbe300bfd360e05c88d0532df43569f78c3b

New changelog entries:
  * SECURITY UPDATE: apt-get source validation (closes: #749795)
    - CVE-2014-0478

b158fbe... by Jonathan Wiltshire on 2013-11-16

Import patches-unapplied version 0.9.7.9+deb7u1 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 773d984455062bd084f270bf5a2a109aa9bb9648

New changelog entries:
  * Non-maintainer upload.
  * Apply patch for large .debs (Closes: #725483)
    Thanks Mark Hymers for the patch, Vincent Sanders for
    the review
  * Apply patch for strict multi-arch checking in single-architecture
    environments (Closes: #723586)

773d984... by Michael Vogt on 2013-06-04

Import patches-unapplied version 0.9.7.9 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 0e1aa91575b68813f0811e1ea47ef9cc092d9411

New changelog entries:
  [ Ludovico Cavedon ]
  * properly handle if-modfied-since with libcurl/https
    (closes: #705648)

  [ Andreas Beckman ]
  * apt-pkg/algorithms.cc:
    - Do not propagate negative scores from rdepends. Propagating the absolute
      value of a negative score may boost obsolete packages and keep them
      installed instead of installing their successors. (Closes: #699759)

0e1aa91... by Michael Vogt on 2013-03-14

Import patches-unapplied version 0.9.7.8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3af84198865503698104a85e024a8f93817e7b23

New changelog entries:
  * SECURITY UPDATE: InRelease verification bypass
    - CVE-2013-1051

  [ David Kalnischk ]
  * apt-pkg/deb/debmetaindex.cc,
    test/integration/test-bug-595691-empty-and-broken-archive-files,
    test/integration/test-releasefile-verification:
    - disable InRelease downloading until the verification issue is
      fixed, thanks to Ansgar Burchardt for finding the flaw

3af8419... by Michael Vogt on 2012-12-13

Import patches-unapplied version 0.9.7.7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3f9e02564581e9c6fc04122133b60f28bbcfc385

New changelog entries:
  [ Program translation updates ]
  * Catalan (Jordi Mallach)
  * Drop a confusing non-breaking space. Closes: #691024
  * Thai (Theppitak Karoonboonyanan). Closes: #691613
  * Vietnamese (Trần Ngọc Quân). Closes: #693773
  * Fix Plural forms in German, French, Japanese and Portuguese
    translations. Thanks to Jakub Wilk for reporting these errors.
  [ David Kalnischkies ]
  * apt-pkg/packagemanager.cc:
    - do not do lock-step configuration for a M-A:same package if it isn't
      unpacked yet in SmartConfigure and do not unpack a M-A:same package
      again in SmartUnPack if we have already configured it (LP: #1062503)
  * apt-pkg/depcache.cc:
    - don't call MarkInstall with the FromUser flag set for packages
      which are dependencies of APT::Never-MarkAuto-Sections matchers
    - no mode changes should obviously be ok for pkgDepCache::IsModeChangeOk
  * cmdline/apt-get.cc:
    - do not call Mark{Install,Delete} from the autoremove code with
      the FromUser bit set to avoid modifying the auto-installed bit
  * apt-pkg/algorithms.cc:
    - ensure pkgProblemResolver calls MarkDelete without FromUser set
      so that it can't overrule holds and the protection flag

  [ Michael Vogt ]
  * change permissions of /var/log/apt/term.log to 0640 (LP: #975199)
  [ Jonathan Thomas ]
  * apt-pkg/algorithms.cc:
    - fix package-pointer array memory leak in ResolveByKeepInternal()

3f9e025... by Michael Vogt on 2012-10-16

Import patches-unapplied version 0.9.7.6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 40a93829a75e78880ab7cc10bf1971eb36fc939d

New changelog entries:
  [ Program translation updates ]
  * Ukrainian (A. Bondarenko)
  [ David Kalnischkies ]
  * apt-pkg/pkgcachegen.cc:
    - ensure that dependencies for packages:none are always generated
    - add 2 missing remap registrations causing a segfault in case
      we use the not remapped iterators after a move of the mmap again
    - write the native architecture as unique string into the cache header
      as it is used for arch:all packages as a map to arch:native.
      Otherwise arch comparisons later will see differences (Closes: #689323)
  * apt-pkg/pkgcache.cc:
    - ignore negative dependencies applying in the same group for M-A:same
      packages on the real package name as self-conflicts (Closes: #688863)
  * cmdline/apt-cache.cc:
    - print versioned dependency relations in (r)depends if the option
      APT::Cache::ShowVersion is true (default: false) as discussed in
      #218995 to help debian-cd fixing #687949. Thanks to Sam Lidder
      for initial patch and Steve McIntyre for nagging and testing!
  * apt-pkg/edsp.cc:
    - include reinstall requests and already installed (= protected) packages
      in the install-request for external resolvers (Closes: #689331)
  * apt-pkg/policy.cc:
    - match pins with(out) an architecture as we do on the commandline
      (partly fixing #687255, b= support has to wait for jessie)
  * apt-pkg/contrib/netrc.cc:
    - remove the 64 char limit for login/password in internal usage
    - remove 256 char line limit by using getline() (POSIX.1-2008)

  [ Colin Watson ]
  * apt-pkg/pkgcachegen.cc:
    - Fix crash if the cache is remapped while writing a Provides version
      (LP: #1066445).

40a9382... by Michael Vogt on 2012-09-11

Import patches-unapplied version 0.9.7.5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d93d9827df8a443fd091f2913e2d90ca733ab2d9

New changelog entries:
  [ Manpages translation updates ]
  * Japanese (KURASAWA Nozomu) (Closes: #684435)
  * Portuguese (Américo Monteiro) (Closes: #686975)
  [ David Kalnischkies ]
  * handle packages without a mandatory architecture (debian-policy §5.3)
    by introducing a pseudo-architecture 'none' so that the small group of
    users with these packages can get right of them without introducing too
    much hassle for other users (Closes: #686346)
  * apt-pkg/cdrom.cc:
    - copy only configured translation files from a CD-ROM and not all
      available translation files preventing new installs with d-i from
      being initialized with all translations (Closes: #678227)
    - handle Components in the reduction for the source.list as multi-arch CDs
      otherwise create duplicated source entries (e.g. "wheezy main main")
  * apt-pkg/packagemanager.cc:
    - unpack versions only in case a different version from the package
      is currently in unpack state to recover from broken system states
      (like different file in M-A:same package and other dpkg errors)
      and avoid re-unpack otherwise (Closes: #670900)
  * debian/control:
    - let libapt-pkg break apt < 0.9.4 to ensure that the installed http-
      method supports the new redirection-style, thanks to Raphael Geissert
      for reporting & testing (Closes: #685192)
  * doc/apt_preferences.5.xml:
    - use the correct interval (x <= P < y) for pin value documentation as
      these are the intervals used by the code (Closes: #685989)
  * apt-pkg/indexcopy.cc:
    - do not create duplicated flat-archive CD-ROM sources for foreign
      architectures on multi-arch CD-ROMs
    - do not warn about files which have a record in the Release file, but
      are not present on the CD to mirror the behavior of the other methods
      and to allow uncompressed indexes to be dropped without scaring users
  * apt-pkg/pkgcachegen.cc:
    - do not create 'native' (or now 'none') package structures as a side
      effect of description translation parsing as it pollutes the cache

d93d982... by Michael Vogt on 2012-08-06

Import patches-unapplied version 0.9.7.4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 291c94391ec12bcd572de152e5641864c456b315

New changelog entries:
  [ Manpages translation updates ]
  * Polish (Robert Luberda) (Closes: #683109)
  [ Program translation updates ]
  * Polish (Michał Kułach)
  [ Pino Toscano ]
  * apt-pkg/contrib/mmap.cc:
    - guard only the msync call with _POSIX_SYNCHRONIZED_IO rather
      than also the fallback code as it breaks APT on hurd since 0.9.7.3
      as the fallback is now always used on non-linux (Closes: #683354)
  [ David Kalnischkies ]
  * apt-pkg/contrib/fileutl.cc:
    - remove _POSIX_SYNCHRONIZED_IO guard in FileFd::Sync() around fsync
      as this guard is only needed for fdatasync and not defined on hurd
  * cmdline/apt-get.cc:
    - error out on (unsatisfiable) build-deps on purly virtual packages
      instead of ignoring these dependencies; thanks to Johannes Schauer
      for the detailed report! (Closes: #683786)
    - ensure that the right architecture is used for cross-dependencies in
      cases we have to choose a provider by defaulting on host-arch
      instead of build-arch
  * doc/apt-verbatim.ent:
    - denote 'wheezy' as stable codename and 'jessie' as testing codename
      in the documentation in preparation for release
  * apt-pkg/indexcopy.cc:
    - do not use atomic writing if the target is /dev/null as we don't want
      to replace it, not even automically. (Closes: #683410)
  * apt-pkg/cdrom.cc:
    - do not link() but rename() the cdroms.list to cdroms.list~ as a backup
      to ensure that apt-cdrom can be run multiple times (Closes: #676302)