-
Julian Andres Klode authoredapt (2.2.0) unstable; urgency=medium * The "Happy soft freeze" release * Do not make DefaultRootSetFunc2 public symbol * kernels: Avoid std::regex for escaping '.' and '+' * symbols: Remove spurios package line, add kernel autoremoval helper apt (2.1.20) unstable; urgency=medium * CI: Run test as user on i386 * Fix test suite regression from StrToNum fixes. The tests started failing on 32-bit because the values were actually out of range, but we did not test errno before the last version, so it was not treated as an error. apt (2.1.19) unstable; urgency=medium [ Helge Kreutzmann ] * German program translation update (Closes: #979848) [ Youfu Zhang ] * dpkg: fix passing readonly /dev/null fd as stdout/stderr [ Diederik de Haas ] * Fix apt-acquire-additional-files entity's location. [ Wolfgang Schweer ] * vendor: Adjust Debian -security codename [ Julian Andres Klode ] * Include all translations when building the cache (LP: #1907850) [ David Kalnischkies ] * Various patches uplifted from unfinished fuzzer branches - Use 500 MB memory limit for xz/lzma decoding - Guess compressor only if no AR nember with exact name exists - Free XXH3 state to avoid leak in cache hashing - Fail ConfigDir reading if directory listing failed - Retire and deprecate _strtabexpand - Fix incorrect base64 encoding due to int promotion - Don't parse \x and \0 past the end in DeEscapeString - Remove Word size limit from ParseQuote and CWord - Forbid negative values in unsigned StrToNum explicitly - Avoid overstepping bounds in config file parsing - Show 'Done' always for 'Building dependency tree' - Avoid undefined pointer arithmetic while growing mmap - Use error reporting instead of assert in rred patching - Replace PrintStatus with SendMessage usage - Ensure HTTP status code text has sensible content - Limit on first patch size only for server-merged patches - Use size of the old cache as APT::Cache-Start default - Remove spurious periods on progress strings in po/de.po [ Frans Spiesschaert ] * Dutch program translation update (Closes: #981885) * Dutch manpages translation update (Closes: #981883) apt (2.1.18) unstable; urgency=high * pkgcachegen: Avoid write to old cache for Version::Extra (Closes: #980037) * Adjust apt-mark test for dpkg 1.20.7 apt (2.1.17) unstable; urgency=medium [ Américo Monteiro ] * Portuguese manpages translation update (Closes: #979725) [ Julian Andres Klode ] * kernels: Fix std::out_of_range if no kernels to protect * Call ischroot with -t apt (2.1.16) unstable; urgency=medium [ Faidon Liambotis ] * Various fixes to http and connect method - basehttp: also consider Access when a Server's URI - connect: convert a C-style string to std::string - connect: use ServiceNameOrPort, not Port, as the cache key [ Julian Andres Klode ] * patterns: Add dependency patterns ?depends, ?conflicts, etc. Note that the -broken- variants are not implemented yet. * Rewrite of the kernel autoremoval code: - Determine autoremovable kernels at run-time (LP: #1615381), this fixes the issue where apt could consider a running kernel autoremovable - Automatically remove unused kernels on apt {full,dist}-upgrade. This helps ensuring that we don't run out of /boot space. - Only keep up to 3 (not 4) kernels. Ubuntu boot partitions were sized for 3 kernels, not 4. * Bump codenames to bullseye/hirsute and adjust -security codename for bullseye (Closes: #969932) * Ignore failures from immediate configuration. This does not change the actual installation ordering - we never passed the return code to the caller and installation went underway anyway if it could be ordered at a later stage, this just removes spurious after-the-fact errors. (Closes: #973305, #188161, #211075, #649588) (LP: #1871268) * Add support for Phased-Update-Percentage, previously used only by update-manager. * Implement update --error-on=any so that scripts can reliably check for transient failures as well. (Closes: #594813) [ Demi M. Obenour ] * test/integration/framework: Be compatible with Bash [ Vangelis Skarmoutsos ] * Greek program translation update apt (2.1.15) unstable; urgency=medium [ Julian Andres Klode ] * Unroll pkgCache::sHash 8 time, break up dependency * Do not require libxxhash-dev for including pkgcachegen.h (Closes: #978171) [ David Kalnischkies ] * Proper URI encoding for config requests to our test webserver * Keep URIs encoded in the acquire system * Implement encoded URI handling in all methods * Don't re-encode encoded URIs in pkgAcqFile [ Helge Kreutzmann ] * German program translation update (Closes: #977938) apt (2.1.14) unstable; urgency=medium * test: fixup for hash table size increase (changed output order) * Use XXH3 for cache, hash table hashing apt (2.1.13) unstable; urgency=medium [ Debian Janitor ] * Apply multi-arch hints. + apt-doc, libapt-pkg-doc: Add Multi-Arch: foreign. [ Jordi Mallach ] * Fix typo in Catalan translation. [ David Kalnischkies ] * Prepare rred binary for external usage * Support reading compressed patches in rred direct call modes * Support compressed output from rred similar to apt-helper cat-file [ Julian Andres Klode ] * gitignore: Add /build and /obj-* build dirs * gitignore: Add .*.swp files * HexDigest: Silence -Wstringop-overflow * patterns: Terminate short pattern by ~ and ! * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) - apt-pkg/contrib/arfile.cc: add extra checks. - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB - test/*: add tests. - CVE-2020-27350 * Additional hardening: - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB * Raise APT::Cache-HashtableSize to 196613 apt (2.1.12) unstable; urgency=medium [ Julian Andres Klode ] * pkgnames: Correctly set the default for AllNames to false (LP: #1876495) * pkgnames: Do not exclude virtual packages with --all-names * Remove expired domain that became nsfw from debian/changelog * Do not immediately configure m-a: same packages in lockstep (LP: #1871268) [ Américo Monteiro ] * Portuguese manpages translation update (Closes: #968414) [ David Kalnischkies ] * Rename CMake find_package helpers to avoid developer warnings * Install translated apt-patterns(7) man pages * Remove ancient versions support from apts postinst * Update libapt-pkg6.0 symbols file * Refresh lintian-overrides of apt and libapt-pkg-doc apt (2.1.11) unstable; urgency=medium [ JCGoran ] * Fix "extended_states" typo in apt-mark(8) (Closes: #969086) [ Julian Andres Klode ] * doc: Bump Ubuntu release from focal to groovy * Do not produce late error if immediate configuration fails, just warn (Closes: #953260, #972552) (LP: #1871268) [ Frans Spiesschaert ] * Dutch manpages translation update (Closes: #970037) apt (2.1.10) unstable; urgency=medium * Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566) * acquire: Do not hide _error messages in Fail() * Further improvements to HTTP method (Closes: #968220, verified against that server and the Canonical infra where it blocked buildds) - Do not use non-blocking local I/O - they don't do anything anyway, and we can't really use non-blocking I/O here because we need to be able to flush it. - Restore successful exits from Die() and rewrite Die() in a more comprehensible way, after careful code path analysis - http: Fully flush local file both before/after server read, avoiding both partial flush before sending requests to the server, as well as preventing leftover data before receiving from the server, which cause data left in the buffer. apt (2.1.9) unstable; urgency=medium [ Julian Andres Klode ] * http: Fix infinite loop on read errors * basehttp: Correctly handle non-transient failure from RunData() * Do not retry on failure to fetch (Closes: #968163) [ Aleix Vidal i Gaya ] * updated catalan translations apt (2.1.8) unstable; urgency=medium [ Julian Andres Klode ] * Fully deprecate apt-key, schedule removal for Q2/2022 * apt-key: Allow depending on gpg instead of gnupg * Removal of racist terminology, except for two cases that still need consensus * Various fixes to http code: - http: Always Close() the connection in Die() - http: Die(): Merge flushing code from Flush() - http: Only return false for EOF if we actually did not read anything - http: Die(): Do not flush the buffer, error out instead - http: Finish copying data from server to file before sending stuff to server - http: On select timeout, error out directly, do not call Die() - http: Redesign reading of pending data - http: Always write to the file if there's something to write; this fixes a regression from removing the buffer flushing code Overall, there's hope this Closes: #959518. It reproduced a bit, but eventually snapshot.d.o ratelimiting kicked in and broke the test case. [ Nicolas Schier ] * Support marking all newly installed packages as automatically installed apt (2.1.7) unstable; urgency=medium [ David Kalnischkies ] * Do not hardcode (wrong) group and mode in setup warning (Closes: #962310) * Do not sent our filename-provides trick to EDSP solvers (Closes: #962741) * Tell EDSP solvers about all installed pkgs ignoring arch * Deduplicate EDSP Provides line of M-A:foreign packages * Delay removals due to Conflicts until Depends are resolved * Filter out impossible solutions for protected propagation * Add dependency points in the resolver also to providers * Reorder config check before checking systemd for non-interactive http * Reorder config check before result looping for SRV parsing debug * Fix test due to display change in ls (coreutils 8.32) * Detect pkg-config-dpkghook failure in tests to avoid fallback (Closes: #964475) [ Américo Monteiro ] * Portuguese manpages translation update (Closes: #962483) [ Julian Andres Klode ] * Replace some magic 64*1024 with APT_BUFFER_SIZE * Add basic support for the Protected field [ Sergio Oller Moreno ] * Minor Catalan grammar typo [ Frans Spiesschaert ] * Dutch program translation update (Closes: #963008) apt (2.1.6) unstable; urgency=medium [ David Kalnischkies ] * Fix small memory leak in MethodConfig * Consider protected packages for removal if they are marked as such * Consider if a fix is successful before claiming it is * Allow 20 instead of 10 loops for pkgProblemResolver * Deal with duplicates in the solution space of a dep apt (2.1.5) unstable; urgency=medium [ David Kalnischkies ] * Reset candidate version explicitly for internal state-keeping (Closes: #961266) * Known-bad candidate versions are not an upgrade option * Keep status number if candidate is discarded for kept back display * Allow pkgDepCache to be asked to check internal consistency * Don't update candidate provides map if the same as current * Ensure EDSP doesn't use a dangling architecture string * Allow FMV SSE4.2 detection to succeed on clang * Mark PatternTreeParser::Node destructor as virtual [ Frans Spiesschaert ] * Dutch manpages translation update (Closes: #961431) apt (2.1.4) unstable; urgency=medium [ David Kalnischkies ] * Check satisfiability for versioned provides, not providing version apt (2.1.3) unstable; urgency=medium [ David Kalnischkies ] * Prefer use of O_TMPFILE in GetTempFile if available * Allow prefix to be a complete filename for GetTempFile * Properly handle interrupted write() call in ExtractTar * Skip reading data from tar members if nobody will look at it * Keep going if a dep is bad for user requests to improve errors * Support negative dependencies in VCI::FromDependency * Deal with protected solution providers first * Propagate protected to already satisfied conflicts (Closes: #960705) * Propagate protected to already satisfied dependencies * Recognize propagated protected in pkgProblemResolver [ Julian Andres Klode ] * private-search: Only use V.TranslatedDescription() if good (LP: #1877987) apt (2.1.2) unstable; urgency=critical [ Julian Andres Klode ] * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated member names in error path - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated member names in error path - CVE-2020-3810 [ Frans Spiesschaert ] * Dutch program translation update (Closes: #960186) apt (2.1.1) unstable; urgency=medium [ David Kalnischkies ] * Allow aptitude to MarkInstall broken packages via FromUser * Drop nowrap from po4a --porefs as it is no longer supported * Use "po4a --porefs file" instead of undocumented compat noline [ Artur Grącki ] * Fix typo in Polish translation of --help messages apt (2.1.0) unstable; urgency=medium [ Frans Spiesschaert ] * Dutch manpages translation update (Closes: #956313) [ David Kalnischkies ] * Refactor MarkInstall fixing various or-group handling issues - Discard impossible candidate versions also for non-installed - Explore or-groups for Recommends further than first - Refactor and reorder MarkInstall code - Discard candidate if its dependencies can't be satisfied - Split up MarkInstall into private helper methods - Fail earlier on impossible Conflicts in MarkInstall - Propagate Protected flag to single-option dependencies - Prefer upgrading installed orgroup members - Protect a package while resolving in MarkInstall [ Julian Andres Klode ] * Reinstate * wildcards (Closes: #953531) (LP: #1872200) * apt list: Fix behavior of regex vs fnmatch vs wildcards apt (2.0.2) unstable; urgency=medium [ Boyuan Yang ] * Simplified Chinese program translation update (Closes: #955023) [ Frans Spiesschaert ] * Dutch program translation update (Closes: #955505) [ Marco Ippolito ] * Fix gramma in apt(8): "by append(+ing) a" (Closes: #955412) [ Chris Leick ] * German manpage translation update * Fix "string match{ing,es}" and whitespace typo in apt-patterns(7) [ Julian Andres Klode ] * test/integration/apt.pem: Regenerate with SHA2 hashes to make the test work with stricter gnutls in Ubuntu which rejects SHA1 * ubuntu: http: Add non-interactive to user agent if run by systemd (LP: #1825000) apt (2.0.1) unstable; urgency=medium [ David Kalnischkies ] * Don't crash pattern matching sections if pkg has no section * Parse last line in deb file correctly by adding a newline [ Julian Andres Klode ] * apt-helper: Add analyze-pattern helper * Add color highlighting to E:/W:/N: prefixes (Closes: #953527) [ Алексей Шилин ] * Russian program translation update (Closes: #953804) apt (2.0.0) unstable; urgency=medium * Upload to unstable - Happy APT 2.0 day! * GetLock: No strerror if it's just another process holding the lock * Show absolute time while waiting for lock instead of %, rework message apt (1.9.12) experimental; urgency=medium * pkgcache: Add operator bool() to map_pointer * (temporarily) unhide pkgDPkgPM again to have python-apt compile apt (1.9.11) experimental; urgency=medium [ Tomáš Janoušek ] * bash completion: Add autopurge command [ Tris Emmy Wilson ] * apt-mark: don't lie about successful marks [ Julian Andres Klode ] * apt(8): Wait for lock (Closes: #754103) * policy: Implement pinning by source package (Closes: #166032) * Initialize libgcrypt on first use (Closes: #949074) * Fix various compiler warnings * Bump ABI to 6.0; update symbols file; cleanup ABI: - Merge various function overloads together - Make stuff that should be virtual virtual - Default to hidden visibility * Code removals: - Use a 32-bit djb VersionHash instead of CRC-16 - Remove CRC-16 implementation * Hardening: - tagfile: Check if memchr() returned null before using - tagfile: Check out-of-bounds access to Tags vector * Cache improvements: - Type safe cache: Replace map_pointer_t with map_pointer<T> - Extensibility: Add d-pointers to groups, packages, versions, and files - Prepare for package hashtable removal: Swap locations of hashtables [ Nis Martensen ] * apt-pkg/srcrecords.cc: 'source' means 'deb-src' in error message [ David Kalnischkies ] * Parse records including empty tag names correctly apt (1.9.10) experimental; urgency=medium [ David Kalnischkies ] * Fix remaining usec vs sec time-delta calculation typos. Thanks to Trent W. Buck for initial patch (Closes: #950776) [ Julian Andres Klode ] * seccomp: Allow time64 variants (>402,<415) of allowed syscalls (Closes: #951012) * debian/control: Bump libseccomp-dev Build-Depends to >= 2.4.2 * seccomp: Allow recvmmsg_time64() and futex_time64() * policy: Add SetPriority() methods * Revert "Add a Packages-Require-Authorization Release file field" [ Michael Vogt ] * doc: remove "WIP" from apt.8.xml apt (1.9.9) experimental; urgency=medium * Widen regular expressions for versioned kernel packages (LP: #1607845) * Implement short patterns (patterns starting with ~) apt (1.9.8) experimental; urgency=medium * pkgcache.cc: Mix PACKAGE_VERSION into the cache hash * mmap: Do not look for empty pool unless we need to * apt-verbatim.ent: Update ubuntu-codename from disco to focal * NewGroup: Create GrpIterator after allocation (fix segfault) apt (1.9.7) experimental; urgency=medium * Trim trailing whitespace (thanks lintian-brush) * NewProvidesAllArch: Check if group is empty before using it. This caused automake-1.16 to not be provided by automake anymore, because apt wanted to add provides to packages in an empty automake-1.16 group. LP: #1859952 * Fix debian-rules-uses-deprecated-systemd-override. We accidentally managed to restart apt-daily{,-upgrade}.service again because our dh_systemd_start override was being ignored since we switched to debhelper 12. Override dh_installsystemd instead. apt (1.9.6) experimental; urgency=medium [ Julian Andres Klode ] * gitlab-ci: Do not do coverage * gitlab-ci: Use ccache * satisfy: Fix segmentation fault when called with empty argument * Add support for GTest 1.9, do not fail silently if its missing * gtests: Fix netrc parser test regression from https-only changes * Macro cleanup: - Avoid #define _error, use anonymous C++ struct instead (Closes: #948338) - Rename _count() macro to APT_ARRAY_SIZE() - Remove various unused macros like MAX/MIN/ABS/APT_CONST - Only define likely/unlikely if APT_COMPILING_APT set * Performance: Avoid extra out-of-cache hash table deduplication for package names, this saved about 10-16% on gencaches in memory * acquire: Move queue startup after calling log's Start(), fixes abort() calls in python-apt * hashes: Use Libgcrypt for hashing purposes - Raise buffer size for Hashes::AddFD() from 4 KiB to 64 KiB - Convert users of {MD5,SHA1,SHA256,SHA512}Summation to use Hashes - Deprecate the Summation classes and mark them for removal - Remove includes of (md5|sha1|sha2).h headers * netrc: Add warning when ignoring entries for unencrypted protocols * apt(8): Disable regular expressions and fnmatch [ David Kalnischkies ] * Drop g++ build-dependency to help crossbuilding (Closes: #948201) [ Denis Mosolov ] * Fix typo in README.md apt (1.9.5) experimental; urgency=medium [ Julian Andres Klode ] * Parse 'show' arguments for the 'info' alias as well (LP: #1843812) * patterns: Add base class for regular expression matching * patterns: Add ?version * patterns: Add ?source-name and ?source-version * patterns: Add ?archive * patterns: Add ?origin * patterns: Add ?any-version * patterns: Implement ?narrow(...), as ?any-version(?and(...)) * patterns: Add ?all-versions * patterns: Add ?section * netrc: Restrict auth.conf entries to https by default (Closes: #945911) [ Anatoly Borodin ] * README.md: fix dead anonscm link [ Алексей Шилин ] * Search in all available description translations (Closes: #490000) * strutl: Add APT::String::DisplayLength() function * Fix progress bar width for multibyte charsets [ Chris Leick ] * German manpage translation update [ David Kalnischkies ] * Use correct filename on IMS-hit reverify for indices * Remove failed trusted signature instead of index on IMS hit [ Anthony Papillon ] * Fix a mistake in man french translation apt (1.9.4) experimental; urgency=medium * CMake: Pass -Werror=return-type to gcc * CMake: Produce a fatal error if triehash could not be found * apt.systemd.daily: Do not numerically check if intervals equal 0 (LP: #1840995) * srvrec: Use re-entrant resolver functions * Pass --abort-after=1 to dpkg when using --force-depends (Closes: #935910) (LP: #1844634) * Fix use of GTest to adjust for GTest 1.9 apt (1.9.3) experimental; urgency=medium * Fix segfault in pkgAcquire::Enqueue() with Acquire::Queue-Mode=access (LP: #1839714) * test: Use valgrind to ensure Acquire::Queue-Mode=access does not crash * Add initial support for package patterns (patterns on versions WIP) apt (1.9.2) experimental; urgency=medium [ Julian Andres Klode ] * Improve locking messaging - pid and name, "do not remove lock file" [ Lynn Cyrin ] * Change a pronoun in the readme from `he` to `they` [ David Kalnischkies ] * Distribute host-less work based on backlog of the queues * Show details about the package with bad Provides * Apply various suggestions by cppcheck apt (1.9.1) experimental; urgency=medium * RFC1123StrToTime: Accept const std::string& as first argument * Fix pkg-config-test autopkgtest apt (1.9.0) experimental; urgency=medium [ Julian Andres Klode ] * CMakeLists.txt: Bump C++ standard version to C++14 * debian: Update to debhelper-compat (= 12) * debian/rules: Do not use dh_install --list-missing (dh 12 porting) * Remove all the deprecated bits, merge various function prototypes together * prepare-release: Add merge-translations command * Use system-provided triehash * CI: Use unstable for now, as we need triehash package * Tighten dependencies from apt and apt-utils on libs * Add test case for local-only packages pinned to never * acq: worker: Move CurrentSize, TotalSize, ResumePoint to CurrentItem * apt-helper: Support multiple hashes for a file * Add 'explicit' to most single argument constructors * Get rid of pkgExtract and pkgFLCache * Merge libapt-inst into libapt-pkg * Use debDebFile to get control file instead of dpkg-deb * prepare-release: Add bump-abi command * Change soname to libapt-pkg.so.5.90 * CMake: Enforce "override" use on overridden methods * debmetaindex: Use isspace_ascii() variant to normalize Signed-By * README.md: Quote -j <count> as code with backticks * apt-mark: Add hidden showheld alias for showhold * Mnor wording improvements in documentation * Make APT::StringView public, replace std::string with it in various places * Introduce apt satisfy and apt-get satisfy (Closes: #275379) * Run unifdef -DAPT_{8,9,10,15}_CLEANER_HEADERS * Adjust code for missing includes, and using std::string * Bump cache MajorVersion to 16 [ Corentin Noël ] * Add pkg-config files for the apt-pkg and apt-inst libraries (Closes: #439121) [ Simon McVittie ] * vendor/getinfo: Iterate through vendors in lexicographic order (Closes: #924662) * vendor/getinfo: Don't assume that Ubuntu is the last vendor (Closes: #924662) [ Martin Michlmayr ] * Perform minor copy-editing on the docs [ Ivan Krylov ] * Mark apt-transport-https as M-A:foreign (Closes: #905141) [ David Kalnischkies ] * Don't limit cpu-limited queues to at most 10 [ Stephen Kitt ] * apt-cache: only show solutions if displayed [ Brian Murray ] * Do not include squashfs file systems in df output. (LP: #1756595) [ Simon Körner ] * http: Fix Host header in proxied https connectionse74d1bde