apt, branch 1.1.exp11

apt, branch 1.1.exp11 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.1.exp11 2015-08-27T15:55:44Z Release 1.11~exp11 2015-08-27T15:55:44Z Julian Andres Klode jak@debian.org 2015-08-27T15:55:19Z urn:sha1:bf33c3bd991be704494a060730f8370fd9cad52c Fix test-security-no-remote-status 2015-08-27T13:01:05Z Julian Andres Klode jak@debian.org 2015-08-27T13:00:02Z urn:sha1:15d9f7e76020775fc87f2b2546ba7570c58e8111 Gbp-Dch: ignore Do not parse Status fields from remote sources 2015-08-27T12:51:47Z Julian Andres Klode jak@debian.org 2015-08-21T16:00:37Z urn:sha1:1c73b0fc41c23a08994ef1464c529e0aacff16de This could allow an attacker to mark a package as installed in a remote package index, as long as the package was not listed in the dpkg status file. This way, an attacker could force the installation of a package during a dist-upgrade, by providing two packages in an index, an older marked as installed, and a newer - apt would "upgrade" to the newer version. Merge branch 'feature/extractar-filefd' into debian/experimental 2015-08-27T11:58:14Z Julian Andres Klode jak@debian.org 2015-08-27T11:58:14Z urn:sha1:f19d6a77f60b876e5453614d24886aabdd242ef6 Use compressor support from FileFd for ExtractTar instead of programs 2015-08-27T11:45:57Z Julian Andres Klode jak@debian.org 2014-03-15T22:03:14Z urn:sha1:3564c2f4cfd9cbca6114da15c27f73efd08df78c This way we do not depend on the decompressor programs anymore. Add test for using ExtractTar on compressed files 2015-08-27T11:45:57Z Julian Andres Klode jak@debian.org 2014-03-16T13:48:39Z urn:sha1:992a1e83eb3fa4a7e6a19288e7c0af7c5d2b25c0 Git-Dch: ignore Always close compressed files in FileFd 2015-08-27T11:45:57Z Julian Andres Klode jak@debian.org 2014-03-16T13:48:11Z urn:sha1:2da8aae5550440742674758280f2d339ba612a31 We dup() the file descriptor when opening compressed files, so we always need to close the dup()ed one. Furthermore, not unsetting the d-pointer causes issues when running OpenDescriptor() multiple times on the same file descriptor. install: Set a local deb as the candidate for that package 2015-08-27T11:27:44Z Julian Andres Klode jak@debian.org 2015-08-26T22:28:47Z urn:sha1:848fd2a65fa2aef296d44c9a19b89ac272ca12fe This ensures that we can install .deb files that are not the candidate for a given package. cacheset: Prefer the depcache over the policy again 2015-08-27T11:13:13Z Julian Andres Klode jak@debian.org 2015-08-27T11:10:02Z urn:sha1:b6192267c23ffda1b9c8328537a5f2c83e176c26 By preferring the policy over the depcache, we ignore any changes we made in the depcache, which makes it impossible for code to change the candidate used here. This basically reverts commit 2fbfb111312257fa5fc29b0c2ed386fb712f960e: prefer the Policy if it is built instead of the DepCache and if DepCache is not available as fallback built the Policy But it also cleans the code up a bit, by removing one level of nesting. debian/rules: Only do parallel build if specified in DEB_BUILD_OPTIONS 2015-08-27T10:58:47Z Julian Andres Klode jak@debian.org 2015-08-26T23:10:34Z urn:sha1:1476c59e4b93239176a2d4874ec950b489c924b2 It was not nice to use 2 * number of cores in all cases. Thanks: Jakub Wilk for the suggestion