apt, branch 1.2.8 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.2.8 2016-03-24T18:31:51Z Release 1.2.8 2016-03-24T18:31:51Z Julian Andres Klode jak@debian.org 2016-03-24T18:31:51Z urn:sha1:21895193b664a403179fcd8eee379b9b371084b5 Update symbols file 2016-03-24T14:16:00Z Julian Andres Klode jak@debian.org 2016-03-24T14:15:46Z urn:sha1:77c35637ea85a065da3bcf57a4a8921cf2ad04f0 Set hidden visibility for StringView 2016-03-24T14:16:00Z Julian Andres Klode jak@debian.org 2016-03-24T14:11:05Z urn:sha1:5359675e6c7684bd4153adaf3cc0f59442cdc291 This avoids templates using StringView to be exported, such as std::vector<StringView*>::emplace_back(). Gbp-Dch: ignore Japanese manpage translation update 2016-03-24T09:24:43Z Takuma Yamada tyamada@takumayamada.com 2016-03-22T10:51:27Z urn:sha1:4b4cada140b588379fa32ecee2a55bf11e946c5f Closes: 818950 handle gpgv's weak-digests ERRSIG 2016-03-22T00:58:45Z David Kalnischkies david@kalnischkies.de 2016-03-22T00:26:29Z urn:sha1:08b7761a251a36fa65cbe022a86c51d7f091a88d Our own gpgv method can declare a digest algorithm as untrusted and handles these as worthless signatures. If gpgv comes with inbuilt untrusted (which is called weak in official terminology) which it e.g. does for MD5 in recent versions we should handle it in the same way. To check this we use the most uncommon still fully trusted hash as a configureable one via a hidden config option to toggle through all of the three states a hash can be in. properly check for "all good sigs are weak" 2016-03-21T21:47:17Z David Kalnischkies david@kalnischkies.de 2016-03-21T17:47:10Z urn:sha1:8fa99570816d3a644a9c4386c6a8f2ca21480329 Using erase(pos) is invalid in our case here as pos must be a valid and derefenceable iterator, which isn't the case for an end-iterator (like if we had no good signature). The problem runs deeper still through as VALIDSIG is a keyid while GOODSIG is just a longid so comparing them will always fail. Closes: 818910 refactor loading of previous release file 2016-03-19T08:48:44Z David Kalnischkies david@kalnischkies.de 2016-03-17T11:10:37Z urn:sha1:d32223495b4b6e077c8c4db54a0dd972c7a1548a There is really no need to have the same code three times. Git-Dch: Ignore tests: reenable basic auth test and add @ in username 2016-03-19T08:48:44Z David Kalnischkies david@kalnischkies.de 2016-03-18T10:37:31Z urn:sha1:28b2efcb190edd97b802ac9055eaf417f141f724 On launchpad #1558484 a user reports that @ in the authentication tokens parsing of sources.list isn't working in an older (precise) version. It isn't the recommended way of specifying passwords and co (auth.conf is), but we can at least test for regressions (and in this case test at all… who was that "clever" boy disabling a test with exit……… oh, nevermind. Git-Dch: Ignore zh_CN.po: update simplified Chinese translation. (Closes: #818639) 2016-03-19T07:53:48Z Zhou Mo cdluminate@gmail.com 2016-03-19T07:53:48Z urn:sha1:ff5318caf714c3b26fa37aa4debf138ccf416fc1 100% translated. Note: this commit contains a message from the future. #818639 cachefile: Only set members that were initialized successfully 2016-03-19T06:19:24Z Julian Andres Klode jak@debian.org 2016-03-19T00:56:38Z urn:sha1:f40fdaa43271edf98b80c08e20f401b5da591501 Otherwise, things will just start failing later down the stack, because (a) the lazy getters do not check if building was successful and (b) any further getter call would return the invalid object anyway. Also initialize VS in pkgCache to nullptr by default. Closes: #818628