apt, branch 1.6

apt, branch 1.6_alpha1 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.6_alpha1 2017-10-22T23:59:11Z Release 1.6~alpha1 2017-10-22T23:59:11Z Julian Andres Klode jak@debian.org 2017-10-22T23:58:07Z urn:sha1:abe429029c2d2b407a67e2a48d4594184cb88a5e seccomp: Add missing syscalls for ppc64el, i386, and others 2017-10-22T23:51:19Z Julian Andres Klode jak@debian.org 2017-10-22T22:35:15Z urn:sha1:f5572ef1daf21d20f4a7d261884291c0acddd947 These are a few overlooked syscalls. Also add readv(), writev(), renameat2(), and statx() in case libc uses them. Gbp-Dch: ignore Sandbox methods with seccomp-BPF; except cdrom, gpgv, rsh 2017-10-22T21:38:31Z Julian Andres Klode jak@debian.org 2017-10-22T21:34:03Z urn:sha1:32bcbd73e0988d2d2237690ffae33b4f5cc5ff81 This reduces the number of syscalls to about 140 from about 350 or so, significantly reducing security risks. Also change prepare-release to ignore the architecture lists in the build dependencies when generating the build-depends package for travis. We might want to clean up things a bit more and/or move it somewhere else. methods/basehttp.cc: Remove proxy autodetect debugging code 2017-10-22T18:27:23Z Julian Andres Klode jak@debian.org 2017-10-22T18:26:55Z urn:sha1:9130b5f9304b7f58273a826ff9acf04e10c6f98e This was a left over from the autodetect move. Gbp-Dch: ignore methods/mirror: Enable sandboxing and other aptMethod features 2017-10-22T18:25:50Z Julian Andres Klode jak@debian.org 2017-10-22T18:25:50Z urn:sha1:8616c21628c8bff9174a912ca5814e469d49e7cb Sandboxing was turned off because we called pkgAcqMethod's Configuration() instead of aptMethod's. Run the ProxyAutoDetect script in the sandbox again 2017-10-22T17:10:57Z Julian Andres Klode jak@debian.org 2017-10-22T17:02:53Z urn:sha1:0934b6b023b46cd0e2e5fa55a23a054b2feeb618 The previous change moved running the proxy detection program from the method to the main process, so it runs as root and not as _apt. This brings it back into the sandbox. Gbp-Dch: ignore Run Proxy-Auto-Detect script from main process 2017-10-22T16:52:16Z Julian Andres Klode jak@debian.org 2017-10-21T13:44:43Z urn:sha1:1a76517470ebc2dd3f96e39ebe6f3706d6dd78da This avoids running the Proxy-Auto-Detect script inside the untrusted (well, less trusted for now) sandbox. This will allow us to restrict the http method from fork()ing or exec()ing via seccomp. Fix testsuite for and add new fields from dpkg 1.19 2017-10-20T21:40:53Z Julian Andres Klode jak@debian.org 2017-10-20T21:37:36Z urn:sha1:404dececf913d3c09368a73ca00aa8172dbf6865 tagfile-order.c: Add missing fields from dpkg 1.19 For binary packages, this is Build-Essential; for source packages, it is Description. test-bug-718329-...: Ignore control.tar.*, changes in dpkg 1.19 test-apt-extracttemplates: Fix for dpkg 1.19 Dutch program translation update 2017-10-20T21:01:03Z Frans Spiesschaert Frans.Spiesschaert@yucom.be 2017-10-20T21:01:03Z urn:sha1:f7281c4dbfe77f1d2a4da2f9e309104b0c86c45f Closes: #879137 zh_CN.po: Update Simplified Chinese programs translation 2017-10-08T11:38:21Z Mo Zhou cdluminate@gmail.com 2017-10-08T11:38:21Z urn:sha1:91c90664eebb81bdc9fc228bc0b33eec5674753d