Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.7.9 2020-02-26T19:34:54Z 2020-02-26T19:34:54Z Julian Andres Klode julian.klode@canonical.com 2019-08-13T17:15:19Z urn:sha1:db678df196ccd8f9f6fb336706cf5701d1e53aa6 2019-06-12T13:02:55Z Julian Andres Klode julian.klode@canonical.com 2019-05-11T15:17:20Z urn:sha1:daa1352ed3d2bb4bc6aa0f0e7f22be3f0908942d 2015-08-10T15:25:26Z David Kalnischkies david@kalnischkies.de 2015-06-24T17:31:22Z urn:sha1:b0d408547734100bf86781615f546487ecf390d9 Limits which key(s) can be used to sign a repository. Not immensely useful from a security perspective all by itself, but if the user has additional measures in place to confine a repository (like pinning) an attacker who gets the key for such a repository is limited to its potential and can't use the key to sign its attacks for an other (maybe less limited) repository… (yes, this is as weak as it sounds, but having the capability might come in handy for implementing other stuff later). 2014-03-13T12:58:45Z David Kalnischkies david@kalnischkies.de 2014-03-05T23:33:10Z urn:sha1:a02db58fd50ef7fc2f0284852c6b3f98e458a232 Git-Dch: Ignore Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn} 2014-03-13T12:58:45Z David Kalnischkies david@kalnischkies.de 2014-03-05T21:11:25Z urn:sha1:453b82a388013e522b3a1b9fcd6ed0810dab1f4f Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use) 2014-03-13T12:58:45Z David Kalnischkies david@kalnischkies.de 2014-02-27T00:20:53Z urn:sha1:d3e8fbb395f57954acd7a2095f02ce530a05ec6a Git-Dch: Ignore Reported-By: gcc -Wpedantic 2014-02-22T17:34:33Z Michael Vogt mvo@debian.org 2014-02-22T17:34:33Z urn:sha1:1e3f4083db29bba600b9725e9456b0e140975c99 2013-06-20T08:56:50Z David Kalnischkies kalnischkies@gmail.com 2013-06-17T09:23:13Z urn:sha1:ae99ce2e3cadb07c80b89ab2afc804875b1026c5 With the selfgrown splitting we got the problem of not recovering from networks which just reply with invalid data like those sending us login pages to authenticate with the network (e.g. hotels) back. The good thing about the InRelease file is that we know that it must be clearsigned (a Release file might or might not have a detached sig) so if we get a file but are unable to split it something is seriously wrong, so there is not much point in trying further. The Acquire system already looks out for a NODATA error from gpgv, so this adds a new error message sent to the acquire system in case the splitting we do now ourselves failed including this magic word. Closes: #712486 2013-03-19T11:37:50Z David Kalnischkies kalnischkies@gmail.com 2013-03-19T11:37:50Z urn:sha1:cb32348956441e33733e6bd8c2c572f19600dc25 free to escape all lines (we have no lines in our files which need to be escaped as these would be invalid fieldnames) and while ExecGPGV would detect dash-escaped text as invalid (as its not expected in messages with detached signatures) it would be possible to "comment" lines in (signed) dsc files which are only parsed but not verified 2013-03-19T09:49:57Z David Kalnischkies kalnischkies@gmail.com 2013-03-19T09:49:57Z urn:sha1:b408e4ad0010b273dac0af7dc87ab61062d89e49