apt/apt-pkg, branch 1.6

apt/apt-pkg, branch 1.6_rc1 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.6_rc1 2018-04-15T18:57:53Z Merge branch 'pu/zstd' into 'master' 2018-04-15T18:57:53Z Julian Andres Klode jak@debian.org 2018-04-15T18:57:53Z urn:sha1:1cbb4c95f3fdd0872a7f1cb0f970f50a68c13959 pu/zstd See merge request apt-team/apt!8 zstd: Implement support for multi-frame files 2018-04-13T21:15:06Z Julian Andres Klode julian.klode@canonical.com 2018-03-09T14:15:27Z urn:sha1:7cf73b7a1e4f127098cae5b8593cd1d0c675e4a4 This implements support for multi frame files while keeping error checking for unexpected EOF working correctly. Files with multiple frames are generated by pzstd, for example. Implement compression level handling for zstd 2018-04-13T21:15:06Z Julian Andres Klode julian.klode@canonical.com 2018-03-08T13:38:58Z urn:sha1:9dfbfb24350b1d6b2f48ce66df8873c072f34a06 This is a simplified variant of the code for xz, adapted to support multiple digit integers. fix communication typo in https manpage 2018-04-07T12:35:40Z David Kalnischkies david@kalnischkies.de 2018-02-27T17:10:34Z urn:sha1:67bbd75cddb50601e045e7bff41b196c51898360 Reported-By: lintian spelling-error-in-manpage Bump cache major version to allow different 1.5 and 1.6 updates 2018-03-19T13:56:31Z Julian Andres Klode julian.klode@canonical.com 2018-03-19T13:56:31Z urn:sha1:af7c9811b0b2e9215e31a2a9ae4962cbe215206a Shipping 1.6 with major 12 would not allow us to update 1.5.y in a different way than 1.6.y if we have to without resorting to minor version hacks. Let's just bump the major instead. Use https for Ubuntu changelogs 2018-03-15T10:14:04Z Julian Andres Klode julian.klode@canonical.com 2018-03-15T10:14:04Z urn:sha1:412fff10af76ff8a77cee3fe10fb1ba8a91e860b We just enabled https on changelogs.ubuntu.com, let's use it. apt-pkg: Add support for zstd 2018-03-12T07:56:59Z Julian Andres Klode julian.klode@canonical.com 2018-03-08T08:33:39Z urn:sha1:4de4200ec2717e777bbf99ed82d1b4344f078ec2 zstd is a compression algorithm developed by facebook. At level 19, it is about 6% worse in size than xz -6, but decompression is multiple times faster, saving about 40% install time, especially with eatmydata on cloud instances. Merge branch 'pu/not-valid-before' into 'master' 2018-02-19T15:06:06Z Julian Andres Klode jak@debian.org 2018-02-19T15:06:06Z urn:sha1:928ecff984be22632c27a69e072741e74491292c Check that Date of Release file is not in the future See merge request apt-team/apt!3 Check that Date of Release file is not in the future 2018-02-19T15:05:01Z Julian Andres Klode julian.klode@canonical.com 2018-01-29T15:15:41Z urn:sha1:9e5899cac1a6367e3769af52a724821880e538f6 By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes. ensure correct file permissions for auxfiles 2018-02-19T14:56:09Z David Kalnischkies david@kalnischkies.de 2018-02-02T18:14:09Z urn:sha1:b3e7a16265e7c6c3b6892b9ec8a787d692ced6e6 The interesting takeaway here is perhaps that 'chmod +w' is effected by the umask – obvious in hindsight of course. The usual setup helps with hiding that applying that recursively on all directories (and files) isn't correct. Ensuring files will not be stored with the wrong permissions even if in strange umask contexts is trivial in comparison. Fixing the test also highlighted that it wasn't bulletproof as apt will automatically fix the permissions of the directories it works with, so for this test we actually need to introduce a shortcut in the code. Reported-By: Ubuntu autopkgtest CI