Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.0.9.4 2014-11-28T15:15:39Z 2014-11-28T15:15:39Z James McCoy jamessan@debian.org 2014-11-28T13:21:06Z urn:sha1:69d8b8537af1dd52db5f2e0e785bdce3e52fdf8d apt-key given a long keyid reports just "OK" all the time, but doesn't delete the mentioned key as it doesn't find the key. Note: In debian/experimental this was closed with 29f1b977100aeb6d6ebd38923eeb7a623e264ffe which just added the testcase as the rewrite of apt-key had fixed this as well. Closes: 754436 2014-11-10T16:23:29Z David Kalnischkies kalnischkies@gmail.com 2013-08-18T21:27:24Z urn:sha1:3a2b39ee602dd5a98b8fdaee2f1c8e0b13a276e2 Collect all hashes we can get from the source record and put them into a HashStringList so that 'apt-get source' can use it instead of using always the MD5sum. We therefore also deprecate the MD5 struct member in favor of the list. While at it, the parsing of the Files is enhanced so that records which miss "Files" (aka MD5 checksums) are still searched for other checksums as they include just as much data, just not with a nice and catchy name. This is a cherry-pick of 1262d35 with some dirty tricks to preserve ABI. LP: 1098738 2014-10-02T20:05:25Z Guillem Jover guillem@debian.org 2014-10-02T15:48:13Z urn:sha1:4c370aad7539b7e3bc0028aa538f34b95a526cff The code is creating a secure temporary directory, but then creates the changelog alongside the tmpdir in the same base directory. This defeats the secure tmpdir creation, making the filename predictable. Inject a '/' between the tmpdir and the changelog filename. 2014-09-21T08:18:03Z Michael Vogt mvo@debian.org 2014-09-21T08:18:03Z urn:sha1:b0f4b486e6850c5f98520ccf19da71d0ed748ae4 2014-09-02T15:25:35Z Michael Vogt mvo@ubuntu.com 2014-09-02T15:06:52Z urn:sha1:097248092ea4ff4543dfb17deb4e0d31dd697c71 When apt-cache search with many args (> 130) is given the allocation of PatternMatch on the stack may fail resulting in a segmentation fault. By using the heap the max size is much bigger and we also get a bad_alloc expection instead of a segfault (which we can catch *if* this ever becomes a pratical problem). No test for the crash as its not reproducable with the MALLOC_ settings in framework. Closes: 759612 2014-09-02T14:02:37Z Michael Vogt mvo@ubuntu.com 2014-09-02T13:50:19Z urn:sha1:c6ee61eab54edf6cc3fbe118d304d72a860e1451 When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264 2014-08-26T18:49:48Z David Kalnischkies david@kalnischkies.de 2014-08-16T11:29:10Z urn:sha1:c53cf70da31a3c59675af8c5425b54433793dc8d dpkg-source can be told to enforce signature checks with --require-valid-signature, but while this isn't feasible as default for Debian itself at the moment, a local admin should be able to use it. This commit also fixes the size limit on the construction of the command being called for dpkg-source and dpkg-buildpackage. Closes: 757534 2014-06-18T09:17:18Z David Kalnischkies david@kalnischkies.de 2014-06-17T15:45:33Z urn:sha1:d39d7f885d61bfe296c131c83bdc042a2ab6b0d7 2014-06-10T12:49:58Z Michael Vogt mvo@debian.org 2014-06-10T12:49:58Z urn:sha1:59d6e5b06c25acdd6583ea801740c36acabc19ac 2014-06-10T12:47:03Z Michael Vogt mvo@debian.org 2014-06-10T12:47:03Z urn:sha1:ac00cca724734db58ad14ab8c77d445d0df3bc9f