apt/test, branch 1.1.exp11

apt/test, branch 1.1.exp11 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.1.exp11 2015-08-27T13:01:05Z Fix test-security-no-remote-status 2015-08-27T13:01:05Z Julian Andres Klode jak@debian.org 2015-08-27T13:00:02Z urn:sha1:15d9f7e76020775fc87f2b2546ba7570c58e8111 Gbp-Dch: ignore Do not parse Status fields from remote sources 2015-08-27T12:51:47Z Julian Andres Klode jak@debian.org 2015-08-21T16:00:37Z urn:sha1:1c73b0fc41c23a08994ef1464c529e0aacff16de This could allow an attacker to mark a package as installed in a remote package index, as long as the package was not listed in the dpkg status file. This way, an attacker could force the installation of a package during a dist-upgrade, by providing two packages in an index, an older marked as installed, and a newer - apt would "upgrade" to the newer version. Merge branch 'feature/extractar-filefd' into debian/experimental 2015-08-27T11:58:14Z Julian Andres Klode jak@debian.org 2015-08-27T11:58:14Z urn:sha1:f19d6a77f60b876e5453614d24886aabdd242ef6 Add test for using ExtractTar on compressed files 2015-08-27T11:45:57Z Julian Andres Klode jak@debian.org 2014-03-16T13:48:39Z urn:sha1:992a1e83eb3fa4a7e6a19288e7c0af7c5d2b25c0 Git-Dch: ignore install: Set a local deb as the candidate for that package 2015-08-27T11:27:44Z Julian Andres Klode jak@debian.org 2015-08-26T22:28:47Z urn:sha1:848fd2a65fa2aef296d44c9a19b89ac272ca12fe This ensures that we can install .deb files that are not the candidate for a given package. allow explicit dis/enable of IndexTargets in sources options 2015-08-27T09:27:45Z David Kalnischkies david@kalnischkies.de 2015-08-27T08:41:19Z urn:sha1:e6a12ff73a2e3246b9e475d9772e88c79a6249f7 While Target{,-Add,-Remove} is available for configuring IndexTargets already, allow Targets to be mentioned explicitely as yes/no options as well, so that the Target 'Contents' can be disabled via 'Contents: no' as well as 'Target-Remove: Contents'. use always priv-dropping for changelog download as root 2015-08-27T09:27:45Z David Kalnischkies david@kalnischkies.de 2015-08-23T11:46:35Z urn:sha1:d12561703c7776f665b68c91bddb28dea0728894 First of, the temporary directory we download the changelog to needs to be owned by _apt, but that also means that we don't need to check if we could/should drop privs as the download happens to a dedicated tempdir and only after that it is moved to its final location by a privileged user. fix various typos reported by codespell 2015-08-27T09:27:44Z David Kalnischkies david@kalnischkies.de 2015-08-22T14:22:08Z urn:sha1:3a8776a37af38127fb04565959e8e0e449eb04a4 Reported-By: codespell just-in-time removal of broken essential packages 2015-08-27T09:24:07Z David Kalnischkies david@kalnischkies.de 2015-08-21T17:59:33Z urn:sha1:9106d7c9692e91622a828f382b85fe592bfec81d We deal with Conflicts in SmartUnpack in pretty much the same way, but Breaks weren't handled in SmartConfigure so that the remove was sheduled after the configuration of the package breaking the to-be-removed. Closes: 796070 test for #796070: downgrades involving essential packages 2015-08-27T09:24:07Z Julian Andres Klode jak@debian.org 2015-08-19T10:56:12Z urn:sha1:313f7d4ad08831de0a95a88ee4d62795aaad8a0c Git-Dch: Ignore