Change log for apt package in Debian

175 of 292 results
Published in buster-release on 2019-03-18
Published in sid-release on 2019-03-08
apt (1.8.0) unstable; urgency=medium

  [ David Kalnischkies ]
  * Add explicit message for unsupported binary signature (Closes: #921685)

  [ Milo Casagrande ]
  * [l10n] Update Italian translation

  [ Julian Andres Klode ]
  * Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
  * CMake: Install auth.conf.d directory (LP: #1818996)

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #923728)
  * Dutch manpages translation update (Closes: #923834)

 -- Julian Andres Klode <email address hidden>  Fri, 08 Mar 2019 09:41:20 +0100

Available diffs

Superseded in buster-release on 2019-03-18
Superseded in sid-release on 2019-03-12
apt (1.8.0~rc4) unstable; urgency=medium

  * update: Provide APT::Update-Post-Invoke-Stats script hook point
    (LP: #1815760)
  * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)

 -- Julian Andres Klode <email address hidden>  Tue, 26 Feb 2019 08:32:01 +0100
Superseded in buster-release on 2019-03-08
Superseded in sid-release on 2019-03-01
apt (1.8.0~rc3) unstable; urgency=medium

  [ Julian Andres Klode ]
  * aptmethod.h: Do not have gcc warning about ignoring write() result
  * Fix issues in previous two debian/changelog entries
  * json-hooks-protocol: The "pin" field is optional
  * debian/gbp.conf: Set debian-branch to 1.8.y
  * Install translated apt_auth and apt-transport-* manpages

  [ Алексей Шилин ]
  * Russian program translation update.
    Thanks to Vladimir Zhbanov <email address hidden> (Closes: #921830)

  [ Jakub Wilk ]
  * Fix various typos in the documentation

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #921934)
  * Dutch manpages translation update (Closes: #921941)

 -- Julian Andres Klode <email address hidden>  Mon, 11 Feb 2019 09:33:46 +0100

Available diffs

Superseded in buster-release on 2019-02-21
Superseded in sid-release on 2019-02-17
apt (1.8.0~rc2) unstable; urgency=medium

  * Bump SONAMEs in preparation for ABI breaks
  * Correctly handle feature detection for sse4.2 and crc32

 -- Julian Andres Klode <email address hidden>  Mon, 04 Feb 2019 18:15:07 +0100

Available diffs

Published in stretch-release on 2019-01-23
apt (1.4.9) stretch-security; urgency=medium

  * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
    (LP: #1812353)

 -- Julian Andres Klode <email address hidden>  Fri, 18 Jan 2019 11:42:07 +0100
Superseded in buster-release on 2019-02-07
Superseded in sid-release on 2019-02-06
apt (1.8.0~beta1) unstable; urgency=medium

  [ anatoly techtonik ]
  * README.md: Document that apt is also included
  * apt.cc: Add "apt info" alias for muscle memory

  [ Jean-Pierre Giraud ]
  * French manpages translation update (Closes: #915952)

  [ Frans Spiesschaert ]
  * Dutch manpages translation update (Closes: #916358)

  [ Julian Andres Klode ]
  * cache hash: Use sse4.2 CRC32c on x86-64 where available
  * configuration: Compare size first during lookup
  * debListParser: Avoid native arch lookup in ParseDepends
  * hash32: Tighten to multiversion to x86-64 ELF and use uint32_t
  * apt-mark: Introduce minimize-manual
  * doc/apt-verbatim.ent: Point ubuntu-codename to disco (LP: #1812696)
  * CI: Use debian:buster as test base image
  * doc/apt-verbatim.ent: Debian buster is stable
  * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
    (LP: #1812353)
  * debian/control: Drop libcurl4-gnutls-dev build dependency

  [ Mo Zhou ]
  * zh_CN.po: Update Simplified Chinese programs translation.

  [ Khem Raj ]
  * Remove `register` keyword

  [ Vasya Novikov ]
  * bash completion: add keys

  [ David Kalnischkies ]
  * Communicate back which key(s) were used for signing

 -- Julian Andres Klode <email address hidden>  Wed, 23 Jan 2019 16:49:34 +0100

Available diffs

Superseded in buster-release on 2019-01-26
Superseded in sid-release on 2019-01-24
apt (1.8.0~alpha3.1) unstable; urgency=emergency

  * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
    (LP: #1812353)

 -- Julian Andres Klode <email address hidden>  Tue, 22 Jan 2019 19:52:38 +0100

Available diffs

Superseded in buster-release on 2019-01-23
Superseded in sid-release on 2019-02-06
apt (1.8.0~alpha3) unstable; urgency=medium

  [ Manuel A. Fernandez Montecelo ]
  * Remove "Ultimedia" config for Acquire::Changelogs
  * Remove "Tanglu" config for Acquire::Changelogs and as vendor

  [ Julian Andres Klode ]
  * Adjust libapt-pkg Breaks aptitude to << 0.8.9
  * Print useful error on "apt changelog" without arguments
  * test-pdiff-usage: make transaction failure test case more robust
  * Provide a "autopurge" shortcut.
    Thanks to Michael Vogt for the initial work
  * Override FileFd copy constructor to prevent copying
  * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)
  * Set PATH=/usr/sbin:/usr/bin:/sbin:/bin when running dpkg

  [ David Kalnischkies ]
  * Allow setting Referer header for http method
  * Use quoted tagnames in config dumps

  [ Алексей Шилин ]
  * Russian program translation update (Closes: #914096)

  [ Balint Reczey ]
  * Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
    (LP: #1806076)

  [ Milo Casagrande ]
  * [l10n] Update Italian translation

 -- Julian Andres Klode <email address hidden>  Tue, 18 Dec 2018 15:02:11 +0100
Superseded in buster-release on 2018-12-30
Superseded in sid-release on 2018-12-22
apt (1.8.0~alpha2) unstable; urgency=medium

  * Revert "http: Fix handling of server connection closure"
    This reverts commit fb3f36593563d09a8d1727cc7c6deb0b49823ca2. It
    caused downloads to hang on long-lived connections on certain
    servers.
  * Drop debian/source/options, not needed anymore

 -- Julian Andres Klode <email address hidden>  Tue, 13 Nov 2018 10:31:49 +0100

Available diffs

Superseded in sid-release on 2018-11-13
apt (1.8.0~alpha1) unstable; urgency=medium

  [ Damyan Ivanov ]
  * apt-get.8: mention --only-source in 'source' and 'build-dep' description

  [ David Kalnischkies ]
  * Support subkeys properly in Signed-By options
  * Support multiple keyrings in sources.list Signed-By

  [ Ben Hutchings ]
  * Default to https: scheme for fetching Debian changelogs (Closes: #910941)

  [ Julian Andres Klode ]
  * NeverAutoRemove kernel meta packages (LP: #1787460)
  * Break pre-gcc8 aptitude and apt (Closes: #911090)
  * http: Fix handling of server connection closure (LP: #1801338)

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #912021)
  * Dutch manpage translation update (Closes: #912022)

  [ Chris Leick ]
  * German manpage translation update
  * Fix typos encountered while updating de translation

  [ Petter Reinholdtsen ]
  * Norwegian Bokmål program translation update (Closes: #912374)

 -- Julian Andres Klode <email address hidden>  Mon, 12 Nov 2018 11:52:15 +0100
Superseded in buster-release on 2018-11-15
Superseded in sid-release on 2018-11-16
apt (1.7.0) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Fix calculation of elapsed usec in downloads
  * pkgCacheFile: Only unlock in destructor if locked before (LP: #1794053)
  * Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts.
    Some post-invoke scripts install packages, which fails because
    the environment variable is not set. This sets the variable for
    all three kinds of scripts {pre,post-}invoke and pre-install-pkgs,
    but we will only allow post-invoke at a later time.
  * prepare-release: Fix last-modification detection for manpages

  [ David Kalnischkies ]
  * Show APT::Compressor example in apt.conf(5) (Closes: #909712)

  [ Muhamed Huseinbašić ]
  * apt-mark: showhold: typo-fix (package -> packages)

 -- Julian Andres Klode <email address hidden>  Sun, 07 Oct 2018 07:56:02 +0200
Superseded in buster-release on 2018-10-09
Superseded in sid-release on 2018-10-07
apt (1.7.0~rc2) unstable; urgency=medium

  [ David Kalnischkies ]
  * Deal with descriptions embedded in displayed record correctly
    (Closes: #909155)

 -- Julian Andres Klode <email address hidden>  Thu, 20 Sep 2018 21:03:54 +0200

Available diffs

Superseded in sid-release on 2018-09-21
apt (1.7.0~rc1) unstable; urgency=medium

  [ Laurent Bigonville ]
  * fr.po: Do not translate the apt-ftparchive commands (Closes: #907481)

  [ David Kalnischkies ]
  * Don't use invalid iterator in Fallback-Of handling.
    Thanks to David Binderman for reporting
  * Process status-fd completely before finishing dpkg call
  * Don't expect duplicated dpkg status-fd messages
  * Reorder progress report messages
  * Show all architectures in 'apt list' output (Closes: #908218)

  [ Julian Andres Klode ]
  * http: Stop pipeline after close only if it was not filled before

 -- Julian Andres Klode <email address hidden>  Tue, 18 Sep 2018 16:12:38 +0200

Available diffs

Superseded in buster-release on 2018-09-23
Superseded in sid-release on 2018-09-19
apt (1.6.4) unstable; urgency=critical

  [ David Kalnischkies ]
  * SECURITY UPDATE: Fallback in the mirror method allowed a later server to
    supply any InRelease file without it having to be verified. (LP: #1787752)
    - apt-pkg/acquire-item.cc:: clear alternative URIs for mirror:// between steps
    - CVE-2018-0501
    - https://mirror.fail/

 -- Julian Andres Klode <email address hidden>  Mon, 20 Aug 2018 17:38:50 +0200
Deleted in experimental-release (Reason: None provided.)
apt (1.7.0~alpha3) experimental; urgency=medium

  [ David Kalnischkies ]
  * SECURITY UPDATE: Fallback in the mirror method allowed a later server to
    supply any InRelease file without it having to be verified. (LP: #1787752)
    - apt-pkg/acquire-item.cc:: clear alternative URIs for mirror:// between steps
    - CVE-2018-0501
    - https://mirror.fail/

  [ Jean-Ralph Aviles ]
  * Add trailing newline to output of edit-sources.

  [ Julian Andres Klode ]
  * Add support for dpkg frontend lock (Closes: #869546)
  * Set DPKG_FRONTEND_LOCKED as needed when doing selection changes
  * Update symbols files

  [ Boyuan Yang ]
  * Simplified Chinese program translation update (Closes: #903695)

  [ David Kalnischkies ]
  * Report (soon) worthless keys if gpg uses fpr for GOODSIG

 -- Julian Andres Klode <email address hidden>  Mon, 20 Aug 2018 17:44:19 +0200
Superseded in buster-release on 2018-08-21
Superseded in sid-release on 2018-08-21
apt (1.6.3) unstable; urgency=medium

  * Handle JSON hooks that just close the file/exit and fix some other errors
    (LP: #1776218)

 -- Julian Andres Klode <email address hidden>  Mon, 09 Jul 2018 16:41:27 +0200
Superseded in experimental-release on 2018-08-22
apt (1.7.0~alpha2) experimental; urgency=medium

  * Handle JSON hooks that just close the file/exit and fix some other errors
    (LP: #1776218)
  * Use cheaper entropy source for randomizing items to fetch

 -- Julian Andres Klode <email address hidden>  Mon, 09 Jul 2018 16:02:45 +0200

Available diffs

Superseded in buster-release on 2018-07-12
Superseded in sid-release on 2018-07-10
apt (1.6.2) unstable; urgency=medium

  * Fix build with new gtest (Closes: #897149)
  * Handle a missed case of timed out ip addresses (LP: #1766542)
  * Lower default network timeouts from 120s to 30s
  * apt-key: Pass all instead of gpg-agent to gpgconf --kill (LP: #1773992)
  * Fix lock counting in debSystem (LP: #1778547)
  * CI fixes:
   - tests: Do not expect requested-by if sudo was invoked by root
   - Run tests on GitLab CI
   - CI: Export DEBIAN_FRONTEND=noninteractive in all CI environments

 -- Julian Andres Klode <email address hidden>  Mon, 25 Jun 2018 17:15:10 +0200
Superseded in experimental-release on 2018-07-10
apt (1.7.0~alpha1) experimental; urgency=medium

  [ Julian Andres Klode ]
  * CMake: Fix builds without zstd
  * apt.conf.autoremove: Catch some new Ubuntu module packages
  * Fix build with new gtest (Closes: #897149)
  * tests: Do not expect requested-by if sudo was invoked by root
  * Run tests on GitLab CI
  * Handle a missed case of timed out ip addresses (LP: #1766542)
  * Lower default timeout from 120s to 30s
  * apt-key: Pass all instead of gpg-agent to gpgconf --kill (LP: #1773992)
  * Fix lock counting in debSystem
  * CI: Export DEBIAN_FRONTEND=noninteractive in all CI environments
  * Ensure that we are online in apt-daily-upgrade.service (LP: #1723761)
  * gitlab-ci: chmod 755 /root

  [ David Kalnischkies ]
  * move special READMEs into doc/ and format as md
  * Add boilerplate plural form to po/apt-all.pot
  * don't try SRV requests based on IP addresses
  * use 127.0.0.1 instead of localhost as default Tor proxy
  * Extend apt build-dep pkg/release to switch dep as needed
  * Support release selector for volatile files as well
  * Start pkg records for deb files with dpkg output
  * Deprectate buggy/incorrect Rls/PkgFile::IsOk methods
  * Support --with-source in show & search commands
  * Support local files as arguments in show command (Closes: 883206)
  * Drop alternative URIs we got a hash-based fail from
  * Handle by-hash URI construction more centrally
  * Don't force the same mirror for by-hash URIs
  * Reword error for timed out read/write on SOCKS proxy (Closes: #898886)
  * Don't show acquire warning for "hidden" components (Closes: #879591)
  * Use a steady clock source for progress reporting
  * Use steady clock source for bandwidth limitation

  [ Guillem Jover ]
  * Remove obsolete RCS keywords
  * Normalize authors through a mailmap file
  * po: Fill Project-Id-Version with correct project id and version
  * po: Fix translated string not matching format string arguments
  * po: Fix Language field to match actual locale
  * po: Remove spurious text in Plural-Forms field
  * po: Add missing Plural-Forms fields

  [ Filipe Brandenburger ]
  * Update .gitignore
  * Increase debug verbosity in `apt-get autoremove`
  * Extend test-apt-get-autoremove to check debug output

  [ annadane ]
  * Add verb 'be' to NEWS entry for 1.5~beta1 (Closes: 892792)

  [ Алексей Шилин ]
  * Russian program translation update (Closes: 898797)

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #900589)
  * Dutch manpage translation update (Closes: #900602)

 -- Julian Andres Klode <email address hidden>  Mon, 25 Jun 2018 17:12:30 +0200
Superseded in buster-release on 2018-06-28
Superseded in sid-release on 2018-06-26
apt (1.6.1) unstable; urgency=medium

  * CMake: Fix builds without zstd
  * apt.conf.autoremove: Catch some new Ubuntu module packages

 -- Julian Andres Klode <email address hidden>  Fri, 20 Apr 2018 12:08:18 +0200
1.6
Superseded in sid-release on 2018-04-21
apt (1.6) unstable; urgency=medium

  * Make libzstd optional in CMakeLists.txt, to aid cross-building
  * Point debian-branch to 1.6.y

 -- Julian Andres Klode <email address hidden>  Wed, 18 Apr 2018 16:34:33 +0200

Available diffs

Superseded in experimental-release on 2018-06-26
apt (1.7.0~alpha0) experimental; urgency=medium

  [ David Kalnischkies ]
  * mention mirror method in sources.list (Closes: 679580)

  [ Julian Andres Klode ]
  * Build with cmake+ninja instead of cmake+make
  * Make libzstd optional in CMakeLists.txt, to aid cross-building
  * Run travis against debian:testing again, keep shippable at bionic

 -- Julian Andres Klode <email address hidden>  Wed, 18 Apr 2018 17:22:19 +0200
Superseded in sid-release on 2018-04-19
apt (1.6~rc1) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Experimental support for zstd (LP: #1763839)
  * Fix debian/NEWS entry for 1.6~beta1
  * Use https for Ubuntu changelogs
  * Bump cache major version to allow different 1.5 and 1.6 updates
  * CI: Switch testing to use ubuntu:bionic for 1.6.y
  * Turn off seccomp sandboxing by default (LP: #1732030) (Closes: #890489)
  * Allow restart_syscall() syscall in seccomp sandboxes (Closes: #891644)
  * Delete /etc/dpkg/dpkg.cfg.d/excludes on Docker CI images
  * test: export GCOV_ERROR_FILE=/dev/null to make it fail less/no tests
  * apt-private: Collect not found packages in CacheSetHelperAPTGet
  * Introduce experimental new hooks for command-line tools (LP: #1763839)

  [ David Kalnischkies ]
  * remove duplicate changelog lines from 1.6~beta1 entry
  * fix communication typo in https manpage
  * set our two libapt libraries to prio:optional
  * document Acquire::AllowReleaseInfoChange without extra s

  [ jean-pierre giraud ]
  * French man pages translation (Closes: #895117)

 -- Julian Andres Klode <email address hidden>  Sun, 15 Apr 2018 21:41:44 +0200

Available diffs

Superseded in buster-release on 2018-04-25
Superseded in sid-release on 2018-04-16
apt (1.6~beta1) unstable; urgency=medium

  [ David Kalnischkies ]
  * allow the apt/lists/auxfiles/ directory to be missing (Closes: 887624)
  * add apt-helper drop-privs command…
  * restore gcc visibility=hidden for apt-private
  * ensure correct file permissions for auxfiles
  * allow the apt/lists/auxfiles/ directory to be missing (Closes: 887624)
  * add apt-helper drop-privs command…
  * restore gcc visibility=hidden for apt-private
  * ensure correct file permissions for auxfiles

  [ Julian Andres Klode ]
  * indexcopy: Copy uncompressed indices from cdrom again (LP: #1746807)
  * Work around test-method-mirror failure by setting umask at start
  * Check that Date of Release file is not in the future
  * apt.conf.autoremove: Add linux-cloud-tools to list (LP: #1698159)
  * indexcopy: Copy uncompressed indices from cdrom again (LP: #1746807)
  * Work around test-method-mirror failure by setting umask at start
  * Check that Date of Release file is not in the future
  * apt.conf.autoremove: Add linux-cloud-tools to list (LP: #1698159)

  [ Chris Leick ]
  * German manpage translation update
  * German manpage translation update

 -- Julian Andres Klode <email address hidden>  Mon, 26 Feb 2018 13:14:13 +0100
Superseded in buster-release on 2018-03-03
Superseded in sid-release on 2018-02-28
apt (1.6~alpha7) unstable; urgency=medium

  [ Mert Dirik ]
  * Turkish program translation update (Closes: 886250)

  [ David Kalnischkies ]
  * dpkg status parsing: check if name is valid before use

  [ Julian Andres Klode ]
  * apt-compat.cron.daily: Correctly handle undetermined power status
    (LP: #1742378)
  * Introduce inrelease-path option for sources.list (Closes: #886745)
  * Drop obsolete Suggests on python-apt (Closes: #887607)
  * Point people to salsa.d.o instead of anonscm.d.o for git

  [ Justin B Rye ]
  * review and fix the three new apt-transport- manpages

  [ Holger Wansing ]
  * German program translation update (Closes: 886429)

  [ Julien Patriarca ]
  * French program translation update (Closes: 887017)

 -- Julian Andres Klode <email address hidden>  Thu, 18 Jan 2018 14:44:14 +0000

Available diffs

Superseded in buster-release on 2018-01-24
Superseded in sid-release on 2018-01-19
apt (1.6~alpha6) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Add Breaks: aptitude (<< 0.8.10) for gzip method removal
  * Also look at https_proxy for https URLs
  * Run wrap-and-sort
  * Translate shared documentation parts again
  * tests: Improve handling profiling messages on CI
  * connect: Store the IP used when picking a connection
  * Add rapid "happy eyeballs" connection fallback (RFC 8305) (Closes: #668948)
    (LP: #1308200)

  [ David Kalnischkies ]
  * allow multivalue fields in deb822 sources to be folded (Closes: 881875)
  * support COLUMNS environment variable in apt tools
  * allow apt_auth.conf(5) to be translated
  * if insecure repo is allowed continue on all http errors
  * don't auto-switch candidate if installed is good enough
  * update libapt-pkg symbols file
  * explicitly name token in auth.conf parsing error
  * fix over-calculating dpkg commandline length
  * avoid some useless casts reported by -Wuseless-cast
  * deal with floats without old-style cast
  * support multiline values in LookupTag
  * mark some 500 HTTP codes as transient acquire errors
  * report transient errors as transient errors
  * implement Acquire::Retries support for all items
  * give the methods more metadata about the files to acquire
  * implement fallback to alternative URIs for all items
  * do not remap current files if nullptrs in cache generation
  * apt.daily: remove unused dbus signal for apt update (Closes: 849636)
  * Support cleartext signed InRelease files with CRLF line endings.
    Thanks to Lukas Wunner for detailed report & initial patch! (Closes: 884922)
  * document http options in new apt-transport-http manpage
  * document https options in new apt-transport-https manpage
  * refactor message generation for methods
  * allow a method to request auxiliary files
  * reimplement and simplify mirror:// method
  * require methods to request AuxRequest capability at startup
  * add tag-based control over mirror choices from the list
  * non-local mirrorlists shouldn't redirect to local
  * add apt-transport-mirror manpage

  [ Milo Casagrande ]
  * Italian program translation update (Closes: 882850)

  [ Christian Göttsche ]
  * apt.daily: fix several "shellcheck" annotations

 -- Julian Andres Klode <email address hidden>  Wed, 03 Jan 2018 22:33:37 +0000

Available diffs

Superseded in buster-release on 2018-01-09
Superseded in sid-release on 2018-10-29
apt (1.6~alpha5) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Do not attempt seccomp under qemu-user and drop EFAULT workaround
    (Closes: #881519)

  [ Frans Spiesschaert ]
  * Dutch manpage translation update (Closes: #881402)

 -- Julian Andres Klode <email address hidden>  Sun, 12 Nov 2017 19:57:00 +0100
Superseded in buster-release on 2017-11-18
Superseded in sid-release on 2017-11-13
apt (1.6~alpha4) unstable; urgency=medium

  * debian: Set Rules-Requires-Root: no
  * debian: Bump Standards-Version to 4.1.1
  * Re-introduce a transitional apt-transport-https

 -- Julian Andres Klode <email address hidden>  Sun, 05 Nov 2017 15:25:53 +0100

Available diffs

Superseded in buster-release on 2017-11-11
Superseded in sid-release on 2017-11-09
apt (1.6~alpha3) unstable; urgency=medium

  [ Julian Andres Klode ]
  * debian/tests/control: Add dpkg so we get triggered by it
  * seccomp: Allow ipc() for fakeroot, and allow sysinfo() for sort
    (Closes: #879814, #879826)
  * Drop unused gzip, lzma, bzip2, and xz symlinks of store
  * seccomp: Allow clock_nanosleep() and nanosleep() syscalls
  * Prevent overflow in Installed-Size (and Size) in apt show

  [ David Kalnischkies ]
  * use store: instead of gzip: to open local changelogs

 -- Julian Andres Klode <email address hidden>  Sat, 28 Oct 2017 17:57:05 +0200

Available diffs

Superseded in sid-release on 2017-10-29
apt (1.6~alpha2) unstable; urgency=medium

  * seccomp: Conditionalize statx() whitelisting
  * CMake: methods: Cleanup link libraries, use OBJECT libraries
  * methods: Enable additional syscalls (SYSV IPC) in fakeroot (Closes: #879662)
  * Don't segfault if receiving a method warning on empty queue
  * Only warn about seccomp() EINVAL (normal) and EFAULT (qemu) errors
  * Print syscall number and arch to stderr when trapped by seccomp

 -- Julian Andres Klode <email address hidden>  Thu, 26 Oct 2017 00:32:20 +0200
Superseded in sid-release on 2017-10-26
apt (1.6~alpha1) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Bump Standards-Version to 4.1.0
  * Drop obsolete dh-systemd build-dep
  * Drop obsolute Testsuite: autopkgtest header
  * Drop curl method and apt-transport-https package
  * Fix testsuite for and add new fields from dpkg 1.19
  * Run Proxy-Auto-Detect script from main process
  * methods/mirror: Enable sandboxing and other aptMethod features
  * Sandbox methods with seccomp-BPF; except cdrom, gpgv, rsh

  [ David Kalnischkies ]
  * proper error reporting for v3 onion services
  * allow empty build-dependency fields in the parser (Closes: #875363)
  * send the hashes for alternative file correctly
  * ignore unsupported key formats in apt-key (Closes: #876508)

  [ Mo Zhou ]
  * zh_CN.po: Update Simplified Chinese programs translation

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #879137)

 -- Julian Andres Klode <email address hidden>  Mon, 23 Oct 2017 01:58:18 +0200
Superseded in stretch-release on 2019-01-23
apt (1.4.8) stretch; urgency=medium

  [ Balint Reczey ]
  * Gracefully terminate process when stopping apt-daily-upgrade (LP: #1690980)

  [ David Kalnischkies ]
  * don't ask an uninit _system for supported archs, this
    crashes the mirror method (LP: #1613184)

  [ Julian Andres Klode ]
  * Do not warn about duplicate "legacy" targets (Closes: #839259)
    (LP: #1697120)
  * apt-daily: Pull in network-online.target in service, not timer
    - this can cause a severe boot performance regression / hang
    (LP: #1716973)

 -- Julian Andres Klode <email address hidden>  Wed, 13 Sep 2017 18:47:33 +0200
1.5
Superseded in buster-release on 2017-11-03
Superseded in sid-release on 2017-10-23
apt (1.5) unstable; urgency=medium

  * Fix translator comment location for legacy target warning

 -- Julian Andres Klode <email address hidden>  Sun, 24 Sep 2017 17:54:41 +0200

Available diffs

Superseded in buster-release on 2017-09-30
Superseded in sid-release on 2017-09-26
apt (1.5~rc4) unstable; urgency=medium

  * apt-daily: Do not Wants=network-online, and add some more After=
    We now wait for being online ourselves, so all we need to wait
    on is for services we are using to be online first. This avoids
    severe boot slowdowns by other services having specified an
    After=network-online.target without a Wants=.

 -- Julian Andres Klode <email address hidden>  Wed, 13 Sep 2017 16:02:30 +0200

Available diffs

Superseded in sid-release on 2017-09-13
apt (1.5~rc3) unstable; urgency=medium

  * CMake: Properly handle Udev missing
  * CMake: Mark BZip2, LZMA, and LZ4 as required
  * apt-helper: Add connman support to wait-online

 -- Julian Andres Klode <email address hidden>  Sun, 10 Sep 2017 23:46:30 +0200

Available diffs

Superseded in sid-release on 2017-09-11
apt (1.5~rc2) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Actually install apt_auth.conf manual page (Closes: #873934)
  * test: Workaround gpgv warning
  * apt-daily: Wait for network before daily updates.
    Introduce a new helper, apt-helper wait-online that uses
    NetworkManager and/or systemd-networkd to wait for them
    reporting online, with a time out of 30 seconds; and run
    that helper before running the daily update script. (LP: #1699850)
  * apt-daily: Pull in network-online.target in service, not timer
  * Do not warn about duplicate "legacy" targets (Closes: #839259)
    (LP: #1697120)
  * cdrom: Don't hardcode "Files" field for copying source files
  * ftparchive: Do not pass through disabled hashes in Sources (Closes: #872963)
  * Directly link against libudev on Linux systems - this does not affect
    public API and ABI, but protected pkgUdevCdromDevices function pointers
    were renamed and are now always NULL, even if Dlopen returns true.

  [ Christos Trochalakis ]
  * doc: correct '--allow-releaseinfo-change-*' typos (Closes: #873914)

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #874285)
  * Dutch manpage translation update (Closes: #874293)

  [ David Kalnischkies ]
  * don't write & chmod /dev/null log files
  * don't ask an uninit _system for supported archs (LP: #1613184)

 -- Julian Andres Klode <email address hidden>  Sat, 09 Sep 2017 21:47:14 +0200
Superseded in buster-release on 2017-09-19
Superseded in sid-release on 2017-09-11
apt (1.5~rc1) unstable; urgency=medium

  * Redefine APT_CONST to mean APT_PURE (APT_CONST is deprecated)
    APT_CONST was used on functions where it should not have, causing
    the compiler to optimize code it should not have, like turning
    the "::" content in StringSplit(name, "::") into garbage because it
    figured out that the value is not going to be read anyway, causing
    stuff to go horribly wrong (mostly on -O3, really).
  * Replace APT_CONST with APT_PURE everywhere
  * Make test-bug-818628-unreadable-source work on !amd64

 -- Julian Andres Klode <email address hidden>  Thu, 24 Aug 2017 23:13:52 +0200
Superseded in buster-release on 2017-08-30
Superseded in sid-release on 2017-08-26
apt (1.5~beta2) unstable; urgency=medium

  [ M. Willis Monroe ]
  * Minor grammar fix

  [ Zhou Mo ]
  * zh_CN.po: update Simplified Chinese programs translation

  [ David Kalnischkies ]
  * don't expect more downloads from failed transactions
  * remove reference to a-t-debtorrent in description
  * ignore SIGPIPE in dump solver if forwarding
  * support compressed extended_states file for bug triage
  * don't move failed pdiff indexes out of partial (Closes: 869425)
  * don't try to parse all fields starting with HTTP as status-line
  * send weak-only hashes to methods
  * fail earlier if server answers with too much data
  * fail early in http if server answer is too small as well
  * use FileFd to parse all apt configuration files
  * show warnings instead of errors if files are unreadable (LP: #1701852)
  * reimplement and document auth.conf (Closes: #811181)
  * lookup login info for proxies in auth.conf
  * allow the auth.conf to be root:root owned
  * update URI scheme descriptions in sources.list(5)
  * show a warning for Debian shutting down FTP services
  * suggest using auth.conf for sources with passwords
  * ftparchive: sort discovered filenames before writing indexes.
    Thanks to Chris Lamb for initial patch & Stefan Lippers-Hollmann for testing
    (Closes: 869557)
  * don't keep configuration files open needlessly
  * don't hang if multiple sources use unavailable method (Closes: 870675)

  [ Beatrice Torracca ]
  * Italian manpage translation update (Closes: 858877)

  [ Apollon Oikonomopoulos ]
  * Handle supported components with slashes in sources.list (Closes: #868127)

  [ Julian Andres Klode ]
  * Drop cacheiterators.h include
  * methods/aptmethod.h: Add missing fileutl.h include
  * Reformat and sort all includes with clang-format
  * cacheiterators: Warn about direct include and don't include pkgcache.h
  * Update gitignore with new files
  * Use C++11 threading support instead of pthread
  * Always warn if --force-yes is validly specified, not just if used
  * Work around float rounding change in gcc 7 on i386
  * Handle GCC 7 std::string operator ABI break (Closes: #871275)
  * debian: Update symbols for libapt-pkg5.0

  [ Paul Wise ]
  * Support zero delay for the various APT::Periodic activities
  * Support seconds, minutes, hours and days for APT::Periodic intervals
  * Switch from /org to /srv in example apt-ftparchive configuration

  [ Balint Reczey ]
  * Gracefully terminate process when stopping apt-daily-upgrade (LP: #1690980)

  [ Dominik ]
  * doc: Add '--allow-unauthenticated' to '--force-yes'

 -- Julian Andres Klode <email address hidden>  Thu, 17 Aug 2017 19:28:00 +0200
Superseded in stretch-release on 2017-10-07
apt (1.4.7) stretch; urgency=medium

  * New release with important fixes up to 1.5~beta1; also see LP: #1702326

  [ Robert Luberda ]
  * fix a "critical" typo in old changelog entry (Closes: 866358)

  [ David Kalnischkies ]
  * test suite/travis CI: ignore profiling warning in progress lines
  * use port from SRV record instead of initial port

  [ Julian Andres Klode ]
  * Reset failure reason when connection was successful, so later errors are
    reported as such and not as "connection failure" warnings.
  * debian/gbp.conf: Set debian-branch to 1.4.y
  * http: A response with Content-Length: 0 has no content, so don't try to
    read it - it will either timeout or the server closes the connection.
  * travis CI: Migrate to Docker

 -- Julian Andres Klode <email address hidden>  Thu, 13 Jul 2017 23:45:39 +0200
Superseded in buster-release on 2017-08-23
Superseded in sid-release on 2017-08-18
apt (1.5~beta1) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Make Verify-Host and Verify-Peer independent again
  * http: A response with Content-Length: 0 has no content
  * Ignore download order in test-apt-update-failure-propagation
  * tls: Add more details to error messages, and detect more errors
  * Do not error out, only warn if ca certificates are not available

  [ David Kalnischkies ]
  * don't set ip addresses as server names for SNI

  [ Алексей Шилин ]
  * Russian translation update (Closes: #866749)

 -- Julian Andres Klode <email address hidden>  Mon, 03 Jul 2017 16:57:59 +0200
Deleted in experimental-release (Reason: None provided.)
apt (1.5~alpha4) experimental; urgency=medium

  * Reset failure reason when connection was successful
  * Allow running the TLS stack on any lower connection
  * http: Add support for CONNECT proxying to HTTPS locations
  * http: Add support for https:// proxies
  * Allow http(s) and socks5h for http and https in proxy auto detect
  * Switch to 'http' as the default https method
  * Improve closing the TLS connection
  * TLS support: Error out on unsupported curl options

 -- Julian Andres Klode <email address hidden>  Fri, 30 Jun 2017 18:18:09 +0200

Available diffs

Superseded in experimental-release on 2017-07-01
apt (1.5~alpha3) experimental; urgency=medium

  * Don't read CaInfo if not specified (missing else)
    This fixes a regression from ~alpha2. (Closes: #866559)

 -- Julian Andres Klode <email address hidden>  Fri, 30 Jun 2017 09:50:13 +0200

Available diffs

Superseded in experimental-release on 2017-07-01
apt (1.5~alpha2) experimental; urgency=medium

  [ David Kalnischkies ]
  * support tor+https being handled by http
  * use port from SRV record instead of initial port

  [ Robert Luberda ]
  * fix a "critical" typo in old changelog entry (Closes: 866358)

  [ Julian Andres Klode ]
  * Improve error message if system CA store is empty (Closes: #866377)
  * Have apt Recommend ca-certificates
  * Demote gnupg to Suggests
  * http: Only use system CA store if CaInfo is not set
  * Bump Standards-Version (and wrap-and-sort a bit)
  * Build-Depend on debhelper (>= 10) to shut up lintian

 -- Julian Andres Klode <email address hidden>  Thu, 29 Jun 2017 17:52:19 +0200
Deleted in experimental-release (Reason: None provided.)
apt (1.5~alpha1) experimental; urgency=medium

  [ Julian Andres Klode ]
  * pkgcache: Bump major version to 12
  * Squashed 'triehash/' changes from 565fde4e7..0ca66b761
  * methods: Add HTTPS support to http method, using GnuTLS.
    The http method will eventually replace the curl-based
    https method, but for now, this is an opt-in experiment
    that can be enabled by setting Dir::Bin::Methods::https
    to "http".
    Known issues:
    - We do not support HTTPS proxies yet
    - We do not support proxying HTTPS connections yet (CONNECT)
    - IssuerCert and SslForceVersion are unsupported
  * Allow building without curl
  * Introduce Acquire::AllowTLS to turn off TLS support
  * Skip test-apt-download-progress
  * Strip 0: epochs from the version hash

  [ David Kalnischkies ]
  * schedule the correct side of the conflict for removal.
    Thanks to Michael Biebl for helping find this with countless tests
  * don't show incorrect 'How odd' errror in no-download mode (Closes: 863635)
  * Show permission error if ProxyAutoDetect cmd can't be executed
    (Closes: 857885)
  * Avoid chdir in acquire clean with unlinkat (Closes: 860738)
  * ident a CD without changing directory
  * clean archives without changing directory
  * avoid changing directory in mirror method
  * warn if an expected file can't be acquired
  * show .diff/Index properly as ignored if we fallback
  * fail InRelease on non-404 HTTP errorcodes
  * deal with 3xx httpcodes as required by HTTP/1.1 spec
  * fail instead of warn on insecure repositories in apt-get
  * error in update on Release information changes
  * show a Release-Notes URI if infos were changed
  * allow frontends to override releaseinfo change behaviour
  * ask for releaseinfo change interactively in apt

 -- Julian Andres Klode <email address hidden>  Wed, 28 Jun 2017 19:52:24 +0200

Available diffs

Superseded in stretch-release on 2017-07-22
Superseded in sid-release on 2017-07-05
apt (1.4.6) unstable; urgency=medium

  * apt.systemd.daily: Do not pass -d to unattended-upgrade for the download
  job. This actually enables debugging. Instead check if unattended-upgrade
  supports an option --download-only (which is yet to be implemented) and use
  that (Closes: #863859)

 -- Julian Andres Klode <email address hidden>  Thu, 01 Jun 2017 10:50:26 +0200

Available diffs

Superseded in sid-release on 2017-06-01
apt (1.4.5) unstable; urgency=medium

  * Fix parsing of or groups in build-deps with ignored packages (LP: #1694697)

 -- Julian Andres Klode <email address hidden>  Wed, 31 May 2017 14:52:25 +0200

Available diffs

Superseded in stretch-release on 2017-06-03
Superseded in sid-release on 2017-05-31
apt (1.4.4) unstable; urgency=medium

  [ Alan Jenkins ]
  * apt.systemd.daily: fix error from locking code (Closes: #862567)

 -- Julian Andres Klode <email address hidden>  Tue, 16 May 2017 23:19:50 +0200

Available diffs

Superseded in sid-release on 2017-05-17
apt (1.4.3) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Do not try to (re)start timers outside 'apt' package (Closes: #862001)

  [ Miroslav Kure ]
  * Updated Czech translation of apt (Closes: #861943)

 -- Julian Andres Klode <email address hidden>  Thu, 11 May 2017 14:46:28 +0200

Available diffs

Superseded in sid-release on 2017-05-15
apt (1.4.2) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Run unattended-upgrade -d in download part
  * apt.systemd.daily: Add locking
  * Split apt-daily timer into two (LP: #1686470)

  [ Matt Kraai ]
  * bash-completion: Fix spelling of autoclean (Closes: #861846)

 -- Julian Andres Klode <email address hidden>  Thu, 04 May 2017 22:52:10 +0200
Superseded in stretch-release on 2017-05-27
Superseded in sid-release on 2017-05-05
apt (1.4.1) unstable; urgency=medium

  [ Julian Andres Klode ]
  * systemd: Rework timing and add After=network-online (LP: #1615482)
  * debian/rules: Actually invoke dh_clean in override_dh_clean

  [ Unit 193 ]
  * apt-ftparchive: Support '.ddeb' dbgsym packages

 -- Julian Andres Klode <email address hidden>  Mon, 24 Apr 2017 18:47:55 +0200

Available diffs

1.4
Superseded in stretch-release on 2017-04-27
Superseded in sid-release on 2017-04-28
apt (1.4) unstable; urgency=medium

  * The April Fools' Release

  [ Julian Andres Klode ]
  * Ignore \.ucf-[a-z]+$ like we do for \.dpkg-[a-z]+$
  * Fix mistake in CHANGEPATH comment example

  [ Chris Lamb ]
  * auto-removal: Ignore running kernel if attempting a reproducible build
    (Closes: #857632)

  [ Joe Dalton ]
  * Danish program translation update (Closes: #856723)

  [ David Kalnischkies ]
  * Fix and avoid quoting in CommandLine::AsString (LP: #1672710)
  * Ignore AutomaticRemove conffile option in upgrade (Closes: #855891)

 -- Julian Andres Klode <email address hidden>  Sat, 01 Apr 2017 21:39:37 +0200

Available diffs

Superseded in stretch-release on 2017-04-07
Superseded in sid-release on 2017-04-02
apt (1.4~rc2) unstable; urgency=medium

  [ David Kalnischkies ]
  * add Auto-Built-Package to tagfile-order
  * don't test with "too early for 32bit" years

  [ Julian Andres Klode ]
  * Do not lowercase package names representing .dsc/.deb/... files (Closes: #854794)
  * shippable: Perform CI on Debian stretch instead of Ubuntu xenial
  * Don't use -1 fd and AT_SYMLINK_NOFOLLOW for faccessat()
    Thanks to James Clarke for debugging these issues
  * CMake: Install statvfs.h to include/sys, not just include/
  * debian: Generate debian/copyright during clean

 -- Julian Andres Klode <email address hidden>  Wed, 22 Feb 2017 16:02:10 +0100
Superseded in stretch-release on 2017-02-28
Superseded in sid-release on 2017-02-22
apt (1.4~rc1) unstable; urgency=medium

  [ David Kalnischkies ]
  * don't show update stats if cache generation is disabled
  * don't lock dpkg in 'apt-get clean'
  * don't lock dpkg in update commands
  * avoid validate/delete/load race in cache generation
  * fix 'install --no-download' mode
  * remove 'old' FAILED files in the next acquire call (Closes: 846476)
  * stop rred from leaking debug messages on recovered errors (Closes: #850759)
  * make the moo reproducible.
    Thanks to Chris Lamb for initial patch and guru meditation (Closes: #848721)
  * update release mappings in documentation
  * avoid malloc if option whitelist is disabled (default)

  [ Julian Andres Klode ]
  * basehttp: Only read Content-Range on 416 and 206 responses (LP: #1657567)
  * test suite: Do not exit 0 in trap for QUIT
  * Only merge acquire items with the same meta key (Closes: #838441)

  [ Zhou Mo ]
  * po: update Simplified Chinese program translation

  [ Jean-Pierre Giraud ]
  * French manpages translation update (Closes: 852460)

  [ victory ]
  * Japanese manpages & program translation update

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #853761)
  * Dutch manpage translation update (Closes: #853762)

 -- Julian Andres Klode <email address hidden>  Mon, 06 Feb 2017 14:41:23 +0100
Superseded in stretch-release on 2017-02-12
Superseded in sid-release on 2017-02-06
apt (1.4~beta4) unstable; urgency=medium

  * Read dpkg tables to handle architecture wildcards.
    Thanks to James Clarke <email address hidden> for the initial patch
    (Closes: #748936)
  * https: Quote path in URL before passing it to curl (LP: #1651923)
  * Update symbols file for changes in 1.3.1, 1.4~beta{1,3,4}

 -- Julian Andres Klode <email address hidden>  Tue, 17 Jan 2017 15:18:27 +0100
Published in jessie-release on 2017-01-14
apt (1.0.9.8.4) jessie-security; urgency=high

  * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
    Thanks to Jann Horn, Google Project Zero for reporting the issue
    (LP: #1647467)

 -- Julian Andres Klode <email address hidden>  Thu, 08 Dec 2016 15:31:29 +0100
Superseded in stretch-release on 2017-01-28
Superseded in sid-release on 2017-01-19
apt (1.4~beta3) unstable; urgency=medium

  [ Lukasz Kawczynski ]
  * Honour Acquire::ForceIPv4/6 in the https transport

  [ David Kalnischkies ]
  * reword "Can't drop priv" warning message (Closes: #813786) (LP: #1522675)
  * let {dsc,tar,diff}-only implicitly enable download-only
  * remove needless fork() in apt-get source
  * default to --no-check for dpkg-source call (Closes: 724744)
  * warn if clearsigned file has ignored content parts
  * ensure generation of valid EDSP error stanzas
  * add --indep-only for build-dep command (Closes: #845775)
  * allow default build-essentials to be overridden
  * expand -f to --fix-broken in error messages.
    Thanks to Kristian Glass for initial patch! (Closes: #709092)
  * separating state variables regarding server/request (Closes: #440057)
  * fix minimum pkgs option for dpkg --recursive usage
  * allow warning generation for non-whitelisted options

  [ Oriol Debian ]
  * Catalan program translation update (Closes: #846514)

  [ Frans Spiesschaert ]
  * Dutch manpages translation update (Closes: #849235)

  [ Niels Thykier ]
  * ParseDepends: Support passing the desired architecture (Closes: #845969)

 -- Julian Andres Klode <email address hidden>  Thu, 05 Jan 2017 20:50:01 +0100

Available diffs

Superseded in stretch-release on 2017-01-16
Superseded in sid-release on 2017-01-06
apt (1.4~beta2) unstable; urgency=high

  [ John R. Lenton ]
  * bash-completion: Only complete understood file paths for install
    (LP: #1645815)

  [ Julian Andres Klode ]
  * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
    Thanks to Jann Horn, Google Project Zero for reporting the issue
    (LP: #1647467)
  * gpgv: Flush the files before checking for errors

 -- Julian Andres Klode <email address hidden>  Thu, 08 Dec 2016 15:21:16 +0100

Available diffs

Superseded in stretch-release on 2016-12-17
Superseded in sid-release on 2016-12-14
apt (1.4~beta1) unstable; urgency=medium

  [ Chris Leick ]
  * Updated German documentation translation
  * fix three typos in sources & manpages
  * German translation proof read by Helge Kreutzmann

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: #840552)
  * Dutch manpages translation update (Closes: #840757)

  [ David Kalnischkies ]
  * don't install new deps of candidates for kept back pkgs
  * keep Release.gpg on untrusted to trusted IMS-Hit (Closes: 838779)
  * fix testcase expecting incorrect remove log from dpkg
  * reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges (Closes: 842877)
  * show the conflicting distribution warning again (Closes: 841874)
  * rename Checksum-FileSize to Filesize in hashsum mismatch
  * improve SOCKS error messages for http slightly
  * support 'apt build-dep .' (aka: without /)
  * add TMP/TEMP/TEMPDIR to the TMPDIR DropPrivileges dance
  * http: skip connection cleanup if we close it anyhow
  * add hidden config to set packages as Essential/Important.
    Thanks to Anthony Towns for initial patch (Closes: 767891)
  * don't warn if untransformed distribution matches.
    Thanks to Lukas Anzinger for initial patch (Closes: 644610)
  * show distribution mismatch for changed codenames
  * react to trig-pend only if we have nothing else to do
  * correct cross & disappear progress detection
  * improve arch-unqualified dpkg-progress parsing
  * don't perform implicit crossgrades involving M-A:same
  * do not configure unconfigured to be removed packages
  * skip unconfigure for unconfigured to-be removed pkgs
  * report apt-key errors via status-fd messages (LP: #1522988)
  * add apt-key support for armored GPG key files (*.asc)
  * document which keyring formats are supported by apt-key (Closes: 844724)
  * get pdiff files from the same mirror as the index
  * follow the googletest merge in build-depends

  [ Michael Vogt ]
  * Do not (re)start "apt-daily.system"
    Thanks to Alexandre Detiste (Closes: #841763)

  [ Johannes Schauer ]
  * add support for Build-Depends/Conflicts-Arch (Closes: #837395)

  [ Edgar Fuß ]
  * http: clear content before reporting the failure (Closes: #465572)

  [ James Clarke ]
  * apt-ftparchive: Support NotAutomatic and ButAutomaticUpgrades fields
    (Closes: #272557)

  [ Julian Andres Klode ]
  * TagSection: Split AlphaIndexes into AlphaIndexes and BetaIndexes
  * TagSection: Extract Find() methods taking Pos instead of Key
  * Squashed 'triehash/' content from commit 16f59e1
  * TagSection: Introduce functions for looking up by key ids
  * debListParser: Convert to use pkgTagSection::Key-based lookup
  * Bump the cache major version for non-backportable changes
  * Introduce tolower_ascii_unsafe() and use it for hashing
  * Optimize VersionHash() to not need temporary copy of input
  * Compare size before data when ordering cache bucket entries
  * debListParser: Micro-optimize AvailableDescriptionLanguages()
  * Do not use MD5SumValue for Description_md5()
  * gpgv: Untrust SHA1, RIPE-MD/160, but allow downgrading to weak

  [ Paul Wise ]
  * show output as documented for APT::Periodic::Verbose 2 (Closes: 845599)

 -- Julian Andres Klode <email address hidden>  Fri, 25 Nov 2016 23:49:54 +0100
Superseded in stretch-release on 2016-12-01
Superseded in sid-release on 2016-11-26
apt (1.3.1) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Do not read stderr from proxy autodetection scripts
  * travis: Move codecov from after_success to after_script

  [ victory ]
  * Japanese manpages translation update

  [ Mert Dirik ]
  * Turkish program translation update (Closes: #838731)

 -- Julian Andres Klode <email address hidden>  Tue, 04 Oct 2016 19:43:35 +0200

Available diffs

1.3
Superseded in stretch-release on 2016-10-10
Superseded in sid-release on 2016-10-05
apt (1.3) unstable; urgency=medium

  [ David Kalnischkies ]
  * abort connection on '.' target replies in SRV
  * edsp: try 2 to read responses even if writing failed

  [ Julian Andres Klode ]
  * test: Always install dpkg into our tests, regardless of MA
  * CMake: Add coverage build type
  * Coverage: Do not print messages from gcov
  * VersionHash: Do not skip too long dependency lines

 -- Julian Andres Klode <email address hidden>  Tue, 20 Sep 2016 23:53:51 +0200

Available diffs

Superseded in stretch-release on 2016-09-26
Superseded in sid-release on 2016-09-21
apt (1.3~rc4) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Fix segfault and out-of-bounds read in Binary fields
  * TagFile: Fix off-by-one errors in comment stripping
  * Base256ToNum: Fix uninitialized value
  * test-apt-cdrom: Fix for gnupg 2.1.15
  * CMake: test/libapt: Use a prebuilt GTest library if available
  * CMake: apt-pkg: Use correct ICONV_INCLUDE_DIRS variable
  * acquire: Use priority queues and a 3 stage pipeline design
    => faster updates with better progress reporting
  * debian: Move bugscript to old location for overlayfs xdev issue
  * debian: Pass -O to make to get readable build logs

  [ David Kalnischkies ]
  * try not to call memcpy with length 0 in hash calculations
  * re-add apt breaks/replaces apt-utils (<< 1.3~exp2~) (Closes: #836220)
  * support long keyid and fingerprint in gpgv's GOODSIG

 -- Julian Andres Klode <email address hidden>  Fri, 02 Sep 2016 20:26:36 +0200
Superseded in sid-release on 2016-09-03
apt (1.3~rc3) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Ignore SIGINT and SIGQUIT for Pre-Install hooks
    This basically fixes Bug #832593, as long as your /bin/sh
    is not dash, as dash is evil.
  * prepare-release: Use equivs and gdebi-core for travis deps
  * install-progress: Call the real ::fork() in our fork() method
  * Packaging cleanup:
    - debian: Install etc/apt if present (e.g., on Ubuntu)
    - tests/control: Handle the gpg1/gpg2 mess a bit better
    - debian: Make better use of the tree installed by CMake
    - debian: Switch to debhelper 10
    - debian: Add more lintian overrides
    - debian: Drop outdated stuff
    - debian: Run wrap-and-sort
    - Add new symbols to symbols file
  * Build system fixes, including:
   - CMake: Translations: Don't rebuild .mo for line number changes
   - CMake: Translations: Pass --previous to msgmerge.
     Thanks to Guillem Jover for the suggestion.
   - CMake: Do not add po/ if USE_NLS is OFF
   - CMake: Install config and logging directories
   - CMake: Translations: Build byproduct before output
   - CMake: Add Large File Support (Closes: #834767)
  * Several portability fixes (full test suite passes on FreeBSD), including:
   - CMake: Discover docbook stylesheet in other locations
   - Add missing includes and external definitions
   - Use C locale instead of C.UTF-8 for protocol strings
   - Make directory paths configurable
   - Lower-case uname -r output in kernel autoremove helper
   - Make root group configurable via ROOT_GROUP
  * Accept --autoremove as alias for --auto-remove
  * apt-inst: debfile: Pass comp. Name to ExtractTar, not Binary
  * changelog: Respect Dir setting for local changelog getting
  * init: Add Dir::Bin::planners default entry
  * Switch documentation from httpredir.d.o to deb.d.o

  [ Zhou Mo ]
  * zh_CN.po: update simplified Chinese translation

  [ David Kalnischkies ]
  * do dpkg --configure before --remove/--purge --pending (Closes: 835094)
  * prevent C++ locale number formatting in text APIs (try 3) (LP: 1611010)
  * do fail on weakhash/loop earlier in acquire (Closes: 835195)
  * do not restore selections for already purged packages
  * apt-key: warn instead of fail on unreadable keyrings
  * show apt-key warnings in apt update (Closes: 834973)
  * treat .ddeb files like .deb, especially for dpkg (LP: #1616909)
  * randomize acquire order for same type index files
  * don't loop on pinning pkgs from absolute debs by regex (Closes: 835818)

 -- Julian Andres Klode <email address hidden>  Tue, 30 Aug 2016 22:20:28 +0200
Superseded in stretch-release on 2016-09-08
Superseded in sid-release on 2016-08-31
apt (1.3~rc2) unstable; urgency=medium

  [ Julian Andres Klode ]
  * debian/NEWS: Get rid of 1.3~pre3+cmake1 entry.
    Thanks to Axel Beckert for reporting
  * CMake: Use COPYONLY instead of @ONLY
  * fileutl: empty file support: Avoid fstat() on -1 fd and check result
  * Change anonscm.d.o links to /git/apt/apt.git and https

  [ David Kalnischkies ]
  * don't perform int<float in progress bar drawing
  * ensure a good clock() value for usage and tests
  * drop incorrect const attribute from DirectoryExists (LP: 1473674)
  * http(s): allow empty values for header fields (Closes: 834048)
  * don't sent Range requests if we know its not accepted
  * don't try pipelining if server closes connections (Closes: #832113)
  * log with the failed item description, not with next try
  * retry without same redirection mirror on 404 errors
  * support getting only-uncompressed files via by-hash
  * support compression and by-hash for .diff/Index files (Closes: #824926)
  * default to Dir=/ in dpkg/status file finding magic
  * add the gpg-classic variant to the gpgv/gnupg or-group
  * allow spaces in fingerprints for 'apt-key del'
  * add --with-source option and Packages/Sources support
  * don't count each Type as an individual deb822-sources stanza
  * methods: read config in most to least specific order (Closes: 834642)

 -- Julian Andres Klode <email address hidden>  Wed, 17 Aug 2016 23:31:07 +0200
Superseded in stretch-release on 2016-08-23
Superseded in sid-release on 2016-08-18
apt (1.3~rc1) unstable; urgency=medium

  * Summary: CMake branch merged, socks5h (and tor) support, and fancy
    installation ordering changes.

  [ Julian Andres Klode ]
  * Handle interrupt when running Pre-Install hooks (Closes: #832593)
  * CMake: po: Add mirror method
  * CMake: Translations: Add support for shell scripts
  * debian: make autopkgtest run with CMake build dir
  * CMake: Bump minimum required version to 3.4.0
  * CMake: Check for ptsname_r() again (Closes: #833674)
  * CMake: Rewrite existing Documentation support and add doxygen
  * apt-private: Do not include apti18n.h in headers
  * Get rid of the old buildsystem
  * Fix some indentation issues in README.md

  [ David Kalnischkies ]
  * pass --force-remove-essential to dpkg only if needed
  * use dpkg --unpack --recursive to avoid long cmdlines
  * save and restore selection states before/after calling dpkg
  * select remove/purge packages early on for dpkg
  * call dpkg with --no-triggers by default (Closes: #626599)
  * don't purge directly, but remove and do purge at the end
  * ensure all configures are reported to hook scripts
  * ensure all removes are reported to hook scripts
  * support all socks-proxy known to curl in https method
  * suggest transport-packages based on established namescheme
  * fail on unsupported http/https proxy settings (Closes: #623443)
  * detect redirection loops in acquire instead of workers
  * use the same redirection handling for http and https
  * implement generic config fallback for methods
  * implement socks5h proxy support for http method (Closes: 744934)
  * allow methods to be disabled and redirected via config
  * allow user@host (aka: no password) in URI parsing
  * try to avoid removal of crossgraded packages
  * simulate all package manager actions explicitly
  * disable explicit configuration of all packages at the end
  * block direct connections to .onion domains (RFC7687)
  * http: auto-configure for local Tor proxy if called as 'tor'

 -- Julian Andres Klode <email address hidden>  Thu, 11 Aug 2016 14:10:22 +0200

Available diffs

Deleted in experimental-release (Reason: None provided.)
apt (1.3~pre3+cmake2) experimental; urgency=medium

  * Build-depend on pkg-config

 -- Julian Andres Klode <email address hidden>  Sat, 06 Aug 2016 23:18:37 +0200
Superseded in stretch-release on 2016-08-23
Superseded in sid-release on 2017-02-22
apt (1.3~pre3) unstable; urgency=medium

  [ Julian Andres Klode ]
  * ExecGPGV: Fork in all cases
  * ExecGPGV: Pass current config state to apt-key via temp file (LP: #1607283)

  [ David Kalnischkies ]
  * tests: activate dpkg multi-arch even if test is single arch
  * ensure Cnf::FindFile doesn't return files below /dev/null
  * don't hardcode /var/lib/dpkg/status as dir::state::status
  * allow arch=all to override No-Support-for-Architecture-all
  * support "install ./foo.changes"
  * clean up default-stanzas from extended_states on write
  * report warnings&errors consistently in edit-sources
  * create non-existent files in edit-sources with 644 instead of 640
  * report progress for removing while purging pkgs
  * use a configurable location for apport report storage
  * report progress for triggered actions
  * call flush on the wrapped writebuffered FileFd
  * verify hash of input file in rred
  * use proper warning for automatic pipeline disable
  * http: skip requesting if pipeline is full
  * rred: truncate result file before writing to it (Closes: #831762)
  * eipp: avoid producing file warnings in simulation (Closes: 832614)
  * if the FileFd failed already following calls should fail, too
  * edsp: try to read responses even if writing failed
  * prevent C++ locale number formatting in text APIs (try 2) (Closes: 832044)
  * apt-key: kill gpg-agent explicitly in cleanup

  [ Mert Dirik ]
  * Turkish program translation update (Closes: 832039)

 -- Julian Andres Klode <email address hidden>  Thu, 04 Aug 2016 10:23:49 +0200
Superseded in stretch-release on 2016-08-10
Superseded in sid-release on 2016-08-05
apt (1.3~pre2) unstable; urgency=medium

  [ Andrew Patterson ]
  * Add kernels with "+" in the package name to APT::NeverAutoRemove
    (Closes: #830159)

  [ David Kalnischkies ]
  * add Testsuite-Triggers to tagfile-order
  * tests: fix external solver/planner directory setup

 -- Julian Andres Klode <email address hidden>  Fri, 08 Jul 2016 14:28:57 +0200

Available diffs

Superseded in sid-release on 2016-07-08
apt (1.3~pre1) unstable; urgency=medium

  Upload to unstable from the pub because Niels wanted it

  [ David Kalnischkies ]
  * show right binary name in simulation notice (Closes: 825216)
  * imbue datetime parsing with C.UTF-8 locale (Closes: 828011)
  * imbue .diff/Index parsing with C.UTF-8 as well
  * close server if parsing of header field failed
  * add myself to Uploaders
  * eipp: implement version 0.1 of the protocol
  * eipp: provide the internal planer as an external one
  * eipp: make no difference between remove & purge
  * eipp: properly handle arch-specific provides
  * eipp: implement Immediate-Configuration flag
  * eipp: add Allow-Temporary-Remove-of-Essentials
  * eipp: rename stanza 'Install' to 'Unpack'
  * eipp: enable xz-compressed scenario logging
  * if conf unset, don't read / as conf/pref/sources dir
  * don't do atomic overrides with failed files (Closes: 828908)
  * if reading of autobit state failed, let write fail
  * write auto-bits before calling dpkg & again after if needed
  * protect only the latest same-source providers from autoremove
  * reinstalling local deb file is no downgrade
  * do not treat same-version local debs as downgrade
  * alias apt-key list to finger (Closes: 829232)
  * warn if apt-key is used in scripts/its output parsed
  * deprecate 'apt-key update' and no-op it in Debian
  * use +0000 instead of UTC by default as timezone in output
  * avoid 416 response teardown binding to null pointer
  * report write errors in EDSP/EIPP properly back to caller
  * EIPP/EDSP log can't be written is a warning, not an error
  * don't change owner/perms/times through file:// symlinks
  * report all instead of first error up the acquire chain
  * keep trying with next if connection to a SRV host failed

  [ Zhou Mo ]
  * zh_CN.po: update simplified chinese translation

  [ Julian Andres Klode ]
  * methods/ftp: Cope with weird PASV responses.
    Thanks to Lukasz Stelmach for the initial patch (Closes: #420940)
  * Fix buffer overflow in debListParser::VersionHash() (Closes: #828812)
  * cache: Bump minor version to 6
  * indextargets: Check that cache could be built before using it
    (Closes: #829651)

  [ Nicolas Le Cam ]
  * Use the ConditionACPower feature of systemd in the apt-daily service
    (Closes: #827930)
  * Add a apt suggests powermgmt-base

 -- Julian Andres Klode <email address hidden>  Thu, 07 Jul 2016 20:25:18 +0200
Superseded in stretch-release on 2016-07-14
Superseded in sid-release on 2016-07-08
apt (1.2.14) unstable; urgency=medium

  [ Julian Andres Klode ]
  * New micro release (LP: #1595177)

  [ Petter Reinholdtsen ]
  * Norwegian Bokmål program translation update (Closes: 827067)

  [ David Kalnischkies ]
  * do not error if auto-detect-proxy cmd has no output (Closes: 827713)
  * source: if download is skipped, don't try to unpack
  * ensure filesize of deb is included in the hashes list

  [ Dominic Benson ]
  * Reinstate caching of file hashes in apt-ftparchive (Closes: #806924)

 -- Julian Andres Klode <email address hidden>  Wed, 22 Jun 2016 14:54:48 +0200
Deleted in experimental-release (Reason: None provided.)
apt (1.3~exp3) experimental; urgency=medium

  [ Petter Reinholdtsen ]
  * Norwegian Bokmål program translation update (Closes: 827067)

  [ David Kalnischkies ]
  * apt-key: don't search PATH if command is a path already
  * don't use FindFile for external Dir::Bin commands
  * http: don't hang on redirect with length + connection close
  * merge sources.list lines based on Release filename (Closes: 826944)
  * avoid std::get_time usage to sidestep libstdc++6 bug (LP: 1593583)
  * do not error if auto-detect-proxy cmd has no output (Closes: 827713)
  * implement and document DIRECT for auto-detect-proxy
  * run update post-invokes even on (partial) failures
  * handle weak-security repositories as unauthenticated (Closes: 827364)
  * generalize secure->insecure downgrade protection
  * forbid insecure repositories by default expect in apt-get (Closes: 808367)
  * source: if download is skipped, don't try to unpack
  * better error message for insufficient hashsums (Closes: 827758)
  * add [weak] tag to hash errors to indicate insufficiency
  * ensure filesize of deb is included in the hashes list
  * add insecure (and weak) allow-options for sources.list

  [ Dominic Benson ]
  * Reinstate caching of file hashes in apt-ftparchive (Closes: #806924)

  [ Zhou Mo ]
  * zh_CN.po: update simplified chinese translation

 -- Julian Andres Klode <email address hidden>  Wed, 22 Jun 2016 14:50:12 +0200
Superseded in stretch-release on 2016-06-28
Superseded in sid-release on 2016-06-23
apt (1.2.13) unstable; urgency=medium

  [ David Kalnischkies ]
  * fail instead of segfault on unreadable config files (Closes: 824503)
  * prevent C++ locale number formatting in text APIs (Closes: #825396)
  * apt-key: change to / before find to satisfy its CWD needs.
    Thanks to Samuel Thibault for 'finding' the culprit! (Closes: 826043)
  * do not hang on piped input in PipedFileFdPrivate
  * don't leak an FD in lz4 (de)compression
  * don't leak FD in AutoProxyDetect command return parsing

  [ Julian Andres Klode ]
  * Provide complete apt bash completion.
    Thanks to Elias Fröhner and Svyatoslav Gryaznov for the initial work
    (LP: #1573547)

  [ Zhou Mo ]
  * zh_TW.po: remove several fuzzy tags after review

  [ Yuri Kozlov ]
  * Russian program translation update (Closes: 824702)

  [ Takuma Yamada ]
  * Japanese program translation update (Closes: 826291)

 -- Julian Andres Klode <email address hidden>  Sat, 11 Jun 2016 17:28:25 +0200
Superseded in experimental-release on 2016-06-23
apt (1.3~exp2) experimental; urgency=medium

  [ Johannes 'josch' Schauer ]
  * edsp: document unique package identifiers

  [ David Kalnischkies ]
  * edsp: warn if unexpected stanzas appear in the solution
  * show globalerrors before asking for confirmation
  * show final solution in --no-download --fix-missing mode
  * document --no- as --show-upgraded is the default (Closes: 824456)
  * fail instead of segfault on unreadable config files (Closes: 824503)
  * convert EDSP to be based on FileFd instead of FILE*
  * edsp: dump: support dumping into compressed file
  * edsp: add Forbid-{New-Install,Remove} and Upgrade-All
  * update symbols file
  * no-change bump of Standards-Version to 3.9.8
  * override lintian on doxygens embedded-javascript-library
  * fix and document on the fly compressor config
  * prevent C++ locale number formatting in text APIs (Closes: #825396)
  * accept only the expected UTC timezones in date parsing (Closes: 819697)
  * avoid changing the global LC_TIME for Release writing
  * use de-localed std::put_time instead rolling our own
  * use std::locale::global instead of setlocale
  * look into the right textdomain for apt-utils again
  * try to detect sudo spawned root-shell in prefixing (Closes: 825742)
  * ignore std::locale exception on non-existent "" locale
  * apt-key: change to / before find to satisfy its CWD needs.
    Thanks to Samuel Thibault for 'finding' the culprit! (Closes: 826043)
  * edsp: use an ID mapping for the internal solver
  * edsp: use a stanza based interface for solution writing
  * edsp: optionally store a compressed copy of the last scenario
  * move 'dump' solver from apt-utils to apt package
  * edsp: if internal is used, keep this decision
  * edsp: if logging is requested, do it for internal, too
  * edsp: drop privileges before executing solvers
  * don't explicitly configure the last round of packages
  * drop Dpkg::MaxArgs in favor of Dpkg::MaxArgsBytes
  * do not hang on piped input in PipedFileFdPrivate
  * don't leak an FD in lz4 (de)compression
  * don't leak EDSP solver output fd
  * don't leak FD in AutoProxyDetect command return parsing

  [ Julian Andres Klode ]
  * Provide complete apt bash completion.
    Thanks to Elias Fröhner and Svyatoslav Gryaznov for the initial work
    (LP: #1573547)
  * apt.systemd.daily: Put opening brace of check_power on extra line
    (LP: #1581985)
  * Add conflicting Signed-By values to error message
  * Normalize Signed-By values by removing trailing commas everywhere
  * Pass -fvisibility-inlines-hidden to g++

  [ Zhou Mo ]
  * zh_CN.po: update simplified Chinese translation.

  [ Yuri Kozlov ]
  * Russian program translation update (Closes: 824702)

  [ Takuma Yamada ]
  * Japanese program translation update (Closes: 826291)

 -- Julian Andres Klode <email address hidden>  Sat, 11 Jun 2016 17:23:19 +0200

Available diffs

Superseded in stretch-release on 2016-06-17
Superseded in sid-release on 2016-06-12
apt (1.2.12) unstable; urgency=medium

  [ Patrick Cable ]
  * refactored no_proxy code to work regardless of where https proxy is set

  [ James McCoy ]
  * deb822: Restore support for <multivalue>-{Add,Remove}

  [ David Kalnischkies ]
  * don't show NO_PUBKEY warning if repo is signed by another key
    (Closes: 618445)
  * allow redirection for items without a space in the desc again
  * don't sent uninstallable rc-only versions via EDSP
  * respect user pinning in M-A:same version (un)screwing

  [ Julian Andres Klode ]
  * update: Run Post-Invoke-Success if not all sources failed
  * debian/gbp.conf: Set debian-branch to 1.2.y

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: 823976)

 -- Julian Andres Klode <email address hidden>  Wed, 11 May 2016 10:56:53 +0200

Available diffs

Superseded in experimental-release on 2016-06-13
apt (1.3~exp1) experimental; urgency=medium

  [ David Kalnischkies ]
  * make random acquire queues work less random
  * add dep11 files to default Release patterns
  * don't ask server if we have entire file in partial/
  * properly format multiline error messages
  * format multiline errors properly in acquire progress
  * show more details for "Hash Sum mismatch" errors
  * show more details for "Writing more data" errors, too
  * use the same redirection mirror for all index files
  * edsp: ask policy engine for the pin of the version directly
  * give rc-status packages a pin of -1
  * respect user pinning in M-A:same version (un)screwing
  * deprecate confusing Pkg.CandVersion() method
  * factor out Pkg/DepIterator prettyprinters into own header
  * gpgv: use EXPKEYSIG instead of KEYEXPIRED
  * gpgv: handle expired sig as worthless
  * don't show NO_PUBKEY warning if repo is signed by another key
    (Closes: 618445)
  * support multiple fingerprints in signed-by
  * support Signed-By in Release files as a sort of HPKP
  * bugscript: include all configuration fragment files (Closes: 820861)
  * move gnupg|gnupg2 from apt Depends to Recommends
  * warn if apt-key is run unconditionally in maintainerscript
  * remove 100-levels config nesting limit
  * let DPKG_COLORS default to our APT::Color setting
  * allow redirection for items without a space in the desc again
  * delay progress until Release files are downloaded
  * download arch:all also for NATIVE_ARCHITECTURE indextargets
  * implement Fallback-Of for IndexTargets
  * implement Identifier field for IndexTargets
  * gpgv: show always webportal error on NODATA (Closes: 823746)
  * don't sent uninstallable rc-only versions via EDSP
  * edsp: support generic and solver-specific configs (Closes: 823918)

  [ Julian Andres Klode ]
  * policy: Get rid of old (pre-1.1) GetCandidateVer algorithm
  * private-show: Get rid of old policy support code
  * ftparchive: Support writing Signed-By fields
  * Strip trailing commas for created signed-by fingerprint lists
  * update: Run Post-Invoke-Success if not all sources failed

  [ Patrick Cable ]
  * refactored no_proxy code to work regardless of where https proxy is set

  [ James McCoy ]
  * deb822: Restore support for <multivalue>-{Add,Remove}

  [ Zhou Mo ]
  * zh_TW.po: remove several fuzzy tags after review

  [ Adrian Wielgosik ]
  * Don't copy strings in Startswith, Endswith
  * Speed up GetLocalitySortedVersionSet.

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: 823976)

 -- Julian Andres Klode <email address hidden>  Wed, 11 May 2016 10:48:27 +0200

Available diffs

Superseded in stretch-release on 2016-05-17
Superseded in sid-release on 2016-05-13
apt (1.2.11) unstable; urgency=medium

  [ David Kalnischkies ]
  * ensure transaction states are changed only once
  * stop handling items in doomed transactions.
    Thanks to Barr Detwix & Vincent Lefevre for log files (Closes: 817240)
  * do not require non-broken systems in 'upgrade'
  * detect compressed status files on extension again
  * recheck Pre-Depends satisfaction in SmartConfigure (LP: #1569099)
  * fix Alt-Filename handling of file method
  * allow uncompressed files to be empty in store again
  * silently skip acquire of empty index files
  * ensure outdated files are dropped without lists-cleanup

  [ Kelemen Gábor ]
  * Hungarian program translation update (Closes: 820638)

 -- Julian Andres Klode <email address hidden>  Mon, 25 Apr 2016 15:23:49 +0200
175 of 292 results