-
apt-cacher (1.7.13+deb9u1) stretch; urgency=medium
* Backport fix for CVE-2017-7443: Prevent HTTP response splitting with
encoded newlines in request. (closes: #858739)
-- Mark Hindley <email address hidden> Mon, 24 Apr 2017 19:38:26 +0100
-
apt-cacher (1.7.13) unstable; urgency=medium
* Bump Standards Version to 3.9.8 (no changes).
* Use sigtrap pragma to install signal handlers.
* Correctly set namespace for Sources.xz files.
* Optimise parsing hashes from index files.
* Use CDS environment when verifying database.
* Use direct CDS lock for DB compact and verify.
* Add timestamp to DB log messages.
* Sync DB before verifying.
* When recovering CDS environment from apt-cacher-cleanup.pl, panic the
existing environment, if available.
* When recovering database environment, also verify the database file
and move it out of the way if corrupt.
* Only compact once for each call to db_compact().
* Deprecate FreezeThaw, warn if it is not installed but is required and
only suggest its installation.
* AppStream/DEP-11 support (closes: #821155).
* Add default Debian and Ubuntu appstream path map.
* Add Ubuntu release name yakkety (16.10).
* Support for APT requesting files by-hash (closes: #824530).
* Check all requests originating from apt-cacher-cleanup.pl for
freshness.
* Regenerate default config file.
-- Mark Hindley <email address hidden> Wed, 22 Jun 2016 10:01:16 +0100
-
apt-cacher (1.7.12) unstable; urgency=medium
* When parsing checksums from index files, assume different compressions
of the same file are identical and skip duplicates.
* Use Storable for serialization rather than FreezeThaw.
* Add Ubuntu 16.04 LTS codename xenial.
* apt-cacher-cleanup.pl improve memory efficiency by using DB_File BTree
for tied on disk hashes.
* When cleaning cache, don't check for Packages/Sources corresponding to
each diff_Index file if in offline mode.
* Bug in perl 5.22.1 IO::File->new_tmpfile returns an anonymous handle
with mode 0000. Workaround this (see #810924).
* Improve SHA1 parsing from diff_Index files. In particular now SHA256
is also appearing in some files.
* Set checksum database environment lock timeout to
$cfg->{request_timeout} seconds.
* Set checksum database compact lock timeout to 10µs.
* Only check for $? > 0 on return from red -s pipe. If the child has
been reaped already, close() sets $? to -1 which isn't a problem.
* Add caching support for xz compressed indices. Pdiff support requires
package libio-compress-lzma-perl (closes: #809431).
* Only run db_recover() if we hold the environment lock.
* Don't db_recover when installing. Just connect to the DB without
locking which calls failchk().
* Rework Range handling to be more robust. Byte ranges can go beyond
Content-Length [see RFC 7233] and can be zero.
* Don't remove dblock when recovering database environment.
* Set DB_PANIC_ENVIRONMENT if failchk() fails so that all threads using
environment are notified and exit.
-- Mark Hindley <email address hidden> Fri, 19 Feb 2016 17:26:47 +0000
-
apt-cacher (1.7.11) unstable; urgency=low
* Add Ubuntu codenames 15.04 (vivid) and 15.10 (wily).
* Fix apt-cacher-import.pl in copy mode so that a valid Content-Length
header is generated. Patch from Pip Cet (closes: #782126).
* Correctly detect and handle EOF in ssl_proxy() (closes: #785681).
* Upgrade Standards Version to 3.9.6. No changes.
* Create /var/run/apt-cacher in init script for CGI/inetd mode (closes:
786661).
* Verify existence (or create) /var/run/apt-cacher in
apt-cacher-cleanup.pl (closes: #760141).
* Automatically reap forked processes in apt-cacher-cleanup.pl.
-- Mark Hindley <email address hidden> Tue, 09 Jun 2015 09:28:35 +0100
-
apt-cacher (1.7.10) unstable; urgency=low
* Internally store http_proxy as URI object which can include
authorisation details.
* Remove http_proxy_auth from default config and update http_proxy
example to include authorisation.
* Support command line option like http_proxy= to unset value.
* Deprecate use_proxy and use_proxy_auth. Issue warnings if they are
set. Instead, just use http_proxy if it is configured.
* Add libcurl noproxy configuration example to manpage.
* In apt-cacher-cleanup.pl, use tied GDBM file for %svrhash to reduce
memory consumption.
* Add architectures powerpcspe, ppc64, sparc64 and x32 from
http://www.ports.debian.org and arm64
(https://wiki.debian.org/Arm64Port) to supported_archs (closes:
#753455).
* Protect embedded "\r\n\r\n" sequences from being chomp()ed by the
reading process (closes: #755184).
* In apt-cacher-cleanup.pl, if the header file has disappeared, try once
to download it.
* Alphabetise man page options.
* Always escape hyphens in manpage.
* Remove spurious \: in manpage URL.
* Man page formatting fixes
* Document behaviour if daemon_addr is unset.
-- Mark Hindley <email address hidden> Tue, 26 Aug 2014 11:09:33 +0100
