Change log for apt package in Ubuntu

175 of 389 results
Published in yakkety-proposed on 2016-07-28
apt (1.3~pre2ubuntu3) yakkety; urgency=medium

  * Cherry-pick the following commits from my branch:
    - Unlink the correct temp files when some cannot be created
    - gpgv: Pass the current configuration settings to apt-key
   (LP: #1607283)

 -- Julian Andres Klode <email address hidden>  Thu, 28 Jul 2016 11:19:45 +0000
Superseded in yakkety-proposed on 2016-07-28
apt (1.3~pre2ubuntu2) yakkety; urgency=medium

  * Cherry-pick the following fix by David from git to hopefully finally
    fix the autopkgtest failure:
    - tests: activate dpkg multi-arch even if test is single arch

 -- Julian Andres Klode <email address hidden>  Fri, 15 Jul 2016 23:15:47 +0200
Superseded in yakkety-proposed on 2016-07-15
apt (1.3~pre2ubuntu1) yakkety; urgency=medium

  * Use native arch in test-external-installation-planner-protocol

 -- Julian Andres Klode <email address hidden>  Fri, 15 Jul 2016 12:28:44 +0000
Superseded in yakkety-proposed on 2016-07-15
apt (1.3~pre2) unstable; urgency=medium

  [ Andrew Patterson ]
  * Add kernels with "+" in the package name to APT::NeverAutoRemove
    (Closes: #830159)

  [ David Kalnischkies ]
  * add Testsuite-Triggers to tagfile-order
  * tests: fix external solver/planner directory setup

 -- Julian Andres Klode <email address hidden>  Fri, 08 Jul 2016 14:28:57 +0200

Available diffs

Superseded in yakkety-proposed on 2016-07-08
apt (1.3~pre1) unstable; urgency=medium

  Upload to unstable from the pub because Niels wanted it

  [ David Kalnischkies ]
  * show right binary name in simulation notice (Closes: 825216)
  * imbue datetime parsing with C.UTF-8 locale (Closes: 828011)
  * imbue .diff/Index parsing with C.UTF-8 as well
  * close server if parsing of header field failed
  * add myself to Uploaders
  * eipp: implement version 0.1 of the protocol
  * eipp: provide the internal planer as an external one
  * eipp: make no difference between remove & purge
  * eipp: properly handle arch-specific provides
  * eipp: implement Immediate-Configuration flag
  * eipp: add Allow-Temporary-Remove-of-Essentials
  * eipp: rename stanza 'Install' to 'Unpack'
  * eipp: enable xz-compressed scenario logging
  * if conf unset, don't read / as conf/pref/sources dir
  * don't do atomic overrides with failed files (Closes: 828908)
  * if reading of autobit state failed, let write fail
  * write auto-bits before calling dpkg & again after if needed
  * protect only the latest same-source providers from autoremove
  * reinstalling local deb file is no downgrade
  * do not treat same-version local debs as downgrade
  * alias apt-key list to finger (Closes: 829232)
  * warn if apt-key is used in scripts/its output parsed
  * deprecate 'apt-key update' and no-op it in Debian
  * use +0000 instead of UTC by default as timezone in output
  * avoid 416 response teardown binding to null pointer
  * report write errors in EDSP/EIPP properly back to caller
  * EIPP/EDSP log can't be written is a warning, not an error
  * don't change owner/perms/times through file:// symlinks
  * report all instead of first error up the acquire chain
  * keep trying with next if connection to a SRV host failed

  [ Zhou Mo ]
  * zh_CN.po: update simplified chinese translation

  [ Julian Andres Klode ]
  * methods/ftp: Cope with weird PASV responses.
    Thanks to Lukasz Stelmach for the initial patch (Closes: #420940)
  * Fix buffer overflow in debListParser::VersionHash() (Closes: #828812)
  * cache: Bump minor version to 6
  * indextargets: Check that cache could be built before using it
    (Closes: #829651)

  [ Nicolas Le Cam ]
  * Use the ConditionACPower feature of systemd in the apt-daily service
    (Closes: #827930)
  * Add a apt suggests powermgmt-base

 -- Julian Andres Klode <email address hidden>  Thu, 07 Jul 2016 20:25:18 +0200
Superseded in yakkety-proposed on 2016-07-08
apt (1.3~exp2ubuntu1) yakkety; urgency=medium

  * Revert use of std::get_time, since a bug in libstdc++6 (upstream bug
    #71556) means that apt fails to parse some date fields correctly. (LP:
    #1593583)

 -- Iain Lane <email address hidden>  Fri, 17 Jun 2016 11:38:06 +0100
Superseded in yakkety-proposed on 2016-06-17
apt (1.3~exp2) experimental; urgency=medium

  [ Johannes 'josch' Schauer ]
  * edsp: document unique package identifiers

  [ David Kalnischkies ]
  * edsp: warn if unexpected stanzas appear in the solution
  * show globalerrors before asking for confirmation
  * show final solution in --no-download --fix-missing mode
  * document --no- as --show-upgraded is the default (Closes: 824456)
  * fail instead of segfault on unreadable config files (Closes: 824503)
  * convert EDSP to be based on FileFd instead of FILE*
  * edsp: dump: support dumping into compressed file
  * edsp: add Forbid-{New-Install,Remove} and Upgrade-All
  * update symbols file
  * no-change bump of Standards-Version to 3.9.8
  * override lintian on doxygens embedded-javascript-library
  * fix and document on the fly compressor config
  * prevent C++ locale number formatting in text APIs (Closes: #825396)
  * accept only the expected UTC timezones in date parsing (Closes: 819697)
  * avoid changing the global LC_TIME for Release writing
  * use de-localed std::put_time instead rolling our own
  * use std::locale::global instead of setlocale
  * look into the right textdomain for apt-utils again
  * try to detect sudo spawned root-shell in prefixing (Closes: 825742)
  * ignore std::locale exception on non-existent "" locale
  * apt-key: change to / before find to satisfy its CWD needs.
    Thanks to Samuel Thibault for 'finding' the culprit! (Closes: 826043)
  * edsp: use an ID mapping for the internal solver
  * edsp: use a stanza based interface for solution writing
  * edsp: optionally store a compressed copy of the last scenario
  * move 'dump' solver from apt-utils to apt package
  * edsp: if internal is used, keep this decision
  * edsp: if logging is requested, do it for internal, too
  * edsp: drop privileges before executing solvers
  * don't explicitly configure the last round of packages
  * drop Dpkg::MaxArgs in favor of Dpkg::MaxArgsBytes
  * do not hang on piped input in PipedFileFdPrivate
  * don't leak an FD in lz4 (de)compression
  * don't leak EDSP solver output fd
  * don't leak FD in AutoProxyDetect command return parsing

  [ Julian Andres Klode ]
  * Provide complete apt bash completion.
    Thanks to Elias Fröhner and Svyatoslav Gryaznov for the initial work
    (LP: #1573547)
  * apt.systemd.daily: Put opening brace of check_power on extra line
    (LP: #1581985)
  * Add conflicting Signed-By values to error message
  * Normalize Signed-By values by removing trailing commas everywhere
  * Pass -fvisibility-inlines-hidden to g++

  [ Zhou Mo ]
  * zh_CN.po: update simplified Chinese translation.

  [ Yuri Kozlov ]
  * Russian program translation update (Closes: 824702)

  [ Takuma Yamada ]
  * Japanese program translation update (Closes: 826291)

 -- Julian Andres Klode <email address hidden>  Sat, 11 Jun 2016 17:23:19 +0200

Available diffs

Published in wily-updates on 2016-06-01
Deleted in wily-proposed (Reason: moved to -updates)
apt (1.0.10.2ubuntu3) wily; urgency=medium

  * When using the https transport mechanism, $no_proxy is ignored if apt is
    getting it's proxy information from $https_proxy (as opposed to
    Acquire::https::Proxy somewhere in apt config). If the source of proxy
    information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
    then $no_proxy is honored. This patch makes the behavior similar for
    both methods of setting the proxy. (LP: #1575877)

 -- Patrick Cable <email address hidden>  Wed, 18 May 2016 08:09:20 -0700

Available diffs

Published in precise-updates on 2016-05-24
Deleted in precise-proposed (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.27) precise; urgency=low

  * When using the https transport mechanism, $no_proxy is ignored if apt is
    getting it's proxy information from $https_proxy (as opposed to
    Acquire::https::Proxy somewhere in apt config). If the source of proxy
    information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
    then $no_proxy is honored. This patch makes the behavior similar for
    both methods of setting the proxy. (LP: #1575877)

 -- Patrick Cable <email address hidden>  Tue, 17 May 2016 13:49:45 -0700
Published in trusty-updates on 2016-05-24
Deleted in trusty-proposed (Reason: moved to -updates)
apt (1.0.1ubuntu2.14) trusty; urgency=medium

  * When using the https transport mechanism, $no_proxy is ignored if apt is
    getting it's proxy information from $https_proxy (as opposed to
    Acquire::https::Proxy somewhere in apt config). If the source of proxy
    information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
    then $no_proxy is honored. This patch makes the behavior similar for
    both methods of setting the proxy. (LP: #1575877)

 -- Patrick Cable <email address hidden>  Tue, 17 May 2016 13:45:06 -0700

Available diffs

Published in xenial-updates on 2016-06-01
Deleted in xenial-proposed (Reason: moved to -updates)
apt (1.2.12~ubuntu16.04.1) xenial; urgency=medium

  * Upload 1.2.12 micro-release to Xenial (LP: #1538438, #1580952)

Superseded in yakkety-release on 2016-05-13
Deleted in yakkety-proposed on 2016-05-14 (Reason: moved to release)
apt (1.2.12) unstable; urgency=medium

  [ Patrick Cable ]
  * refactored no_proxy code to work regardless of where https proxy is set

  [ James McCoy ]
  * deb822: Restore support for <multivalue>-{Add,Remove}

  [ David Kalnischkies ]
  * don't show NO_PUBKEY warning if repo is signed by another key
    (Closes: 618445)
  * allow redirection for items without a space in the desc again
  * don't sent uninstallable rc-only versions via EDSP
  * respect user pinning in M-A:same version (un)screwing

  [ Julian Andres Klode ]
  * update: Run Post-Invoke-Success if not all sources failed
  * debian/gbp.conf: Set debian-branch to 1.2.y

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: 823976)

 -- Julian Andres Klode <email address hidden>  Wed, 11 May 2016 10:56:53 +0200

Available diffs

Published in yakkety-release on 2016-05-13
Deleted in yakkety-proposed (Reason: moved to release)
apt (1.3~exp1) experimental; urgency=medium

  [ David Kalnischkies ]
  * make random acquire queues work less random
  * add dep11 files to default Release patterns
  * don't ask server if we have entire file in partial/
  * properly format multiline error messages
  * format multiline errors properly in acquire progress
  * show more details for "Hash Sum mismatch" errors
  * show more details for "Writing more data" errors, too
  * use the same redirection mirror for all index files
  * edsp: ask policy engine for the pin of the version directly
  * give rc-status packages a pin of -1
  * respect user pinning in M-A:same version (un)screwing
  * deprecate confusing Pkg.CandVersion() method
  * factor out Pkg/DepIterator prettyprinters into own header
  * gpgv: use EXPKEYSIG instead of KEYEXPIRED
  * gpgv: handle expired sig as worthless
  * don't show NO_PUBKEY warning if repo is signed by another key
    (Closes: 618445)
  * support multiple fingerprints in signed-by
  * support Signed-By in Release files as a sort of HPKP
  * bugscript: include all configuration fragment files (Closes: 820861)
  * move gnupg|gnupg2 from apt Depends to Recommends
  * warn if apt-key is run unconditionally in maintainerscript
  * remove 100-levels config nesting limit
  * let DPKG_COLORS default to our APT::Color setting
  * allow redirection for items without a space in the desc again
  * delay progress until Release files are downloaded
  * download arch:all also for NATIVE_ARCHITECTURE indextargets
  * implement Fallback-Of for IndexTargets
  * implement Identifier field for IndexTargets
  * gpgv: show always webportal error on NODATA (Closes: 823746)
  * don't sent uninstallable rc-only versions via EDSP
  * edsp: support generic and solver-specific configs (Closes: 823918)

  [ Julian Andres Klode ]
  * policy: Get rid of old (pre-1.1) GetCandidateVer algorithm
  * private-show: Get rid of old policy support code
  * ftparchive: Support writing Signed-By fields
  * Strip trailing commas for created signed-by fingerprint lists
  * update: Run Post-Invoke-Success if not all sources failed

  [ Patrick Cable ]
  * refactored no_proxy code to work regardless of where https proxy is set

  [ James McCoy ]
  * deb822: Restore support for <multivalue>-{Add,Remove}

  [ Zhou Mo ]
  * zh_TW.po: remove several fuzzy tags after review

  [ Adrian Wielgosik ]
  * Don't copy strings in Startswith, Endswith
  * Speed up GetLocalitySortedVersionSet.

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: 823976)

 -- Julian Andres Klode <email address hidden>  Wed, 11 May 2016 10:48:27 +0200

Available diffs

Superseded in yakkety-release on 2016-05-12
Deleted in yakkety-proposed on 2016-05-13 (Reason: moved to release)
apt (1.2.11) unstable; urgency=medium

  [ David Kalnischkies ]
  * ensure transaction states are changed only once
  * stop handling items in doomed transactions.
    Thanks to Barr Detwix & Vincent Lefevre for log files (Closes: 817240)
  * do not require non-broken systems in 'upgrade'
  * detect compressed status files on extension again
  * recheck Pre-Depends satisfaction in SmartConfigure (LP: #1569099)
  * fix Alt-Filename handling of file method
  * allow uncompressed files to be empty in store again
  * silently skip acquire of empty index files
  * ensure outdated files are dropped without lists-cleanup

  [ Kelemen Gábor ]
  * Hungarian program translation update (Closes: 820638)

 -- Julian Andres Klode <email address hidden>  Mon, 25 Apr 2016 15:23:49 +0200
Published in wily-security on 2016-04-27
Superseded in wily-updates on 2016-06-01
Deleted in wily-proposed (Reason: moved to -updates)
apt (1.0.10.2ubuntu2) wily-proposed; urgency=medium

  * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
    Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
    systemd, util-linux, and other packages with Pre-Depends. Many thanks to
    David Kalnischkies for figuring out the patch and Winfried PLappert for
    testing! Patch taken from Debian git. (LP: #1560797)

 -- Martin Pitt <email address hidden>  Tue, 19 Apr 2016 12:36:25 +0200

Available diffs

Published in trusty-security on 2016-04-27
Superseded in trusty-updates on 2016-05-24
Deleted in trusty-proposed (Reason: moved to -updates)
apt (1.0.1ubuntu2.13) trusty; urgency=medium

  * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
    Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
    systemd, util-linux, and other packages with Pre-Depends. Many thanks to
    David Kalnischkies for figuring out the patch and Winfried PLappert for
    testing! Patch taken from Debian git. (LP: #1560797)

 -- Martin Pitt <email address hidden>  Tue, 19 Apr 2016 12:32:43 +0200
Superseded in yakkety-release on 2016-04-29
Published in xenial-release on 2016-04-14
Deleted in xenial-proposed (Reason: moved to release)
apt (1.2.10ubuntu1) xenial; urgency=medium

  * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured
    Pre-Depends (which dpkg later fails on). Fixes upgrade failures of
    systemd, util-linux, and other packages with Pre-Depends. Many thanks to
    David Kalnischkies for figuring out the patch and Winfried PLappert for
    testing! Patch taken from Debian git. (LP: #1560797)

 -- Martin Pitt <email address hidden>  Thu, 14 Apr 2016 09:05:29 +0200

Available diffs

Superseded in xenial-release on 2016-04-14
Deleted in xenial-proposed on 2016-04-15 (Reason: moved to release)
apt (1.2.10) unstable; urgency=medium

  [ Zhou Mo ]
  * zh_CN.po: update simplified Chinese translation. (100%)

  [ Julian Andres Klode ]
  * test-apt-download-progress: Use a larger file for testing
  * Allow lowering trust level of a hash via config

  [ Michael Vogt ]
  * Use systemd.timer instead of a cron job (Closes: #600262, #709675, #663290)
    (LP: #246381, #727685)

  [ David Kalnischkies ]
  * use buffered writing for InRelease splitting

  [ Takuma Yamada ]
  * Japanese program translation update (Closes: 819938)

 -- Michael Vogt <email address hidden>  Tue, 05 Apr 2016 20:23:47 +0200

Available diffs

Superseded in xenial-release on 2016-04-06
Deleted in xenial-proposed on 2016-04-07 (Reason: moved to release)
apt (1.2.9) unstable; urgency=high

  [ David Kalnischkies ]
  * drop confusing comma from no strong hash message

  [ Julian Andres Klode ]
  * Do not mark packages for keep that we want to remove (LP: #1562402)
    (This fixes some upgrades involving renames where the old package
     is removed)

 -- Julian Andres Klode <email address hidden>  Sun, 27 Mar 2016 01:26:51 +0100

Available diffs

Superseded in xenial-release on 2016-03-27
Deleted in xenial-proposed on 2016-03-29 (Reason: moved to release)
apt (1.2.8) unstable; urgency=medium

  [ Michael Vogt ]
  * Get accurate progress reporting in apt update again

  [ Julian Andres Klode ]
  * Report non-transient errors as errors, not as warnings
  * methods/gpgv: Rewrite error handling and message.
    Thanks to Ron Lee for wording suggestions
  * Use descriptive URIs in 104 Warning messages
  * cachefile: Only set members that were initialized successfully
    (Closes: #818628)
  * Update symbols file

  [ David Kalnischkies ]
  * do not strip epochs from state version strings (Closes: 818162)
  * properly check for "all good sigs are weak" (Closes: 818910)
  * handle gpgv's weak-digests ERRSIG

  [ Zhou Mo ]
  * zh_CN.po: update simplified Chinese translation. (Closes: #818639)

  [ Takuma Yamada ]
  * Japanese manpage translation update (Closes: 818950)

 -- Julian Andres Klode <email address hidden>  Thu, 24 Mar 2016 19:31:24 +0100

Available diffs

Superseded in xenial-release on 2016-03-27
Deleted in xenial-proposed on 2016-03-28 (Reason: moved to release)
apt (1.2.7) unstable; urgency=medium

  "Caesar is dead"

  [ Frans Spiesschaert ]
  * Dutch program translation update (Closes: 817060)
  * Dutch manpages translation update (Closes: 817062)

  [ Julian Andres Klode ]
  * Use native architecture instead of amd64 for build-dep-purge test
  * Do not consider SHA1 usable
  * Test that SHA1-only .diff/Index files are not used
  * test: Use SHA512 digests for GPG, reject SHA1-based signatures
  * methods/gpgv: Reject weak digest algorithms
  * apt-pkg/acquire-worker.cc: Introduce 104 Warning message
  * methods/gpgv: Warn about SHA1 (and RIPEMD-160)

  [ David Kalnischkies ]
  * require $(HASH)-Download field in .diff/Index files
  * flush line-clearing on progress stop before post-invoke (Closes: 793672)
  * enforce verify of filesize in 'apt-get source'

  [ Manuel "Venturi" Porras Peralta ]
  * Spanish apt-mark translation fix (Closes: 817999)

  [ Zhou Mo ]
  * zh_CN.po: fix translation bug. (Closes: #818177)

  [ Michael Vogt ]
  * Fix bug where the problemresolve can put a pkg into a heisenstate
    (LP: #1550741)

 -- Julian Andres Klode <email address hidden>  Tue, 15 Mar 2016 19:20:18 +0100

Available diffs

Superseded in xenial-release on 2016-03-17
Deleted in xenial-proposed on 2016-03-18 (Reason: moved to release)
apt (1.2.6) unstable; urgency=high

  [ Veres Lajos ]
  * Fix several typos

  [ Julian Andres Klode ]
  * apt-pkg/algorithms.cc: Avoid stack buffer overflow in KillList
    (Closes: #701069)
  * urgency=high because this fixes a stack overflow and the last
    upload fixed several segfaults and has not migrated yet either.

 -- Julian Andres Klode <email address hidden>  Mon, 07 Mar 2016 19:49:38 +0100

Available diffs

Superseded in xenial-proposed on 2016-03-08
apt (1.2.5) unstable; urgency=medium

  [ Daniel Kahn Gillmor ]
  * apt-key del should correctly handle keyids prefixed with 0x

  [ David Kalnischkies ]
  * support APT::Get::Build-Dep-Automatic again in build-dep
  * add test for apt-key 0xKEY and use parameter expansion.
    Thanks to James McCoy for the suggestion. (Closes: 816691)
  * do not move not-failed pdiff-patches into CWD on failure (Closes: #816837)
  * get group again after potential remap in Source: parse.
    Thanks to Francesco Poli and Marc Haber for testdata. (Closes: 812251)

  [ Colin Watson ]
  * Fix lzma write support to handle "try again" case (Closes: #751688)

  [ Julian Andres Klode ]
  * Prevent double remapping of iterators and string views
  * debian/control: Set Standards-Version to 3.9.7

 -- Julian Andres Klode <email address hidden>  Sun, 06 Mar 2016 19:47:45 +0100

Available diffs

Superseded in trusty-updates on 2016-04-20
Deleted in trusty-proposed on 2016-04-21 (Reason: moved to -updates)
apt (1.0.1ubuntu2.12) trusty; urgency=medium

  [ Colin Watson ]
  * Fix lzma write support to handle "try again" case (closes: #751688,
    LP: #1553770).

  [ David Kalnischkies ]
  * Handle moved mmap after UniqFindTagWrite call (closes: #753941,
    LP: #1445436).

 -- Colin Watson <email address hidden>  Sun, 06 Mar 2016 19:01:04 +0000
Superseded in xenial-release on 2016-03-14
Deleted in xenial-proposed on 2016-03-15 (Reason: moved to release)
apt (1.2.4) unstable; urgency=medium

  [ David Kalnischkies ]
  * use local changelog from /usr/share/doc if possible
  * always download changelogs into /tmp first
  * pass versioned provides to external solvers in EDSP

  [ Julian Andres Klode ]
  * Fix maintscript to properly remove 20changelog (Closes: #814754)
  * Fix crash with empty architecture list (LP: #1549819)
  * Add missing numeric includes in files using std::accumulate()

 -- Julian Andres Klode <email address hidden>  Sat, 27 Feb 2016 14:02:47 +0100

Available diffs

Superseded in xenial-release on 2016-03-01
Deleted in xenial-proposed on 2016-03-02 (Reason: moved to release)
apt (1.2.3) unstable; urgency=high

  [ Julian Andres Klode ]
  * Set seekpos to 0 after reopening files in Seek() (Closes: #812994, #813000)

  [ David Kalnischkies ]
  * get dpkg lock in build-dep if cache was invalid again (Closes: 814139)

 -- Julian Andres Klode <email address hidden>  Wed, 10 Feb 2016 18:02:20 +0100

Available diffs

Superseded in xenial-proposed on 2016-02-10
apt (1.2.2) unstable; urgency=medium

  [ David Kalnischkies ]
  * always create pkg at the time pkg:arch is created
  * reimplement build-dep via apts normal resolver
    (Closes: #137560, #444930, #489911, #583914, #728317, #812173)
  * parse version correctly from binary Source field (Closes: 812492)
  * get sources for packages in multiple releases again (Closes: 812497)
  * only warn about missing/invalid Date field for now (Closes: 809329)
  * support <libc>-<kernel>-<cpu> in architecture specs.
    Thanks to Bálint Réczey for initial patch (Closes: #812212)
  * avoid building dependency tree in 'source' command

  [ Stefan Bühler ]
  * fix "Mismatched free() / delete / delete []" in simple_buffer

  [ Julian Andres Klode ]
  * Do not buffer writes larger than the buffer if possible
  * Drop the g++ build-dep, transition is done
  * NEWS: Prefix the keep deb option with Binary::apt:: (Closes: #812111)
  * rred: If there were I/O errors, fail
  * Correctly report write errors when flushing buffered writer
  * test: Fix apt-key tests to work with current gpg 2.1

  [ Manuel "Venturi" Porras Peralta ]
  * Spanish program translation update (Closes: 813467)

  [ Adrian Wielgosik ]
  * Try avoiding loading long package description
  * Avoid temporary strings in SubstVar.

  [ Fredrik Fornwall ]
  * edspsystem.cc: include <stdlib.h> for mkdtemp (Closes: #807367)

 -- Julian Andres Klode <email address hidden>  Thu, 04 Feb 2016 22:50:43 +0100

Available diffs

Superseded in xenial-proposed on 2016-02-05
apt (1.2.1) unstable; urgency=high

  [ Zhou Mo ]
  * po: update zh_CN programs translation

  [ Julian Andres Klode ]
  * Remap StringView instances pointing into the cache (Closes: #812251)

  [ Michael Vogt ]
  * Log calling SUDO_USER or PKEXEC_UID in history.log.
    Thanks to Thomas Reusch

 -- Julian Andres Klode <email address hidden>  Mon, 25 Jan 2016 18:03:50 +0100

Available diffs

1.2
Superseded in xenial-proposed on 2016-01-25
apt (1.2) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Do not break apt-file (<< 3.0~exp1~), 2.X works fine
  * Version the build-depends on liblz4-dev to >= 0.0~r126
  * search: Handle packages without description (Closes: #810622)
  * Only enable pipelining if server is HTTP/1.1 (Closes: #810796)

  [ Mattia Rizzolo ]
  * Sort the list of sources to be built and linked (Closes: #810509)

  [ Michael Vogt ]
  * Do not show multiple identical apt-cache showsrc entries (Closes: #734922)

  [ David Kalnischkies ]
  * evaluate sourceslist-list-format entity in vendors sources.list.
    Thanks to Niels Thykier for reporting on IRC
  * update symbols file
  * fix M-A:foreign provides creation for unknown archs
  * revert file-hash based action-merging in acquire (Closes: 810046)
  * return correct position in APT::StringView::(r)find

  [ Zhou Mo ]
  * po: update simplified chinese programs translation

 -- Julian Andres Klode <email address hidden>  Fri, 15 Jan 2016 19:52:19 +0100

Available diffs

Superseded in trusty-updates on 2016-04-06
Deleted in trusty-proposed on 2016-04-07 (Reason: moved to -updates)
apt (1.0.1ubuntu2.11) trusty; urgency=medium

  * apt-pkg/packagemanager.cc:
    - fix incorrect configure ordering in the SmartConfigure step by skipping
      packages that do not need immediate action. (LP: #1347721, #1497688)

 -- Brian Murray <email address hidden>  Fri, 08 Jan 2016 16:09:22 -0800
Superseded in xenial-release on 2016-02-17
Deleted in xenial-proposed on 2016-02-18 (Reason: moved to release)
apt (1.1.10) unstable; urgency=medium

  [ David Kalnischkies ]
  * deal with empty values properly in deb822 parser (Closes: 808102)

  [ Beatrice Torracca ]
  * fix 3 typos/omissions in apt.conf(5) (Closes: 809160)

  [ Julian Andres Klode ]
  * BufferedWriter: flushing: Check for written < size instead of <=
  * aptconfiguration: Set default compression level to 6
  * BufferedFileFdPrivate: Make InternalFlush() save against errors
  * Switch to DJB hashing and use prime number as table size
  * Turn tolower_ascii() and isspace_ascii() into inline functions
  * Fix test case that was broken by switch of hash function
  * pkgTagSection::Scan: Fix read of uninitialized value
  * pkgCacheGenerator: Allow passing down an already created cache
  * Add support for calculating hashes over the entire cache
  * Do not sync the cache file

 -- Julian Andres Klode <email address hidden>  Wed, 30 Dec 2015 00:40:53 +0100

Available diffs

Superseded in xenial-proposed on 2015-12-30
apt (1.1.9) unstable; urgency=medium

  Highlights: buffered rred writes and slightly faster cache generation (~10%)

  [ Julian Andres Klode ]
  * Introduce isspace_ascii() for use by parsers
  * Convert most callers of isspace() to isspace_ascii()
  * pkgcachegen: Use std::unordered_map instead of std::map
  * debListParser: ParseDepends: Only query native arch if needed
  * debListParser: Do not validate Description-md5 for correctness twice
  * ParseDepends: Mark branches for build-dep parsing as unlikely
  * rred: Only call pkgInitConfig() in test mode
  * FileFdPrivate: Add getter and setter for fields
  * FildFd: Introduce a Flush() function and call it from Close()
  * FileFd: Add a buffered writing mode
  * rred: Use buffered writes
  * pkgcachegen.h: Hack around unordered_map not existing before C++11
  * doc/acquire-additional-files.txt: Mention apt-helper cat-file

  [ Niels Thykier ]
  * Hex2Digit: Do not use isxdigit()

  [ David Kalnischkies ]
  * allow repositories to forbid arch:all for specific index targets

 -- Julian Andres Klode <email address hidden>  Sun, 27 Dec 2015 19:16:36 +0100

Available diffs

Superseded in xenial-proposed on 2015-12-27
apt (1.1.8) unstable; urgency=medium

  * apt-helper: Add a cat-file command for concatening files
  * Change InternalReadLine to always use buffer.read() return value

 -- Julian Andres Klode <email address hidden>  Sat, 26 Dec 2015 23:23:02 +0100

Available diffs

Superseded in xenial-proposed on 2015-12-27
apt (1.1.7) unstable; urgency=medium

  The real "speed up rred for uncompressed files" release

  * Use a hardcoded buffer size of 4096 to fix performance
  * rred: Allow passing files as arguments for compressor testing
  * Get rid of memmove() in our read buffering

 -- Julian Andres Klode <email address hidden>  Sat, 26 Dec 2015 19:10:14 +0100

Available diffs

Superseded in xenial-proposed on 2015-12-26
apt (1.1.6) unstable; urgency=medium

  Merry Christmas from the APT Team

  [ Pino Toscano ]
  * Fix FileUtlTest.GetTempDir failure when run as root (Closes: #808383)
  * CopyFile: fix BufSize to a sane value (Closes: #808381)
  * CopyFile: avoid failing on EOF on some systems (Closes: #808381)

  [ Julian Andres Klode ]
  * Do nothing in FileFd::Write() if Size is 0 (Closes: #808381)

  [ David Kalnischkies ]
  * avoid evaluating shell in paths used in apt-key
  * avoid triggering gpg2 migration in apt-key
  * follow dpkg and xz and use CRC64 for xz compression
  * parse xz-compression level from configuration
  * implement a buffer system for FileFd::ReadLine (Closes: 808579)
  * ensure we got a lock in clean operation (Closes: 808561)

 -- Julian Andres Klode <email address hidden>  Thu, 24 Dec 2015 17:01:49 +0100

Available diffs

Superseded in xenial-release on 2015-12-30
Deleted in xenial-proposed on 2015-12-31 (Reason: moved to release)
apt (1.1.5) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Do not swap required and important in pkgCache::Priority()
    Thanks to Manuel A. Fernandez Montecelo for discovering this
    (Closes: #807523)
  * Convert package names from Packages files to lower case (Closes: #807012)
  * test framework: Correctly generate new paths in noopchroot
  * debian/apt.auto-removal.sh: Adjust -dbg exclusion for multi-arch
  * pkgcache: Make hash arch-independent using fixed size integer
  * test-apt-download-progress: Run the https test multiple times

  [ David Kalnischkies ]
  * update symbols files to 1.1.4 state of affairs
  * parse .diff/Index hashes in reverse order
  * redirect which stderr to /dev/null for consistency (Closes: 807373)
  * show a more descriptive error for weak Release files (Closes: 806459)
  * support regex and co in 'apt-cache policy $pkg' again (Closes: 807870)
  * non-existing directories don't need to be cleaned (Closes: 807477)

  [ Seo Sanghyeon ]
  * fix incorrect Korean translation of "manually" and "automatically"

  [ Andreas Metzler ]
  * mention APT::AutoRemove::{Recommends,Suggests}Important option
    (Closes: 807413)

 -- Julian Andres Klode <email address hidden>  Mon, 14 Dec 2015 16:56:11 +0100

Available diffs

Superseded in xenial-release on 2015-12-15
Deleted in xenial-proposed on 2015-12-16 (Reason: moved to release)
apt (1.1.4) unstable; urgency=medium

  [ Julian Andres Klode ]
  * defaults.mak: Set LC_COLLATE=C.UTF-8 for reproducible sort order
  * Avoid overflow when summing up file sizes

  [ David Kalnischkies ]
  * add a apt breaks (apt-utils << 1.1.3) for partial-upgrades (Closes: 806765)
  * require explicit paths to dsc/control as we do for deb files
    (Closes: 806693)
  * use @CHANGEPATH@ as placeholder in changelog URI templates
  * replace "which" with "command -v" for portability.
    Thanks to Mingye Wang for the suggestion. (Closes: 807144)
  * replace run-parts with find|sort to avoid debianutils usage
  * part revert, part redo 'which' replacement.
    Thanks to Jakub Wilk for pointing out #747320

  [ Fredrik Fornwall ]
  * apt-helper.cc: include <stdlib.h> for atoi (Closes: 807031)

 -- Julian Andres Klode <email address hidden>  Mon, 07 Dec 2015 15:31:31 +0100
Superseded in xenial-proposed on 2015-12-07
apt (1.1.3) unstable; urgency=medium

  [ David Kalnischkies ]
  * use function pointers instead of weak symbols for cmdline parsing
  * accept ../ on the cmdline as start for a deb file as well
  * add apt-utils Depends apt (= ${binary:Version})

  [ Andreas Cadhalpun ]
  * do not override exact targetrelease matches with lesser matches
    (Closes: 746412)

 -- Michael Vogt <email address hidden>  Mon, 30 Nov 2015 08:49:40 +0100
Superseded in xenial-release on 2015-12-10
Published in wily-release on 2015-10-06
Deleted in wily-proposed (Reason: moved to release)
apt (1.0.10.2ubuntu1) wily; urgency=medium

  * merged from debian/sid (LP: #1486061)
  * this fixes a subtle ABI difference between debian and ubuntu
  * add breaks for rdepends to ensure smooth wily->wily transtition
    for the ABI fix. this can be dropped post-wily

Available diffs

Superseded in wily-release on 2015-10-06
Deleted in wily-proposed on 2015-10-07 (Reason: moved to release)
apt (1.0.9.10ubuntu7) wily; urgency=medium

  * cherry pick 353c135 to fix build failure with gcc-snapshot
    (LP: #1477299)

 -- Michael Vogt <email address hidden>  Fri, 18 Sep 2015 10:02:55 +0200
Superseded in precise-updates on 2016-05-24
Deleted in precise-proposed on 2016-05-26 (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.26) precise; urgency=medium

  * Fix regression in the Never-MarkAuto-Sections feature caused by the
    previous auto-removal fix, with inspiration drawn from the patches
    and conversation from http://bugs.debian.org/793360 (LP: #1479207)

 -- Adam Conrad <email address hidden>  Sat, 01 Aug 2015 16:18:59 -0600
Published in vivid-updates on 2015-10-22
Deleted in vivid-proposed (Reason: moved to -updates)
apt (1.0.9.7ubuntu4.2) vivid; urgency=medium

  * Fix regression in the Never-MarkAuto-Sections feature caused by the
    previous auto-removal fix, with inspiration drawn from the patches
    and conversation from http://bugs.debian.org/793360 (LP: #1479207)

 -- Adam Conrad <email address hidden>  Sat, 01 Aug 2015 16:14:56 -0600
Superseded in wily-release on 2015-09-21
Deleted in wily-proposed on 2015-09-22 (Reason: moved to release)
apt (1.0.9.10ubuntu6) wily; urgency=medium

  * Fix regression in the Never-MarkAuto-Sections feature caused by the
    previous auto-removal fix, with inspiration drawn from the patches
    and conversation from http://bugs.debian.org/793360 (LP: #1479207)

 -- Adam Conrad <email address hidden>  Sat, 01 Aug 2015 16:14:05 -0600
Superseded in trusty-updates on 2016-01-26
Deleted in trusty-proposed on 2016-01-28 (Reason: moved to -updates)
apt (1.0.1ubuntu2.10) trusty; urgency=medium

  * Fix regression from the previous upload by ensuring we're actually
    testing for the right member before iterating on it (LP: #1480592)

 -- Adam Conrad <email address hidden>  Sat, 01 Aug 2015 04:52:49 -0600

Available diffs

Superseded in trusty-updates on 2015-08-01
Superseded in trusty-proposed on 2015-08-01
apt (1.0.1ubuntu2.9) trusty; urgency=medium

  * Fix regression in the Never-MarkAuto-Sections feature caused by the
    previous auto-removal fix, with inspiration drawn from the patches
    and conversation from http://bugs.debian.org/793360 (LP: #1479207)

 -- Adam Conrad <email address hidden>  Wed, 29 Jul 2015 21:23:49 -0600

Available diffs

Superseded in wily-proposed on 2015-08-02
apt (1.0.9.10ubuntu5) wily; urgency=medium

  * apt-pkg/packagemanager.h:
    - re-add incorrectly removed pkgPackageManager::Go() to make
      python-apt build again

 -- Michael Vogt <email address hidden>  Fri, 24 Jul 2015 10:13:08 +0200
Superseded in precise-updates on 2015-10-22
Deleted in precise-proposed on 2015-10-23 (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.25) precise; urgency=medium

  * Backport patches from David Kalnischkies to fix crashes with dynamic
    cache remapping (LP: #957231):
    - Do not dereference the storage for the unique strings as the pointer
      can change at the time of writing the strings, so first store it
      temporary and then save the index in the (possibly new) pointer
      location
    - Handle moved mmap after UniqFindTagWrite call (Closes: #753941)

 -- Colin Watson <email address hidden>  Wed, 22 Jul 2015 13:16:37 +0100
Superseded in vivid-updates on 2015-10-22
Deleted in vivid-proposed on 2015-10-23 (Reason: moved to -updates)
apt (1.0.9.7ubuntu4.1) vivid-proposed; urgency=low

  * test/integration/test-apt-download-progress:
    - disable as its too unreliable
  * Fix endless loop in apt-get update that can cause disk fillup
    LP: #1445239

 -- Michael Vogt <email address hidden>  Wed, 10 Jun 2015 16:09:44 +0200
Superseded in wily-release on 2015-08-16
Deleted in wily-proposed on 2015-08-18 (Reason: moved to release)
apt (1.0.9.10ubuntu1) wily; urgency=low

  * merged from debian/sid

Available diffs

Superseded in precise-updates on 2015-07-28
Deleted in precise-proposed on 2015-07-29 (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.24) precise-proposed; urgency=low

  * fix crash for packages that have no section in their instVersion
    (LP: #1449394)

 -- Michael Vogt <email address hidden>  Wed, 20 May 2015 16:30:36 +0200
Superseded in wily-release on 2015-05-24
Deleted in wily-proposed on 2015-05-25 (Reason: moved to release)
apt (1.0.9.9ubuntu1) wily; urgency=low

  * merged from debian/sid

Available diffs

Superseded in trusty-updates on 2015-07-31
Deleted in trusty-proposed on 2015-08-02 (Reason: moved to -updates)
apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low

  * fix crash for packages that have no section in their instVersion
    (LP: #1449394)

 -- Michael Vogt <email address hidden>  Tue, 28 Apr 2015 09:00:52 +0200

Available diffs

Superseded in wily-release on 2015-05-11
Published in vivid-release on 2015-04-07
Deleted in vivid-proposed (Reason: moved to release)
apt (1.0.9.7ubuntu4) vivid; urgency=medium

  [ Michael Vogt ]
  * Fix crash in pkgDPkgPM::WriteApportReport(() (LP: #1436626)
 -- Michael Vogt <email address hidden>   Tue, 07 Apr 2015 12:28:32 +0200

Available diffs

Superseded in vivid-release on 2015-04-07
Deleted in vivid-proposed on 2015-04-09 (Reason: moved to release)
apt (1.0.9.7ubuntu3) vivid; urgency=medium

  * test/integration/test-apt-download-progress:
    - give apt more time to gather download data in test
 -- Michael Vogt <email address hidden>   Mon, 23 Mar 2015 08:56:53 +0100
Superseded in vivid-proposed on 2015-03-23
apt (1.0.9.7ubuntu2) vivid; urgency=medium

  * test/integration/test-apt-download-progress:
    - fix test failure on fast hardware
 -- Michael Vogt <email address hidden>   Fri, 20 Mar 2015 17:42:01 +0100

Available diffs

Superseded in vivid-proposed on 2015-03-20
apt (1.0.9.7ubuntu1) vivid; urgency=low

  * Merged fixes from debian/sid (LP: #1431877)

Available diffs

Superseded in trusty-updates on 2015-05-29
Deleted in trusty-proposed on 2015-05-31 (Reason: moved to -updates)
apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low

  * fix auto-removal behavior (thanks to Adam Conrad)
    LP: #1429041
 -- Michael Vogt <email address hidden>   Fri, 13 Mar 2015 14:55:31 +0100

Available diffs

Superseded in precise-updates on 2015-05-29
Deleted in precise-proposed on 2015-05-31 (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.23) precise-proposed; urgency=low

  * fix auto-removal behavior (thanks to Adam Conrad)
    LP: #1429041
 -- Michael Vogt <email address hidden>   Fri, 06 Mar 2015 10:47:36 +0100
Superseded in vivid-release on 2015-03-23
Deleted in vivid-proposed on 2015-03-24 (Reason: moved to release)
apt (1.0.9.3ubuntu1) vivid; urgency=low

  * Merged from debian/sid, remaining changes:
    - patch for apt cross-building, see http://bugs.debian.org/666772
    - ubuntu changelog download handling
    - apt-key net-update/apt-xapian-index
    - git-buildpackage config adjustments
    - ubuntu keyring

Available diffs

Superseded in trusty-updates on 2015-04-22
Deleted in trusty-proposed on 2015-04-23 (Reason: moved to -updates)
apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium

  * apt-pkg/deb/dpkgpm.cc:
    - update string matching for dpkg I/O errors. (LP: #1363257)
    - properly parse the dpkg status line so that package name is properly set
      and an apport report is created. Thanks to Anders Kaseorg for the patch.
      (LP: #1353171)
 -- Brian Murray <email address hidden>   Wed, 08 Oct 2014 14:01:41 -0700
Superseded in vivid-release on 2014-11-03
Published in utopic-release on 2014-10-17
Deleted in utopic-proposed (Reason: moved to release)
apt (1.0.9.2ubuntu2) utopic; urgency=medium

  [ David Kalnischkies ]
  * don't cleanup cdrom files in apt-get update (Closes: 765458)
    LP: #1381986
 -- Michael Vogt <email address hidden>   Fri, 17 Oct 2014 11:26:03 +0200

Available diffs

Deleted in lucid-proposed on 2015-04-17 (Reason: The package was removed due to its SRU bug(s) not being v...)
apt (0.7.25.3ubuntu9.17.2) lucid-proposed; urgency=low

  [ David Kalnischkies ]
  * methods/http.cc:
    - retry without partial data after a 416 response (closes: 710924)
      LP: #1382401
 -- Michael Vogt <email address hidden>   Fri, 17 Oct 2014 10:09:56 +0200
Superseded in precise-updates on 2015-04-22
Deleted in precise-proposed on 2015-04-23 (Reason: moved to -updates)
apt (0.8.16~exp12ubuntu10.22) precise-proposed; urgency=low

  [ David Kalnischkies ]
  * methods/http.cc:
    - retry without partial data after a 416 response (closes: 710924)
      LP: #1382401
 -- Michael Vogt <email address hidden>   Fri, 17 Oct 2014 09:57:34 +0200
Superseded in trusty-updates on 2014-11-06
Superseded in trusty-security on 2016-04-27
apt (1.0.1ubuntu2.5) trusty-security; urgency=low

  * SECURITY UPDATE:
      - cmdline/apt-get.cc: fix insecure tempfile handling in
        apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
 -- Michael Vogt <email address hidden>   Wed, 08 Oct 2014 10:38:50 +0200

Available diffs

Superseded in precise-updates on 2014-11-13
Published in precise-security on 2014-10-08
apt (0.8.16~exp12ubuntu10.21) precise-security; urgency=low

  * SECURITY UPDATE:
    - cmdline/apt-get.cc: fix insecure tempfile handling in
      apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
 -- Michael Vogt <email address hidden>   Wed, 08 Oct 2014 10:35:46 +0200
Superseded in utopic-release on 2014-10-17
Deleted in utopic-proposed on 2014-10-18 (Reason: moved to release)
apt (1.0.9.2ubuntu1) utopic; urgency=low

  * merge fixes from debian/sid, most importantly CVE-2014-7206
    (LP: #1378680)

Available diffs

Published in lucid-updates on 2014-09-23
Published in lucid-security on 2014-09-23
apt (0.7.25.3ubuntu9.17.1) lucid-security; urgency=low

  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression from the previous upload when file:/// sources
    are used and those are on a different partition than
    the apt state directory (LP: #1371058)
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add
 -- Michael Vogt <email address hidden>   Tue, 23 Sep 2014 08:58:49 +0200
Superseded in precise-updates on 2014-10-08
Superseded in precise-security on 2014-10-08
apt (0.8.16~exp12ubuntu10.20.1) precise-security; urgency=low

  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression in 0.9.7.9+deb7u3 when file:/// sources
    are used and those are on a different partition than
    the apt state directoryo (LP: #1371058)
  * Revert FileFd::ReadOnlyGzip change
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add
 -- Michael Vogt <email address hidden>   Tue, 23 Sep 2014 09:02:26 +0200
Superseded in trusty-updates on 2014-10-08
Superseded in trusty-security on 2014-10-08
apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low

  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression from the previous upload when file:/// sources
    are used and those are on a different partition than
    the apt state directory
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add
 -- Michael Vogt <email address hidden>   Tue, 23 Sep 2014 09:04:44 +0200
Superseded in utopic-release on 2014-10-10
Deleted in utopic-proposed on 2014-10-12 (Reason: moved to release)
apt (1.0.9.1ubuntu1) utopic; urgency=medium

  * merge fixes from debian/sid

Superseded in utopic-proposed on 2014-09-17
apt (1.0.8ubuntu3) utopic; urgency=low

  * fix autopkgtest
 -- Michael Vogt <email address hidden>   Tue, 16 Sep 2014 21:12:37 +0200

Available diffs

Superseded in utopic-proposed on 2014-09-16
apt (1.0.8ubuntu2) utopic; urgency=high

  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
 -- Michael Vogt <email address hidden>   Mon, 15 Sep 2014 08:25:54 +0200

Available diffs

Superseded in lucid-updates on 2014-09-23
Superseded in lucid-security on 2014-09-23
apt (0.7.25.3ubuntu9.16) lucid-security; urgency=low

  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
 -- Michael Vogt <email address hidden>   Mon, 15 Sep 2014 08:23:05 +0200
Superseded in precise-updates on 2014-09-23
Superseded in precise-security on 2014-09-23
apt (0.8.16~exp12ubuntu10.19) precise-security; urgency=low

  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
    - incorrect apt-get download validation (CVE-2014-0490)
 -- Michael Vogt <email address hidden>   Mon, 15 Sep 2014 08:23:20 +0200
Superseded in trusty-updates on 2014-09-23
Superseded in trusty-security on 2014-09-23
apt (1.0.1ubuntu2.3) trusty-security; urgency=low

  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
 -- Michael Vogt <email address hidden>   Mon, 15 Sep 2014 08:23:35 +0200

Available diffs

175 of 389 results