dpkg 1.18.24ubuntu1 source package in Ubuntu

Changelog

dpkg (1.18.24ubuntu1) artful; urgency=medium

  * Merge from current Debian testing; remaining Ubuntu changes:
    - Change native source version/format mismatch errors into warnings
      until the dust settles on Debian bug 737634 about override options.
    - Add DPKG_UNTRANSLATED_MESSAGES environment check so that higher-level
      tools can get untranslated dpkg terminal log messages while at the
      same time having translated debconf prompts.
    - Special-case arm{el,hf} ELF objects in Shlibs/Objdump.pm for multilib.
    - Map unqualified package names of multiarch-same packages to the native
      arch instead of throwing an error, so that we don't break on upgrade
      when there are unqualified names stored in the dpkg trigger database.
    - Apply a workaround from mvo to consider ^rc packages as multiarch,
      during the dpkg consistency checks. (see LP: 1015567 and 1057367).
    - dpkg-gencontrol: Fix Package-Type override handling for ddeb support.
  * scripts/Dpkg/Vendor/Ubuntu.pm: Drop hardening changes merged upstream.
  * dpkg-buildpackage: Drop stale debian/files cleaning, solved differently.

dpkg (1.18.24) unstable; urgency=medium

  [ Guillem Jover ]
  * Add missing symbols to the libdpkg map file.
  * Fix dpkg-shlibdeps to preserve the Dpkg::Shlibs::find_library() order
    when scanning symbols/shlibs files. This was causing generation of bogus
    dependencies when multiple packages provide the same SONAME on different
    directories. Regression introduced in dpkg 1.18.17. Closes: #860979
  * Make dpkg-maintscript-helper print all unowned files from a directory
    when printing the error message, to ease debugging those problems after
    the fact. Closes: #813454, #860238
    Based on a patch by Bastien ROUCARIÈS <email address hidden>.
  * Add duplicate prevention code for debian/files to dpkg-genbuildinfo, so
    that successive runs with different versions and equivalent build types
    do not generate multiple .buildinfo entries to be uploaded, which is
    similar to what dpkg-gencontrol is doing for .deb files.
  * Fix conffile takeover handling during unpack in dpkg on --root or
    on diversions. Closes: #837051, #858004
  * Fix digest inference for shared conffiles, causing bogus takeover
    unpack errors. Regression introduced in dpkg 1.16.9. Closes: #861217
  * Improve tar entry metadata parsing in dpkg:
    - Do not parse device numbers for non block nor char tar entry objects.
    - Make the existing octal parser more robust, by checking for the
      expected format of leading zeros or spaces, followed by any ASCII
      octal characters (0-7), followed by zero or more space or NULs.
    - Add support for base-256 encoded numeric fields, to support large
      values, for UID/GID, device number, size and even signed timestamps.
      This is necessary not only to be able to store larger values, but to
      cover packages that can already be generated by dpkg-deb, given that
      it uses the system GNU tar when building. Closes: #850834
  * Architecture support:
    - Add support for ARM64 ILP32. Closes: #824742
      Thanks to Wookey <email address hidden>.
  * Perl modules:
    - Remove obsolete hardening-wrapper support from Dpkg::Vendor::Ubuntu.
      Thanks to Adam Conrad <adconrad@0c3.net>.
    - Bump $Dpkg::Deps::VERSION to match the one documented in CHANGES.
    - Ignore by default debian/files.new and debian/files for all source
      formats in Dpkg::Source::Package, because these are generated files
      with well known pathnames, part of the public interface, and with
      dpkg-genbuildinfo always injecting .buildinfo entries into
      debian/files, this meant this could disrupt previous workflows based
      on not cleaning the source tree.
  * Documentation:
    - Many spelling fixes. Thanks to Josh Soref <email address hidden>.
    - Do not include mispellings in changelogs, as that makes detecting them
      more difficult.
  * Build system:
    - Use libexec variable for auxiliary internal programs, and set it to
      /usr/lib on Debian and derivatives.
    - Check that the detected tar is a GNU tar.
    - Check that the detected patch is a GNU patch, so that we get a directory
      traversal resistant patch implementation. This fixes CVE-2017-8283 by
      delegating those checks to patch(1), so that we trap blank-indented
      diff hunks trying to escape from the source tree.
  * Test suite:
    - Add a test case for blank-indented patches which were the cause for
      CVE-2017-8283.
    - Handle files with non-zero sizes in c-tarextract libdpkg test code.

  [ Updated programs translations ]
  * Catalan (Guillem Jover).
  * Czech (Miroslav Kure).

  [ Updated dselect translations ]
  * Catalan (Guillem Jover).

  [ Updated scripts translations ]
  * Catalan (Guillem Jover).

  [ Updated man pages translations ]
  * German (Helge Kreutzmann, David Rabel). Closes: #857449
  * Spanish (Javier Fernández-Sanguino).

 -- Adam Conrad <email address hidden>  Mon, 05 Jun 2017 11:35:51 -0600

Upload details

Uploaded by:
Adam Conrad on 2017-06-05
Uploaded to:
Artful
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Artful release on 2017-06-06 main admin

Downloads

File Size SHA-256 Checksum
dpkg_1.18.24ubuntu1.tar.xz 4.3 MiB 434de41df64a47c631a656823453104f02c8ac6a04340096c18c0d5601bfcd03
dpkg_1.18.24ubuntu1.dsc 2.1 KiB b172c1c9bb6fc95f7f7c0e5b85412971767f7d62b36d734c9a6a561003ecbb42

Available diffs

View changes file

Binary packages built by this source

dpkg: Debian package management system

 This package provides the low-level infrastructure for handling the
 installation and removal of Debian software packages.
 .
 For Debian package development tools, install dpkg-dev.

dpkg-dbgsym: debug symbols for dpkg
dpkg-dev: Debian package development tools

 This package provides the development tools (including dpkg-source)
 required to unpack, build and upload Debian source packages.
 .
 Most Debian source packages will require additional tools to build;
 for example, most packages need make and the C compiler gcc.

dselect: Debian package management front-end

 dselect is a high-level interface for managing the installation and
 removal of Debian software packages.
 .
 Many users find dselect intimidating and new users may prefer to use
 apt-based user interfaces.

dselect-dbgsym: Debug symbols for dselect
libdpkg-dev: Debian package management static library

 This package provides the header files and static library necessary to
 develop software using libdpkg, the same library used internally by dpkg.
 .
 Note though, that the API is to be considered volatile, and might change
 at any time, use at your own risk.

libdpkg-perl: Dpkg perl modules

 This package provides the perl modules used by the scripts
 in dpkg-dev. They cover a wide range of functionality. Among them
 there are the following public modules:
 .
  - Dpkg: core variables
  - Dpkg::Arch: architecture handling functions
  - Dpkg::Build::Info: build information functions
  - Dpkg::BuildFlags: set, modify and query compilation build flags
  - Dpkg::BuildOptions: parse and manipulate DEB_BUILD_OPTIONS
  - Dpkg::BuildProfile: parse and manipulate build profiles
  - Dpkg::Changelog: parse changelogs
  - Dpkg::Changelog::Entry: represents a changelog entry
  - Dpkg::Changelog::Parse: generic changelog parser for dpkg-parsechangelog
  - Dpkg::Checksums: generate and parse checksums
  - Dpkg::Compression: simple database of available compression methods
  - Dpkg::Compression::Process: wrapper around compression tools
  - Dpkg::Compression::FileHandle: transparently (de)compress files
  - Dpkg::Conf: parse dpkg configuration files
  - Dpkg::Control: parse and manipulate Debian control information
    (.dsc, .changes, Packages/Sources entries, etc.)
  - Dpkg::Control::Changelog: represent fields output by dpkg-parsechangelog
  - Dpkg::Control::Fields: manage (list of known) control fields
  - Dpkg::Control::Hash: parse and manipulate a block of RFC822-like fields
  - Dpkg::Control::Info: parse files like debian/control
  - Dpkg::Control::Tests: parse files like debian/tests/control
  - Dpkg::Deps: parse and manipulate dependencies
  - Dpkg::Exit: push, pop and run exit handlers
  - Dpkg::Gettext: wrapper around Locale::gettext
  - Dpkg::IPC: spawn sub-processes and feed/retrieve data
  - Dpkg::Index: collections of Dpkg::Control (Packages/Sources files for
    example)
  - Dpkg::Interface::Storable: base object serializer
  - Dpkg::Path: common path handling functions
  - Dpkg::Source::Package: extract Debian source packages
  - Dpkg::Substvars: substitute variables in strings
  - Dpkg::Vendor: identify current distribution vendor
  - Dpkg::Version: parse and manipulate Debian package versions
 .
 All the packages listed in Suggests or Recommends are used by some of the
 modules.