-
apt (1.6.17) bionic; urgency=medium
* Bump cache minor version for kernel collection.
The previous update introduced the new kernel autoremoval code which
collects kernels in the cache as providers of a $kernel package.
We need to bump the cache minor version for this as otherwise the
$kernel package might not exist and all kernels end up autoremovable
until a package got installed or sources updated.
apt (1.6.16) bionic; urgency=medium
* postinst: Do not run removed kernel postinst.d script (LP: #1974456)
apt (1.6.15) bionic; urgency=medium
* Revert "Protect currently running kernel at run-time"
* Backport Determine autoremovable kernels at run-time (LP: #1615381) as of
2.4.5; including the change to only protect two kernels, not last installed
one (LP: #1968154)
-- Julian Andres Klode <email address hidden> Fri, 12 Aug 2022 12:38:33 +0200
-
apt (1.6.16) bionic; urgency=medium
* postinst: Do not run removed kernel postinst.d script (LP: #1974456)
apt (1.6.15) bionic; urgency=medium
* Revert "Protect currently running kernel at run-time"
* Backport Determine autoremovable kernels at run-time (LP: #1615381) as of
2.4.5; including the change to only protect two kernels, not last installed
one (LP: #1968154)
-- Julian Andres Klode <email address hidden> Tue, 02 Aug 2022 11:15:34 +0200
-
apt (1.6.15) bionic; urgency=medium
* Revert "Protect currently running kernel at run-time"
* Backport Determine autoremovable kernels at run-time (LP: #1615381) as of
2.4.5; including the change to only protect two kernels, not last installed
one (LP: #1968154)
-- Julian Andres Klode <email address hidden> Fri, 29 Apr 2022 10:14:33 +0200
-
apt (1.6.14) bionic; urgency=medium
* RunScripts: Do not reset SIGQUIT and SIGINT to SIG_DFL (LP: #1898026)
* Fix downloads of unsized files that are largest in pipeline (LP: #1921626),
and warn about packages without size (option Acquire::AllowUnsizedPackages)
* JSON hooks 0.2 and assorted JSON bugfixes (LP: #1926150)
- encoder fixes:
+ json: Escape strings using \u escape sequences, add test
+ json: Actually pop states
+ json: Encode NULL strings as null
- json: Flush standard file descriptors before calling hooks
(this avoids output from hooks in middle of apt output)
- Minor fixes to include and C++ namespaces
- non-code changes:
+ test/json: Make the test hook more reliable
+ Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
- semantic changes (new fields, hooks, and protocol 0.2):
+ json: Add origins fields to version
+ upgrade: Add JSON hook support (AptCli::Hooks::Upgrade)
+ json: Add `package-list` and `statistics` install hooks
+ json: Hook protocol 0.2 (added upgrade,downgrade,reinstall modes)
+ Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
* Avoid infinite loop on EOF on media change prompt (LP: #1928687)
-- Julian Andres Klode <email address hidden> Tue, 15 Jun 2021 16:12:38 +0200
-
apt (1.6.13) bionic; urgency=medium
[ David Kalnischkies ]
* Fix incorrect base64 encoding due to int promotion (LP: #1916050)
* Harden test for no new acquires after transaction abort (Closes: #984966)
(LP: #1918920)
[ Julian Andres Klode ]
* Implement update --error-on=any (Closes: #594813) (LP: #1693900)
* Include all translations when building the cache (LP: #1907850)
* Add basic support for the Protected field
* Do not require force-loopbreak on Important packages
(Closes: #983014) (LP: #1916725)
* Protect currently running kernel at run-time (LP: #1615381)
* Make ADDARG{,C}() macros expand to single statements
* Improve immediate configuration handling (LP: #1871268)
- Do not immediately configure m-a: same packages in lockstep
- Ignore failures from immediate configuration. This does not change the
actual installation ordering - we never passed the return code to the
caller and installation went underway anyway if it could be ordered at a
later stage, this just removes spurious after-the-fact errors.
(Closes: #973305, #188161, #211075, #649588)
* Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
(LP: #1918907)
[ Balint Reczey ]
* Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
(LP: #1806076)
-- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 14:09:15 +0100
-
apt (1.6.12ubuntu0.2) bionic-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
-- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:13:36 +0100
-
apt (1.6.12ubuntu0.1) bionic-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
-- Julian Andres Klode <email address hidden> Tue, 12 May 2020 20:03:44 +0200
-
apt (1.6.12) bionic; urgency=medium
[ TilmanK ]
* Fix typo in German manpage translation
[ Michael Zhivich ]
* methods: https: handle requests for TLS re-handshake (LP: #1829861)
[ Julian Andres Klode ]
* Unlock dpkg locks in reverse locking order (LP: #1829860)
[ Simon Körner ]
* http: Fix Host header in proxied https connections (LP: #1838771)
[ Brian Murray ]
* Do not include squashfs file systems in df output. (LP: #1756595)
-- Julian Andres Klode <email address hidden> Tue, 03 Sep 2019 12:05:35 +0200
-
apt (1.6.11) bionic; urgency=medium
* Add test case for local-only packages pinned to never
* Prevent shutdown while running dpkg (LP: #1820886)
* Add linux-{buildinfo,image-unsigned,source} versioned kernel pkgs
(LP: #1821640)
-- Julian Andres Klode <email address hidden> Tue, 07 May 2019 11:19:29 +0200
-
apt (1.6.10) bionic; urgency=medium
* Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
* CMake: Install auth.conf.d directory (LP: #1818996)
* Merge translations from 1.7.4
apt (1.6.9) bionic; urgency=medium
[ Michael Vogt ]
* private-json-hooks.cc: deal with EPIPE (LP: #1814543)
[ Julian Andres Klode ]
* Introduce experimental 'never' pinning for sources (LP: #1814727)
* Add a Packages-Require-Authorization Release file field (LP: #1814727)
* doc: Set ubuntu-codename to bionic (LP: #1812696)
* update: Provide APT::Update-Post-Invoke-Stats script hook point
(LP: #1815760)
* Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)
-- Julian Andres Klode <email address hidden> Mon, 11 Mar 2019 10:34:07 +0100
-
apt (1.6.9) bionic; urgency=medium
[ Michael Vogt ]
* private-json-hooks.cc: deal with EPIPE (LP: #1814543)
[ Julian Andres Klode ]
* Introduce experimental 'never' pinning for sources (LP: #1814727)
* Add a Packages-Require-Authorization Release file field (LP: #1814727)
* doc: Set ubuntu-codename to bionic (LP: #1812696)
* update: Provide APT::Update-Post-Invoke-Stats script hook point
(LP: #1815760)
* Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)
-- Julian Andres Klode <email address hidden> Fri, 01 Mar 2019 10:01:51 +0100
-
apt (1.6.8) bionic; urgency=medium
* merge security update: content injection in http method (CVE-2019-3462)
apt (1.6.7) bionic; urgency=medium
[ Milo Casagrande ]
* [l10n] Update Italian translation
[ Julian Andres Klode ]
* NeverAutoRemove kernel meta packages (LP: #1787460)
* Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120)
* Merge translations from 1.8 series
-- Julian Andres Klode <email address hidden> Fri, 25 Jan 2019 12:51:00 +0100
-
apt (1.6.7) bionic; urgency=medium
[ Milo Casagrande ]
* [l10n] Update Italian translation
[ Julian Andres Klode ]
* NeverAutoRemove kernel meta packages (LP: #1787460)
* Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120)
* Merge translations from 1.8 series
-- Julian Andres Klode <email address hidden> Mon, 14 Jan 2019 15:09:47 +0100
-
apt (1.6.6ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: content injection in http method (CVE-2019-3462)
(LP: #1812353)
-- Julian Andres Klode <email address hidden> Fri, 18 Jan 2019 11:39:50 +0100
-
apt (1.6.6) bionic; urgency=medium
* Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts.
Some post-invoke scripts install packages, which fails because
the environment variable is not set. This sets the variable for
all three kinds of scripts {pre,post-}invoke and pre-install-pkgs,
but we will only allow post-invoke at a later time.
(LP: #1796808)
apt (1.6.5) bionic; urgency=medium
[ David Kalnischkies ]
* Support records larger than 32kb in 'apt show' (Closes: #905527)
(LP: #1787120)
[ Julian Andres Klode ]
* Add support for dpkg frontend lock (Closes: #869546) (LP: #1781169)
* Set DPKG_FRONTEND_LOCKED as needed when doing selection changes
* http: Stop pipeline after close only if it was not filled before
(LP: #1794957)
* pkgCacheFile: Only unlock in destructor if locked before (LP: #1794053)
* Update libapt-pkg5.0 symbols for frontend locking
-- Julian Andres Klode <email address hidden> Tue, 09 Oct 2018 12:16:51 +0200
-
apt (1.6.5) bionic; urgency=medium
[ David Kalnischkies ]
* Support records larger than 32kb in 'apt show' (Closes: #905527)
(LP: #1787120)
[ Julian Andres Klode ]
* Add support for dpkg frontend lock (Closes: #869546) (LP: #1781169)
* Set DPKG_FRONTEND_LOCKED as needed when doing selection changes
* http: Stop pipeline after close only if it was not filled before
(LP: #1794957)
* pkgCacheFile: Only unlock in destructor if locked before (LP: #1794053)
* Update libapt-pkg5.0 symbols for frontend locking
-- Julian Andres Klode <email address hidden> Fri, 28 Sep 2018 15:06:34 +0200
-
apt (1.6.3ubuntu0.1) bionic-security; urgency=medium
[ David Kalnischkies ]
* SECURITY UPDATE: Fallback in the mirror method allowed a later server to
supply any InRelease file without it having to be verified. (LP: #1787752)
- apt-pkg/acquire-item.cc:: clear alternative URIs for mirror:// between
steps
- CVE-2018-0501
-- Julian Andres Klode <email address hidden> Mon, 20 Aug 2018 09:48:01 +0200
-
apt (1.6.3) unstable; urgency=medium
* Handle JSON hooks that just close the file/exit and fix some other errors
(LP: #1776218)
-- Julian Andres Klode <email address hidden> Mon, 09 Jul 2018 16:41:27 +0200
-
apt (1.6.2) unstable; urgency=medium
* Fix build with new gtest (Closes: #897149)
* Handle a missed case of timed out ip addresses (LP: #1766542)
* Lower default network timeouts from 120s to 30s
* apt-key: Pass all instead of gpg-agent to gpgconf --kill (LP: #1773992)
* Fix lock counting in debSystem (LP: #1778547)
* CI fixes:
- tests: Do not expect requested-by if sudo was invoked by root
- Run tests on GitLab CI
- CI: Export DEBIAN_FRONTEND=noninteractive in all CI environments
-- Julian Andres Klode <email address hidden> Mon, 25 Jun 2018 17:15:10 +0200
-
apt (1.6.1) unstable; urgency=medium
* CMake: Fix builds without zstd
* apt.conf.autoremove: Catch some new Ubuntu module packages
-- Julian Andres Klode <email address hidden> Fri, 20 Apr 2018 12:08:18 +0200
-
apt (1.6) unstable; urgency=medium
* Make libzstd optional in CMakeLists.txt, to aid cross-building
* Point debian-branch to 1.6.y
-- Julian Andres Klode <email address hidden> Wed, 18 Apr 2018 16:34:33 +0200
-
apt (1.6~rc1) unstable; urgency=medium
[ Julian Andres Klode ]
* Experimental support for zstd (LP: #1763839)
* Fix debian/NEWS entry for 1.6~beta1
* Use https for Ubuntu changelogs
* Bump cache major version to allow different 1.5 and 1.6 updates
* CI: Switch testing to use ubuntu:bionic for 1.6.y
* Turn off seccomp sandboxing by default (LP: #1732030) (Closes: #890489)
* Allow restart_syscall() syscall in seccomp sandboxes (Closes: #891644)
* Delete /etc/dpkg/dpkg.cfg.d/excludes on Docker CI images
* test: export GCOV_ERROR_FILE=/dev/null to make it fail less/no tests
* apt-private: Collect not found packages in CacheSetHelperAPTGet
* Introduce experimental new hooks for command-line tools (LP: #1763839)
[ David Kalnischkies ]
* remove duplicate changelog lines from 1.6~beta1 entry
* fix communication typo in https manpage
* set our two libapt libraries to prio:optional
* document Acquire::AllowReleaseInfoChange without extra s
[ jean-pierre giraud ]
* French man pages translation (Closes: #895117)
-- Julian Andres Klode <email address hidden> Sun, 15 Apr 2018 21:41:44 +0200
-
apt (1.6~beta1) unstable; urgency=medium
[ David Kalnischkies ]
* allow the apt/lists/auxfiles/ directory to be missing (Closes: 887624)
* add apt-helper drop-privs command…
* restore gcc visibility=hidden for apt-private
* ensure correct file permissions for auxfiles
* allow the apt/lists/auxfiles/ directory to be missing (Closes: 887624)
* add apt-helper drop-privs command…
* restore gcc visibility=hidden for apt-private
* ensure correct file permissions for auxfiles
[ Julian Andres Klode ]
* indexcopy: Copy uncompressed indices from cdrom again (LP: #1746807)
* Work around test-method-mirror failure by setting umask at start
* Check that Date of Release file is not in the future
* apt.conf.autoremove: Add linux-cloud-tools to list (LP: #1698159)
* indexcopy: Copy uncompressed indices from cdrom again (LP: #1746807)
* Work around test-method-mirror failure by setting umask at start
* Check that Date of Release file is not in the future
* apt.conf.autoremove: Add linux-cloud-tools to list (LP: #1698159)
[ Chris Leick ]
* German manpage translation update
* German manpage translation update
-- Julian Andres Klode <email address hidden> Mon, 26 Feb 2018 13:14:13 +0100
-
apt (1.6~alpha7ubuntu2) bionic; urgency=medium
[ David Kalnischkies ]
* allow the apt/lists/auxfiles/ directory to be missing (Closes: 887624)
[ Julian Andres Klode ]
* indexcopy: Copy uncompressed indices from cdrom again (LP: #1746807)
-- Julian Andres Klode <email address hidden> Mon, 19 Feb 2018 14:43:47 +0100
-
apt (1.6~alpha7ubuntu1) bionic; urgency=medium
* Try to work around test-method-mirror failure by setting umask at start
-- Julian Andres Klode <email address hidden> Wed, 31 Jan 2018 12:19:58 +0100
-
apt (1.6~alpha7) unstable; urgency=medium
[ Mert Dirik ]
* Turkish program translation update (Closes: 886250)
[ David Kalnischkies ]
* dpkg status parsing: check if name is valid before use
[ Julian Andres Klode ]
* apt-compat.cron.daily: Correctly handle undetermined power status
(LP: #1742378)
* Introduce inrelease-path option for sources.list (Closes: #886745)
* Drop obsolete Suggests on python-apt (Closes: #887607)
* Point people to salsa.d.o instead of anonscm.d.o for git
[ Justin B Rye ]
* review and fix the three new apt-transport- manpages
[ Holger Wansing ]
* German program translation update (Closes: 886429)
[ Julien Patriarca ]
* French program translation update (Closes: 887017)
-- Julian Andres Klode <email address hidden> Thu, 18 Jan 2018 14:44:14 +0000
-
apt (1.6~alpha6) unstable; urgency=medium
[ Julian Andres Klode ]
* Add Breaks: aptitude (<< 0.8.10) for gzip method removal
* Also look at https_proxy for https URLs
* Run wrap-and-sort
* Translate shared documentation parts again
* tests: Improve handling profiling messages on CI
* connect: Store the IP used when picking a connection
* Add rapid "happy eyeballs" connection fallback (RFC 8305) (Closes: #668948)
(LP: #1308200)
[ David Kalnischkies ]
* allow multivalue fields in deb822 sources to be folded (Closes: 881875)
* support COLUMNS environment variable in apt tools
* allow apt_auth.conf(5) to be translated
* if insecure repo is allowed continue on all http errors
* don't auto-switch candidate if installed is good enough
* update libapt-pkg symbols file
* explicitly name token in auth.conf parsing error
* fix over-calculating dpkg commandline length
* avoid some useless casts reported by -Wuseless-cast
* deal with floats without old-style cast
* support multiline values in LookupTag
* mark some 500 HTTP codes as transient acquire errors
* report transient errors as transient errors
* implement Acquire::Retries support for all items
* give the methods more metadata about the files to acquire
* implement fallback to alternative URIs for all items
* do not remap current files if nullptrs in cache generation
* apt.daily: remove unused dbus signal for apt update (Closes: 849636)
* Support cleartext signed InRelease files with CRLF line endings.
Thanks to Lukas Wunner for detailed report & initial patch! (Closes: 884922)
* document http options in new apt-transport-http manpage
* document https options in new apt-transport-https manpage
* refactor message generation for methods
* allow a method to request auxiliary files
* reimplement and simplify mirror:// method
* require methods to request AuxRequest capability at startup
* add tag-based control over mirror choices from the list
* non-local mirrorlists shouldn't redirect to local
* add apt-transport-mirror manpage
[ Milo Casagrande ]
* Italian program translation update (Closes: 882850)
[ Christian Göttsche ]
* apt.daily: fix several "shellcheck" annotations
-- Julian Andres Klode <email address hidden> Wed, 03 Jan 2018 22:33:37 +0000
-
apt (1.6~alpha5) unstable; urgency=medium
[ Julian Andres Klode ]
* Do not attempt seccomp under qemu-user and drop EFAULT workaround
(Closes: #881519)
[ Frans Spiesschaert ]
* Dutch manpage translation update (Closes: #881402)
-- Julian Andres Klode <email address hidden> Sun, 12 Nov 2017 19:57:00 +0100
-
apt (1.6~alpha4) unstable; urgency=medium
* debian: Set Rules-Requires-Root: no
* debian: Bump Standards-Version to 4.1.1
* Re-introduce a transitional apt-transport-https
-- Julian Andres Klode <email address hidden> Sun, 05 Nov 2017 15:25:53 +0100
-
apt (1.6~alpha3) unstable; urgency=medium
[ Julian Andres Klode ]
* debian/tests/control: Add dpkg so we get triggered by it
* seccomp: Allow ipc() for fakeroot, and allow sysinfo() for sort
(Closes: #879814, #879826)
* Drop unused gzip, lzma, bzip2, and xz symlinks of store
* seccomp: Allow clock_nanosleep() and nanosleep() syscalls
* Prevent overflow in Installed-Size (and Size) in apt show
[ David Kalnischkies ]
* use store: instead of gzip: to open local changelogs
-- Julian Andres Klode <email address hidden> Sat, 28 Oct 2017 17:57:05 +0200
-
apt (1.5.1) artful; urgency=medium
* New microrelease (LP: #1727694)
[ Julian Andres Klode ]
* travis: CI: Test 1.5.y on artful
* Fix testsuite for and add new fields from dpkg 1.19
* debian/gbp.conf: Switch to 1.5.y branch
* debian/tests/control: Add dpkg so we get triggered by it
[ Mo Zhou ]
* zh_CN.po: Update Simplified Chinese programs translation
[ Frans Spiesschaert ]
* Dutch program translation update (Closes: #879137)
[ David Kalnischkies ]
* proper error reporting for v3 onion services
* ignore unsupported key formats in apt-key (Closes: #876508)
-- Julian Andres Klode <email address hidden> Thu, 26 Oct 2017 13:36:39 +0200
-
apt (1.5) unstable; urgency=medium
* Fix translator comment location for legacy target warning
-- Julian Andres Klode <email address hidden> Sun, 24 Sep 2017 17:54:41 +0200