-
apt (2.1.11) unstable; urgency=medium
[ JCGoran ]
* Fix "extended_states" typo in apt-mark(8) (Closes: #969086)
[ Julian Andres Klode ]
* doc: Bump Ubuntu release from focal to groovy
* Do not produce late error if immediate configuration fails, just warn
(Closes: #953260, #972552) (LP: #1871268)
[ Frans Spiesschaert ]
* Dutch manpages translation update (Closes: #970037)
-- Julian Andres Klode <email address hidden> Wed, 21 Oct 2020 11:53:18 +0200
-
apt (2.1.10ubuntu0.3) groovy; urgency=medium
[ David Kalnischkies ]
* Fix incorrect base64 encoding due to int promotion (LP: #1916050)
* Harden test for no new acquires after transaction abort (Closes: #984966)
(LP: #1918920)
[ Julian Andres Klode ]
* Implement update --error-on=any (Closes: #594813) (LP: #1693900)
* Include all translations when building the cache (LP: #1907850)
* Do not require force-loopbreak on Protected packages (Closes: #983014)
(LP: #1916725)
* RunScripts: Do not reset SIGQUIT and SIGINT to SIG_DFL (LP: #1898026)
* Protect currently running kernel at run-time (LP: #1615381)
* Make ADDARG{,C}() macros expand to single statements
-- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 09:22:11 +0100
-
apt (2.1.10ubuntu0.2) groovy; urgency=medium
[ JCGoran ]
* Fix "extended_states" typo in apt-mark(8) (Closes: #969086)
[ Jordi Mallach ]
* Fix typo in Catalan translation.
[ Julian Andres Klode ]
* doc: Bump Ubuntu release from focal to groovy
* pkgnames: Correctly set the default for AllNames to false, and do not
exclude virtual packages if --all-names is specified (LP: #1876495)
* Remove expired domain that became nsfw from debian/changelog
* patterns: Terminate short pattern by ~ and ! (LP: #1911676)
* Improve immediate configuration handling (LP: #1871268)
- Do not immediately configure m-a: same packages in lockstep
- Ignore failures from immediate configuration. This does not change the
actual installation ordering - we never passed the return code to the
caller and installation went underway anyway if it could be ordered at a
later stage, this just removes spurious after-the-fact errors.
[ Frans Spiesschaert ]
* Dutch manpages translation update (Closes: #970037)
[ Américo Monteiro ]
* Portuguese manpages translation update (Closes: #968414)
[ Helge Kreutzmann ]
* German program translation update (Closes: #977938)
[ Vangelis Skarmoutsos ]
* Greek program translation update
-- Julian Andres Klode <email address hidden> Thu, 14 Jan 2021 12:29:25 +0100
-
apt (2.1.10ubuntu0.1) groovy-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
* .gitlab-ci.yml: Test on groovy, not unstable
-- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:02:40 +0100
-
apt (2.1.10) unstable; urgency=medium
* Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
* acquire: Do not hide _error messages in Fail()
* Further improvements to HTTP method (Closes: #968220, verified against
that server and the Canonical infra where it blocked buildds)
- Do not use non-blocking local I/O - they don't do anything anyway,
and we can't really use non-blocking I/O here because we need to be able
to flush it.
- Restore successful exits from Die() and rewrite Die() in a more
comprehensible way, after careful code path analysis
- http: Fully flush local file both before/after server read, avoiding
both partial flush before sending requests to the server, as well as
preventing leftover data before receiving from the server, which cause
data left in the buffer.
apt (2.1.9) unstable; urgency=medium
[ Julian Andres Klode ]
* http: Fix infinite loop on read errors
* basehttp: Correctly handle non-transient failure from RunData()
* Do not retry on failure to fetch (Closes: #968163)
[ Aleix Vidal i Gaya ]
* updated catalan translations
apt (2.1.8) unstable; urgency=medium
[ Julian Andres Klode ]
* Fully deprecate apt-key, schedule removal for Q2/2022
* apt-key: Allow depending on gpg instead of gnupg
* Removal of racist terminology, except for two cases that still need consensus
* Various fixes to http code:
- http: Always Close() the connection in Die()
- http: Die(): Merge flushing code from Flush()
- http: Only return false for EOF if we actually did not read anything
- http: Die(): Do not flush the buffer, error out instead
- http: Finish copying data from server to file before sending stuff to server
- http: On select timeout, error out directly, do not call Die()
- http: Redesign reading of pending data
- http: Always write to the file if there's something to write; this fixes
a regression from removing the buffer flushing code
Overall, there's hope this Closes: #959518. It reproduced a bit, but eventually
snapshot.d.o ratelimiting kicked in and broke the test case.
[ Nicolas Schier ]
* Support marking all newly installed packages as automatically installed
-- Julian Andres Klode <email address hidden> Tue, 11 Aug 2020 14:28:07 +0200
-
apt (2.1.9) unstable; urgency=medium
[ Julian Andres Klode ]
* http: Fix infinite loop on read errors
* basehttp: Correctly handle non-transient failure from RunData()
* Do not retry on failure to fetch (Closes: #968163)
[ Aleix Vidal i Gaya ]
* updated catalan translations
apt (2.1.8) unstable; urgency=medium
[ Julian Andres Klode ]
* Fully deprecate apt-key, schedule removal for Q2/2022
* apt-key: Allow depending on gpg instead of gnupg
* Removal of racist terminology, except for two cases that still need consensus
* Various fixes to http code:
- http: Always Close() the connection in Die()
- http: Die(): Merge flushing code from Flush()
- http: Only return false for EOF if we actually did not read anything
- http: Die(): Do not flush the buffer, error out instead
- http: Finish copying data from server to file before sending stuff to server
- http: On select timeout, error out directly, do not call Die()
- http: Redesign reading of pending data
- http: Always write to the file if there's something to write; this fixes
a regression from removing the buffer flushing code
Overall, there's hope this Closes: #959518. It reproduced a bit, but eventually
snapshot.d.o ratelimiting kicked in and broke the test case.
[ Nicolas Schier ]
* Support marking all newly installed packages as automatically installed
-- Julian Andres Klode <email address hidden> Mon, 10 Aug 2020 14:16:23 +0200
-
apt (2.1.7ubuntu1) groovy; urgency=medium
* Fully deprecate apt-key, schedule removal for Q2/2022
* apt-key: Allow depending on gpg instead of gnupg
* Use more politically correct terminology where appropriate
* Various http fixes, including, but not limited to:
- http: Always Close() the connection in Die()
- http: Only return false for EOF if we actually did not read anything
- http: Die(): Do not flush the buffer, error out instead
- http: Finish copying data from server to file before sending stuff to server
- http: Always write to the file if there's something to write
(Closes: #959518)
-- Julian Andres Klode <email address hidden> Tue, 04 Aug 2020 12:24:20 +0200
-
apt (2.1.7) unstable; urgency=medium
[ David Kalnischkies ]
* Do not hardcode (wrong) group and mode in setup warning (Closes: #962310)
* Do not sent our filename-provides trick to EDSP solvers (Closes: #962741)
* Tell EDSP solvers about all installed pkgs ignoring arch
* Deduplicate EDSP Provides line of M-A:foreign packages
* Delay removals due to Conflicts until Depends are resolved
* Filter out impossible solutions for protected propagation
* Add dependency points in the resolver also to providers
* Reorder config check before checking systemd for non-interactive http
* Reorder config check before result looping for SRV parsing debug
* Fix test due to display change in ls (coreutils 8.32)
* Detect pkg-config-dpkghook failure in tests to avoid fallback (Closes: #964475)
[ Américo Monteiro ]
* Portuguese manpages translation update (Closes: #962483)
[ Julian Andres Klode ]
* Replace some magic 64*1024 with APT_BUFFER_SIZE
* Add basic support for the Protected field
[ Sergio Oller Moreno ]
* Minor Catalan grammar typo
[ Frans Spiesschaert ]
* Dutch program translation update (Closes: #963008)
-- Julian Andres Klode <email address hidden> Wed, 08 Jul 2020 09:38:35 +0200
-
apt (2.1.6) unstable; urgency=medium
[ David Kalnischkies ]
* Fix small memory leak in MethodConfig
* Consider protected packages for removal if they are marked as such
* Consider if a fix is successful before claiming it is
* Allow 20 instead of 10 loops for pkgProblemResolver
* Deal with duplicates in the solution space of a dep
-- Julian Andres Klode <email address hidden> Wed, 03 Jun 2020 18:25:22 +0200
-
apt (2.1.5) unstable; urgency=medium
[ David Kalnischkies ]
* Reset candidate version explicitly for internal state-keeping
(Closes: #961266)
* Known-bad candidate versions are not an upgrade option
* Keep status number if candidate is discarded for kept back display
* Allow pkgDepCache to be asked to check internal consistency
* Don't update candidate provides map if the same as current
* Ensure EDSP doesn't use a dangling architecture string
* Allow FMV SSE4.2 detection to succeed on clang
* Mark PatternTreeParser::Node destructor as virtual
[ Frans Spiesschaert ]
* Dutch manpages translation update (Closes: #961431)
-- Julian Andres Klode <email address hidden> Tue, 26 May 2020 12:19:40 +0200
-
apt (2.1.4) unstable; urgency=medium
[ David Kalnischkies ]
* Check satisfiability for versioned provides, not providing version
-- Julian Andres Klode <email address hidden> Tue, 19 May 2020 11:28:59 +0200
-
apt (2.1.3) unstable; urgency=medium
[ David Kalnischkies ]
* Prefer use of O_TMPFILE in GetTempFile if available
* Allow prefix to be a complete filename for GetTempFile
* Properly handle interrupted write() call in ExtractTar
* Skip reading data from tar members if nobody will look at it
* Keep going if a dep is bad for user requests to improve errors
* Support negative dependencies in VCI::FromDependency
* Deal with protected solution providers first
* Propagate protected to already satisfied conflicts (Closes: #960705)
* Propagate protected to already satisfied dependencies
* Recognize propagated protected in pkgProblemResolver
[ Julian Andres Klode ]
* private-search: Only use V.TranslatedDescription() if good (LP: #1877987)
-- Julian Andres Klode <email address hidden> Mon, 18 May 2020 22:23:27 +0200
-
apt (2.1.2) unstable; urgency=critical
[ Julian Andres Klode ]
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
[ Frans Spiesschaert ]
* Dutch program translation update (Closes: #960186)
-- Julian Andres Klode <email address hidden> Wed, 13 May 2020 22:04:47 +0200
-
apt (2.1.1) unstable; urgency=medium
[ David Kalnischkies ]
* Allow aptitude to MarkInstall broken packages via FromUser
* Drop nowrap from po4a --porefs as it is no longer supported
* Use "po4a --porefs file" instead of undocumented compat noline
[ Artur Grącki ]
* Fix typo in Polish translation of --help messages
-- Julian Andres Klode <email address hidden> Fri, 08 May 2020 18:02:53 +0200
-
apt (2.1.0) unstable; urgency=medium
[ Frans Spiesschaert ]
* Dutch manpages translation update (Closes: #956313)
[ David Kalnischkies ]
* Refactor MarkInstall fixing various or-group handling issues
- Discard impossible candidate versions also for non-installed
- Explore or-groups for Recommends further than first
- Refactor and reorder MarkInstall code
- Discard candidate if its dependencies can't be satisfied
- Split up MarkInstall into private helper methods
- Fail earlier on impossible Conflicts in MarkInstall
- Propagate Protected flag to single-option dependencies
- Prefer upgrading installed orgroup members
- Protect a package while resolving in MarkInstall
[ Julian Andres Klode ]
* Reinstate * wildcards (Closes: #953531) (LP: #1872200)
* apt list: Fix behavior of regex vs fnmatch vs wildcards
-- Julian Andres Klode <email address hidden> Mon, 04 May 2020 15:58:24 +0200
-
apt (2.0.2) unstable; urgency=medium
[ Boyuan Yang ]
* Simplified Chinese program translation update (Closes: #955023)
[ Frans Spiesschaert ]
* Dutch program translation update (Closes: #955505)
[ Marco Ippolito ]
* Fix gramma in apt(8): "by append(+ing) a" (Closes: #955412)
[ Chris Leick ]
* German manpage translation update
* Fix "string match{ing,es}" and whitespace typo in apt-patterns(7)
[ Julian Andres Klode ]
* test/integration/apt.pem: Regenerate with SHA2 hashes to make the
test work with stricter gnutls in Ubuntu which rejects SHA1
* ubuntu: http: Add non-interactive to user agent if run by systemd
(LP: #1825000)
-- Julian Andres Klode <email address hidden> Thu, 09 Apr 2020 12:21:07 +0200
