Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian....@packages.debian.org
Usertags: pu
The APT team would like to update APT to 1.0.9.8.2 in stable, with
the following changes (full diff | filterdiff -p1 -x "po/*.po*"
is attached):
+ [ David Kalnischkies ]
+ * hide first pdiff merge failure debug message (Closes: 793444)
-> This was a debugging message that was printed by default
+ * mark again deps of pkgs in APT::Never-MarkAuto-Sections as manual.
+ Thanks to Raphaël Hertzog and Adam Conrad for detailed reports and initial
patches
+ (Closes: 793360) (LP: 1479207)
-> Dependencies of meta packages were not marked as manually installed
+
+ [ Julian Andres Klode ]
+ * Do not parse Status fields from remote sources
-> Remote sources could set "Status: install ok installed" on a package making
APT believe that the package was already installed, and causing APT to
"upgrade" it during an 'apt upgrade' or 'apt-get dist-upgrade' run.
While this sounds like a horrible security issue, because it can be used
to forcibly install new packages, the impact is not high: Sources could
set the Essential field on any package which has almost the same effect,
although being listed in the NEW installs section instead of the upgrade
section.
+ [ Michael Vogt ]
+ * Use xgettext --no-location in make update-pot
-> This (and two other sorting changes) in po/makefile are just there to clean
up our pot file handling, as that currently depends on the order in the
file system, and thus produces a huge diff with every release, as the files
are found in a different order and because line numbers have changed.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (900, 'unstable'), (100, 'experimental'), (1,
'buildd-experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
Be friendly, do not top-post, and follow RFC 1855 "Netiquette".
- If you don't I might ignore you.
diff -Nru apt-1.0.9.8.1/apt-pkg/acquire-item.cc apt-1.0.9.8.2/apt-pkg/acquire-item.cc
--- apt-1.0.9.8.1/apt-pkg/acquire-item.cc 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/apt-pkg/acquire-item.cc 2015-09-15 17:08:27.000000000 +0200
@@ -834,7 +834,8 @@
// first failure means we should fallback
State = StateErrorDiff;
- std::clog << "Falling back to normal index file acquire" << std::endl;
+ if (Debug)
+ std::clog << "Falling back to normal index file acquire" << std::endl;
new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc,
ExpectedHash);
}
diff -Nru apt-1.0.9.8.1/apt-pkg/deb/debindexfile.cc apt-1.0.9.8.2/apt-pkg/deb/debindexfile.cc
--- apt-1.0.9.8.1/apt-pkg/deb/debindexfile.cc 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/apt-pkg/deb/debindexfile.cc 2015-09-15 17:08:27.000000000 +0200
@@ -621,7 +621,7 @@
FileFd Pkg(File,FileFd::ReadOnly, FileFd::Extension);
if (_error->PendingError() == true)
return false;
- debListParser Parser(&Pkg);
+ debStatusListParser Parser(&Pkg);
if (_error->PendingError() == true)
return false;
diff -Nru apt-1.0.9.8.1/apt-pkg/deb/deblistparser.cc apt-1.0.9.8.2/apt-pkg/deb/deblistparser.cc
--- apt-1.0.9.8.1/apt-pkg/deb/deblistparser.cc 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/apt-pkg/deb/deblistparser.cc 2015-09-15 17:08:27.000000000 +0200
@@ -333,7 +333,7 @@
return Result;
}
/*}}}*/
-// ListParser::ParseStatus - Parse the status field /*{{{*/
+// StatusListParser::ParseStatus - Parse the status field /*{{{*/
// ---------------------------------------------------------------------
/* Status lines are of the form,
Status: want flag status
@@ -345,6 +345,11 @@
bool debListParser::ParseStatus(pkgCache::PkgIterator &Pkg,
pkgCache::VerIterator &Ver)
{
+ return true;
+}
+bool debStatusListParser::ParseStatus(pkgCache::PkgIterator &Pkg,
+ pkgCache::VerIterator &Ver)
+{
const char *Start;
const char *Stop;
if (Section.Find("Status",Start,Stop) == false)
diff -Nru apt-1.0.9.8.1/apt-pkg/deb/deblistparser.h apt-1.0.9.8.2/apt-pkg/deb/deblistparser.h
--- apt-1.0.9.8.1/apt-pkg/deb/deblistparser.h 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/apt-pkg/deb/deblistparser.h 2015-09-15 17:08:27.000000000 +0200
@@ -117,4 +117,11 @@
: debListParser(File, Arch) {};
};
+class APT_HIDDEN debStatusListParser : public debListParser
+{
+ public:
+ virtual bool ParseStatus(pkgCache::PkgIterator &Pkg,pkgCache::VerIterator &Ver);
+ debStatusListParser(FileFd *File)
+ : debListParser(File) {};
+};
#endif
diff -Nru apt-1.0.9.8.1/apt-pkg/depcache.cc apt-1.0.9.8.2/apt-pkg/depcache.cc
--- apt-1.0.9.8.1/apt-pkg/depcache.cc 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/apt-pkg/depcache.cc 2015-09-15 17:08:27.000000000 +0200
@@ -1103,7 +1103,12 @@
if (DebugMarker == true)
std::clog << OutputInDepth(Depth) << "MarkInstall " << Pkg << " FU=" << FromUser << std::endl;
- DepIterator Dep = P.InstVerIter(*this).DependsList();
+ VerIterator const PV = P.InstVerIter(*this);
+ if (unlikely(PV.end() == true))
+ return false;
+ bool const PinNeverMarkAutoSection = (PV->Section != 0 && ConfigValueInSubTree("APT::Never-MarkAuto-Sections", PV.Section()));
+
+ DepIterator Dep = PV.DependsList();
for (; Dep.end() != true;)
{
// Grok or groups
@@ -1226,7 +1231,7 @@
continue;
}
// now check if we should consider it a automatic dependency or not
- if(InstPkg->CurrentVer == 0 && InstVer->Section != 0 && ConfigValueInSubTree("APT::Never-MarkAuto-Sections", InstVer.Section()))
+ if(InstPkg->CurrentVer == 0 && PinNeverMarkAutoSection)
{
if(DebugAutoInstall == true)
std::clog << OutputInDepth(Depth) << "Setting NOT as auto-installed (direct "
diff -Nru apt-1.0.9.8.1/configure apt-1.0.9.8.2/configure
--- apt-1.0.9.8.1/configure 2015-06-10 09:40:53.000000000 +0200
+++ apt-1.0.9.8.2/configure 2015-09-15 17:08:33.000000000 +0200
@@ -2436,7 +2436,7 @@
PACKAGE="apt"
-PACKAGE_VERSION="1.0.9.8.1"
+PACKAGE_VERSION="1.0.9.8.2"
PACKAGE_MAIL="APT Development Team <de...@lists.debian.org>"
cat >>confdefs.h <<_ACEOF
#define PACKAGE "$PACKAGE"
diff -Nru apt-1.0.9.8.1/configure.ac apt-1.0.9.8.2/configure.ac
--- apt-1.0.9.8.1/configure.ac 2015-06-10 09:40:52.000000000 +0200
+++ apt-1.0.9.8.2/configure.ac 2015-09-15 17:08:32.000000000 +0200
@@ -18,7 +18,7 @@
AC_CONFIG_HEADER(include/config.h:buildlib/config.h.in include/apti18n.h:buildlib/apti18n.h.in)
PACKAGE="apt"
-PACKAGE_VERSION="1.0.9.8.1"
+PACKAGE_VERSION="1.0.9.8.2"
PACKAGE_MAIL="APT Development Team <de...@lists.debian.org>"
AC_DEFINE_UNQUOTED(PACKAGE,"$PACKAGE")
AC_DEFINE_UNQUOTED(PACKAGE_VERSION,"$PACKAGE_VERSION")
diff -Nru apt-1.0.9.8.1/debian/changelog apt-1.0.9.8.2/debian/changelog
--- apt-1.0.9.8.1/debian/changelog 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/debian/changelog 2015-09-15 17:08:27.000000000 +0200
@@ -1,3 +1,19 @@
+apt (1.0.9.8.2) jessie; urgency=medium
+
+ [ David Kalnischkies ]
+ * hide first pdiff merge failure debug message (Closes: 793444)
+ * mark again deps of pkgs in APT::Never-MarkAuto-Sections as manual.
+ Thanks to Raphaël Hertzog and Adam Conrad for detailed reports and initial patches
+ (Closes: 793360) (LP: 1479207)
+
+ [ Julian Andres Klode ]
+ * Do not parse Status fields from remote sources
+
+ [ Michael Vogt ]
+ * Use xgettext --no-location in make update-pot
+
+ -- Julian Andres Klode <j...@debian.org> Tue, 15 Sep 2015 16:48:35 +0200
+
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
diff -Nru apt-1.0.9.8.1/debian/gbp.conf apt-1.0.9.8.2/debian/gbp.conf
--- apt-1.0.9.8.1/debian/gbp.conf 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/debian/gbp.conf 2015-09-15 17:08:27.000000000 +0200
@@ -4,4 +4,4 @@
debian-branch = debian/jessie
debian-tag = %(version)s
export-dir = ../build-area
-sign-tags = True
\ No newline at end of file
+sign-tags = True
diff -Nru apt-1.0.9.8.1/doc/apt-verbatim.ent apt-1.0.9.8.2/doc/apt-verbatim.ent
--- apt-1.0.9.8.1/doc/apt-verbatim.ent 2015-06-10 09:40:52.000000000 +0200
+++ apt-1.0.9.8.2/doc/apt-verbatim.ent 2015-09-15 17:08:32.000000000 +0200
@@ -225,7 +225,7 @@
">
<!-- this will be updated by 'prepare-release' -->
-<!ENTITY apt-product-version "1.0.9.8.1">
+<!ENTITY apt-product-version "1.0.9.8.2">
<!-- (Code)names for various things used all over the place -->
<!ENTITY oldstable-codename "wheezy">
diff -Nru apt-1.0.9.8.1/doc/po/apt-doc.pot apt-1.0.9.8.2/doc/po/apt-doc.pot
--- apt-1.0.9.8.1/doc/po/apt-doc.pot 2015-06-10 09:40:50.000000000 +0200
+++ apt-1.0.9.8.2/doc/po/apt-doc.pot 2015-09-15 17:08:27.000000000 +0200
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: apt-doc 1.0.9.8\n"
+"Project-Id-Version: apt-doc 1.0.9.8.2\n"
"Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n"
-"POT-Creation-Date: 2015-06-10 09:40+0200\n"
+"POT-Creation-Date: 2015-09-15 14:59+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <l...@li.org>\n"
diff -Nru apt-1.0.9.8.1/po/makefile apt-1.0.9.8.2/po/makefile
--- apt-1.0.9.8.1/po/makefile 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/po/makefile 2015-09-15 17:08:27.000000000 +0200
@@ -15,7 +15,7 @@
include ../buildlib/defaults.mak
CATALOGS := $(addsuffix .gmo, $(shell sed -e '/^\#/ d' -e '/^$$/ d' LINGUAS | tr '\n' ' '))
-DOMAINS := $(notdir $(wildcard $(PO_DOMAINS)/*))
+DOMAINS := $(sort $(notdir $(wildcard $(PO_DOMAINS)/*)))
POTFILES := $(addsuffix .pot,$(addprefix $(PO)/,$(DOMAINS)))
# Construct a list of all mo files for all domains under $(PO_DOMAINS)
@@ -37,9 +37,10 @@
cmp --silent $(PO)/domains/$*/sh.pot.tmp $(PO)/domains/$*/sh.pot || \
mv $(PO)/domains/$*/sh.pot.tmp $(PO)/domains/$*/sh.pot
# From C/C++ source
- cat $(PO)/domains/$*/*.srclist > $(PO)/POTFILES_$*.in
+ cat $(PO)/domains/$*/*.srclist | sort > $(PO)/POTFILES_$*.in
$(XGETTEXT) --default-domain=$* --directory=$(BASE) \
--add-comments --foreign --keyword=_ --keyword=N_ \
+ --no-location \
--keyword=P_:1,2 \
--files-from=$(PO)/POTFILES_$*.in -o $(PO)/domains/$*/c.pot.tmp
cmp --silent $(PO)/domains/$*/c.pot.tmp $(PO)/domains/$*/c.pot || \
diff -Nru apt-1.0.9.8.1/test/integration/framework apt-1.0.9.8.2/test/integration/framework
--- apt-1.0.9.8.1/test/integration/framework 2015-06-10 09:40:35.000000000 +0200
+++ apt-1.0.9.8.2/test/integration/framework 2015-09-15 17:08:27.000000000 +0200
@@ -508,10 +508,12 @@
-- Joe Sixpack <j...@example.org> $(date -R)" > ${BUILDDIR}/debian/changelog
echo "Source: $NAME
-Section: $SECTION
Priority: $PRIORITY
Maintainer: Joe Sixpack <j...@example.org>
Standards-Version: 3.9.3" > ${BUILDDIR}/debian/control
+ if [ "$SECTION" != '<none>' ]; then
+ echo "Section: $SECTION" >> ${BUILDDIR}/debian/control
+ fi
local BUILDDEPS="$(echo "$DEPENDENCIES" | grep '^Build-')"
test -z "$BUILDDEPS" || echo "$BUILDDEPS" >> ${BUILDDIR}/debian/control
echo "
diff -Nru apt-1.0.9.8.1/test/integration/test-apt-never-markauto-sections apt-1.0.9.8.2/test/integration/test-apt-never-markauto-sections
--- apt-1.0.9.8.1/test/integration/test-apt-never-markauto-sections 1970-01-01 01:00:00.000000000 +0100
+++ apt-1.0.9.8.2/test/integration/test-apt-never-markauto-sections 2015-09-15 17:08:27.000000000 +0200
@@ -0,0 +1,106 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'amd64' 'i386'
+
+aptconfig dump --no-empty --format '%v%n' APT::Never-MarkAuto-Sections > nevermarkauto.sections
+testsuccess grep '^metapackages$' nevermarkauto.sections
+
+# this is a very crude regression test, not a "this is how it should be" test:
+# In theory mydesktop-core and texteditor should be marked as manual, but
+# texteditor is installed as a dependency of bad-texteditor, not of
+# mydesktop-core and mydesktop-core is removed while bad-texteditor is
+# installed losing the manual bit as the problem resolver will later decide to
+# drop bad-texteditor and re-instate mydesktop-core which is considered an
+# auto-install at that point (in theory the never-auto handling should be
+# copied to this place – as to the many other places dependencies are resolved
+# 'by hand' instead of via MarkInstall AutoInst…
+#
+# Both could be fixed if apt would figure out early that installing
+# bad-texteditor is a bad idea and eventually it should (as mydesktop-core is
+# a direct descendant of mydesktop which was a user-request mydesktop-core should
+# be as protected from removal as mydesktop is), but this is hard in the general case
+# as with more or-groups and provides you can produce 'legal' examples for this.
+
+buildsimplenativepackage 'mydesktop' 'all' '1' 'unstable' 'Depends: mydesktop-core, foreignpkg
+Recommends: notavailable' '' 'metapackages'
+buildsimplenativepackage 'mydesktop-core' 'amd64' '1' 'unstable' 'Depends: bad-texteditor | texteditor, browser (>= 42), nosection, foreignpkg
+Recommends: notavailable
+Multi-Arch: foreign' '' 'metapackages'
+buildsimplenativepackage 'browser' 'amd64' '41' 'stable'
+buildsimplenativepackage 'browser' 'amd64' '42' 'unstable'
+buildsimplenativepackage 'texteditor' 'amd64' '1' 'stable'
+buildsimplenativepackage 'bad-texteditor' 'amd64' '1' 'stable' 'Depends: texteditor
+Conflicts: mydesktop-core'
+buildsimplenativepackage 'nosection' 'amd64' '1' 'stable' '' '' '<none>'
+buildsimplenativepackage 'foreignpkg' 'i386' '1' 'stable' 'Multi-Arch: foreign'
+setupaptarchive
+
+testsuccess aptcache show nosection
+testfailure grep 'Section' rootdir/tmp/testsuccess.output
+testequal 'dpkg' aptmark showmanual
+
+testsuccess aptget install mydesktop -y -o Debug::pkgProblemResolver=1 -o Debug::pkgDepCache::Marker=1
+
+testequal 'browser
+dpkg
+foreignpkg:i386
+mydesktop
+nosection' aptmark showmanual
+testmarkedauto 'mydesktop-core' 'texteditor'
+
+testequal 'Reading package lists...
+Building dependency tree...
+Reading state information...
+The following packages will be REMOVED:
+ mydesktop mydesktop-core texteditor
+0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded.
+Remv mydesktop [1]
+Remv mydesktop-core [1]
+Remv texteditor [1]' aptget autoremove mydesktop -s
+
+testequal 'Reading package lists...
+Building dependency tree...
+Reading state information...
+The following packages will be REMOVED:
+ mydesktop mydesktop-core texteditor
+0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded.
+Remv mydesktop [1]
+Remv mydesktop-core [1]
+Remv texteditor [1]' aptget autoremove texteditor -s
+testsuccess aptget autoremove texteditor -y
+
+testdpkgnotinstalled mydesktop mydesktop-core texteditor
+testdpkginstalled browser
+
+testequal 'browser
+dpkg
+foreignpkg:i386
+nosection' aptmark showmanual
+testmarkedauto
+
+# test that installed/upgraded auto-pkgs are not set to manual
+
+testsuccess aptget install browser=41 -y --force-yes
+
+testequal 'browser
+dpkg
+foreignpkg:i386
+nosection' aptmark showmanual
+testmarkedauto
+testsuccess aptmark auto browser
+testmarkedauto 'browser'
+testsuccess aptmark auto nosection
+testmarkedauto 'browser' 'nosection'
+testequal 'dpkg
+foreignpkg:i386' aptmark showmanual
+
+testsuccess aptget install mydesktop -y
+
+testequal 'dpkg
+foreignpkg:i386
+mydesktop' aptmark showmanual
+testmarkedauto 'browser' 'nosection' 'mydesktop-core' 'texteditor'
diff -Nru apt-1.0.9.8.1/test/integration/test-security-no-remote-status apt-1.0.9.8.2/test/integration/test-security-no-remote-status
--- apt-1.0.9.8.1/test/integration/test-security-no-remote-status 1970-01-01 01:00:00.000000000 +0100
+++ apt-1.0.9.8.2/test/integration/test-security-no-remote-status 2015-09-15 17:08:27.000000000 +0200
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# Test that packages from remote sources cannot set the Status field.
+#
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'amd64'
+
+TMPDIR=$(readlink -f .)
+
+insertpackage 'unstable' 'pretends-installed' 'all' '1' 'Status: install ok installed'
+insertinstalledpackage 'really-installed' 'all' '1'
+setupaptarchive
+
+testequal "pretends-installed:
+ Installed: (none)
+ Candidate: 1
+ Version table:
+ 1 0
+ 500 file:${TMPDIR}/aptarchive/ unstable/main amd64 Packages" aptcache policy pretends-installed
+
+testequal "really-installed:
+ Installed: 1
+ Candidate: 1
+ Version table:
+ *** 1 0
+ 100 ${TMPDIR}/rootdir/var/lib/dpkg/status" aptcache policy really-installed
