Bug#867190: stretch-pu: package apt/1.4.7
Control: tags -1 + pending On Fri, 2017-07-14 at 00:34 +0200, Julian Andres Klode wrote: > On Thu, Jul 13, 2017 at 09:00:06PM +0100, Adam D. Barratt wrote: > > Control: tags -1 -moreinfo +confirmed > > > > On Sun, 2017-07-09 at 17:08 +0200, Julian Andres Klode wrote: > > > The first one by David, the second by me, so this would end up > > > something like the following (order may be different, it's auto-generated > > > from git commits): > > > > > > apt (1.4.7) stretch; urgency=medium > > > > > > [ Robert Luberda ] > > > * fix a "critical" typo in old changelog entry (Closes: 866358) > > > > > > [ David Kalnischkies ] > > > * use port from SRV record instead of initial port > > > * travis: ignore profiling warning in progress lines > > > > > > > > > [ Julian Andres Klode ] > > > * Reset failure reason when connection was successful > > > > maybe "... ensuring errors are correctly reported" or something similar? > > > > > * debian/gbp.conf: Set debian-branch to 1.4.y > > > * http: Do not try reading content if Content-Length is 0 > > > * travis: Migrate to Docker > > > * Release 1.4.7 (LP: #1702326) > > > > Having the release item at the end looks slightly odd, imho. :-) > > > > Please feel free to upload something like the above (bearing in mind > > that the window for 9.1 closes this weekend). > > Uploaded with: > > apt (1.4.7) stretch; urgency=medium Flagged for acceptance. Regards, Adam
Bug#867190: stretch-pu: package apt/1.4.7
On Thu, Jul 13, 2017 at 09:00:06PM +0100, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Sun, 2017-07-09 at 17:08 +0200, Julian Andres Klode wrote: > > The first one by David, the second by me, so this would end up > > something like the following (order may be different, it's auto-generated > > from git commits): > > > > apt (1.4.7) stretch; urgency=medium > > > > [ Robert Luberda ] > > * fix a "critical" typo in old changelog entry (Closes: 866358) > > > > [ David Kalnischkies ] > > * use port from SRV record instead of initial port > > * travis: ignore profiling warning in progress lines > > > > > > [ Julian Andres Klode ] > > * Reset failure reason when connection was successful > > maybe "... ensuring errors are correctly reported" or something similar? > > > * debian/gbp.conf: Set debian-branch to 1.4.y > > * http: Do not try reading content if Content-Length is 0 > > * travis: Migrate to Docker > > * Release 1.4.7 (LP: #1702326) > > Having the release item at the end looks slightly odd, imho. :-) > > Please feel free to upload something like the above (bearing in mind > that the window for 9.1 closes this weekend). Uploaded with: apt (1.4.7) stretch; urgency=medium . * New release with important fixes up to 1.5~beta1; also see LP: #1702326 . [ Robert Luberda ] * fix a "critical" typo in old changelog entry (Closes: 866358) . [ David Kalnischkies ] * test suite/travis CI: ignore profiling warning in progress lines * use port from SRV record instead of initial port . [ Julian Andres Klode ] * Reset failure reason when connection was successful, so later errors are reported as such and not as "connection failure" warnings. * debian/gbp.conf: Set debian-branch to 1.4.y * http: A response with Content-Length: 0 has no content, so don't try to read it - it will either timeout or the server closes the connection. * travis CI: Migrate to Docker -- Debian Developer - deb.li/jak | jak-linux.org - free software dev | Ubuntu Core Developer | When replying, only quote what is necessary, and write each reply directly below the part(s) it pertains to ('inline'). Thank you.
Bug#867190: stretch-pu: package apt/1.4.7
Control: tags -1 -moreinfo +confirmed On Sun, 2017-07-09 at 17:08 +0200, Julian Andres Klode wrote: > The first one by David, the second by me, so this would end up > something like the following (order may be different, it's auto-generated > from git commits): > > apt (1.4.7) stretch; urgency=medium > > [ Robert Luberda ] > * fix a "critical" typo in old changelog entry (Closes: 866358) > > [ David Kalnischkies ] > * use port from SRV record instead of initial port > * travis: ignore profiling warning in progress lines > > > [ Julian Andres Klode ] > * Reset failure reason when connection was successful maybe "... ensuring errors are correctly reported" or something similar? > * debian/gbp.conf: Set debian-branch to 1.4.y > * http: Do not try reading content if Content-Length is 0 > * travis: Migrate to Docker > * Release 1.4.7 (LP: #1702326) Having the release item at the end looks slightly odd, imho. :-) Please feel free to upload something like the above (bearing in mind that the window for 9.1 closes this weekend). Regards, Adam
Bug#867190: stretch-pu: package apt/1.4.7
On Sun, Jul 09, 2017 at 03:22:12PM +0100, Adam D. Barratt wrote: > On Wed, 2017-07-05 at 09:38 +0200, Julian Andres Klode wrote: > > On Wed, Jul 05, 2017 at 07:58:11AM +0200, Cyril Brulebois wrote: > > > Control: tag -1 moreinfo > > > > > > Hi, > > > > > > Julian Andres Klode(2017-07-04): > > > > This release fixes several smaller bugs in the network connection. > > > > Apart from the changes in the changelog, there also are some changes > > > > to our travis CI integration and the test suite to make CI more > > > > reliable (by fixing coverage errors messing up our tests), more future > > > > proof (by using docker instead of mixing travis' ubuntu trusty with > > > > wily and xenial packages...), and the CI now runs on stretch, so > > > > that's good too :) > > > > > > > > All fixes are straight cherry-picks from unstable, just the travis > > > > stuff had some changes (one less variant to build and stretch isntead > > > > of testing), but that does not affect us. > > > > > > apt will need to migrate to testing before we could tentatively accept > > > anything from stretch-new; but we're not there yet. > > > > grr, why did the bits email Adam sent then say: > > > > " * The bug you want to fix in stable must be fixed in unstable > > already (and not waiting in NEW or the delayed queue)" > > > > I guess you'll see a lot more people trying to do stable updates > > only in unstable if that's what people have been told is needed > > - perhaps send a follow-up correction? > > There are two things here that I think may be getting confused. > > The requirement for accepting an update to p-u has always been that it > doesn't affect unstable - either by the affected code not being present > or (more commonly) by the bug having already been fixed in unstable. > That requirement is to ensure that the fix gets at least some exposure > before the point release, and because it's quicker and simpler to get > any required follow-up fixes applied in unstable. We do of course want > to fix to be available to users of testing asap, but that's not a > blocker for the p-u request. > > In order for the fix to then get into stable itself, the version of the > package in testing must be strictly higher than that of the p-u update. > It's preferable if that occurs due to a more recent package having > migrated to testing, but if necessary ftp-master will (at our request) > force packages into testing and/or unstable during the point release, in > order to avoid violating the archive's inter-suite version constraints. Ah yeah, sorry, I forgot that testing was still at 1.4.6 (now 1.5~beta1 seems to have migrated). > > > > > [ David Kalnischkies ] > > > > * use port from SRV record instead of initial port > > > > => Might have picked the wrong port > > > > > > > > [ Julian Andres Klode ] > > > > * Reset failure reason when connection was successful > > > > => Some failures were only treated as warnings, not errors > > > > > > No bug reports with details for those? > > [...] > > > > > > > * http: A response with Content-Length: 0 has no content > > > > > > > > => Downloading failed if server responded with Content-Length: 0, as > > > >APT was waiting for content to read. > > > > > > No bug report with details? > > > > I discovered the last two while writing the TLS support in 1.5, so I did > > not open up a bug report for each. I'm not sure how David noticed the > > first one, but all of them seem to be important bugs. > > I'm okay with the fixes, but the changelog descriptions aren't > particularly great. For instance, you've explained in this thread that > the Content-Length: bug caused apt to wait (indefinitely?) for content > that would never arrive, but that's not really clear (at least to me) > from the changelog. There are timeouts for everything, well one value, defaulting to 120s, that is, 2 minutes. So what do you suggest? A simple rewording like this: " * http: A response with Content-Length: 0 has no content." => " * http: Do not try to read content if Content-Length is 0" " * Reset failure reason when connection was successful." => " * Ignore errors from earlier connection attempts on successful connection" (What about the " use port from SRV record instead of initial port."? It's entirely clear if you know what a SRV record is, but otherwise...). Or more details? For example, we could expand all changelog entries to include (almost) the entire commit message (the changelog is generated by gbp-dch), then we end up with this monster: apt (1.4.7) unstable; urgency=medium [ David Kalnischkies ] * travis: ignore profiling warning in progress lines. On Travis CI running tests with code coverage enabled sometimes generates profiling lines, which we filter out for a while now, but that misses lines generated showing progress still causing test failures, so more sed logic is added in the hopes to ignore them. * use port from SRV
Bug#867190: stretch-pu: package apt/1.4.7
On Wed, 2017-07-05 at 09:38 +0200, Julian Andres Klode wrote: > On Wed, Jul 05, 2017 at 07:58:11AM +0200, Cyril Brulebois wrote: > > Control: tag -1 moreinfo > > > > Hi, > > > > Julian Andres Klode(2017-07-04): > > > This release fixes several smaller bugs in the network connection. > > > Apart from the changes in the changelog, there also are some changes > > > to our travis CI integration and the test suite to make CI more > > > reliable (by fixing coverage errors messing up our tests), more future > > > proof (by using docker instead of mixing travis' ubuntu trusty with > > > wily and xenial packages...), and the CI now runs on stretch, so > > > that's good too :) > > > > > > All fixes are straight cherry-picks from unstable, just the travis > > > stuff had some changes (one less variant to build and stretch isntead > > > of testing), but that does not affect us. > > > > apt will need to migrate to testing before we could tentatively accept > > anything from stretch-new; but we're not there yet. > > grr, why did the bits email Adam sent then say: > > " * The bug you want to fix in stable must be fixed in unstable > already (and not waiting in NEW or the delayed queue)" > > I guess you'll see a lot more people trying to do stable updates > only in unstable if that's what people have been told is needed > - perhaps send a follow-up correction? There are two things here that I think may be getting confused. The requirement for accepting an update to p-u has always been that it doesn't affect unstable - either by the affected code not being present or (more commonly) by the bug having already been fixed in unstable. That requirement is to ensure that the fix gets at least some exposure before the point release, and because it's quicker and simpler to get any required follow-up fixes applied in unstable. We do of course want to fix to be available to users of testing asap, but that's not a blocker for the p-u request. In order for the fix to then get into stable itself, the version of the package in testing must be strictly higher than that of the p-u update. It's preferable if that occurs due to a more recent package having migrated to testing, but if necessary ftp-master will (at our request) force packages into testing and/or unstable during the point release, in order to avoid violating the archive's inter-suite version constraints. > > > > > Let me know if this is good to go. > > > > > > apt (1.4.7) stretch; urgency=medium > > > > I'll let Adam comment on whether it's OK for this specific case not to > > use +debXuY versioning, since you seem to be going for 1.4.x series in > > stretch. > > We also did this in jessie. dpkg also does this. > > APT now maintains stable branches matching Debian and Ubuntu > releases, and 1.4.y is the branch for stretch and artful. ACK. > > > * New microrelease fixing issues in http method (LP: #1702326) > > > => I'll also upload this to Ubuntu, that's just a tag for them, it > > >also helps summarizing the main part of the upload > > > > This isn't much informative: I have no idea what issues you're fixing, > > or how. Users won't know, either. > > That's true. I'm still figuring out the best way to keep the Ubuntu > one in sync, so I thought I'd just add the tracking bug I need for > that release there in here and then upload the whole thing there > after fiddling with changes. I'm basically just trying to keep a > single continuity of 1.4.y, and not have 1.4.y-debian and > 1.4.y-ubuntu. That won't last long however, the Ubuntu release > only has 9 months of support since April. > > We can of course make it more helpful, if you have any > suggestions :) See related comments later. > > > [ Robert Luberda ] > > > * fix a "critical" typo in old changelog entry (Closes: 866358) > > > > > > => Remove a letter, and works around a bug in apt-listchanges. > > > > Having a quick glance at the BTS, severity:minor isn't exactly what > > we're considering for proposed-updates. Having correct bug meta data > > would help (from reading the bug report, working around the issue might > > be an idea, but fixing apt-listchanges in stable as well might be > > better). > > It's not the main focus of this release, but since we are already > fixing the important bugs in the http stack, I thought we'd include > this for the ride. It's removing a single character from a changelog > file, after all. Seems ok. > > > [ David Kalnischkies ] > > > * use port from SRV record instead of initial port > > > => Might have picked the wrong port > > > > > > [ Julian Andres Klode ] > > > * Reset failure reason when connection was successful > > > => Some failures were only treated as warnings, not errors > > > > No bug reports with details for those? > [...] > > > > > * http: A response with Content-Length: 0 has no content > > > > > > => Downloading failed if server responded with Content-Length: 0, as > > >APT was waiting
Bug#867190: stretch-pu: package apt/1.4.7
On Wed, Jul 05, 2017 at 07:58:11AM +0200, Cyril Brulebois wrote: > Control: tag -1 moreinfo > > Hi, > > Julian Andres Klode(2017-07-04): > > This release fixes several smaller bugs in the network connection. > > Apart from the changes in the changelog, there also are some changes > > to our travis CI integration and the test suite to make CI more > > reliable (by fixing coverage errors messing up our tests), more future > > proof (by using docker instead of mixing travis' ubuntu trusty with > > wily and xenial packages...), and the CI now runs on stretch, so > > that's good too :) > > > > All fixes are straight cherry-picks from unstable, just the travis > > stuff had some changes (one less variant to build and stretch isntead > > of testing), but that does not affect us. > > apt will need to migrate to testing before we could tentatively accept > anything from stretch-new; but we're not there yet. grr, why did the bits email Adam sent then say: " * The bug you want to fix in stable must be fixed in unstable already (and not waiting in NEW or the delayed queue)" I guess you'll see a lot more people trying to do stable updates only in unstable if that's what people have been told is needed - perhaps send a follow-up correction? > > > Let me know if this is good to go. > > > > apt (1.4.7) stretch; urgency=medium > > I'll let Adam comment on whether it's OK for this specific case not to > use +debXuY versioning, since you seem to be going for 1.4.x series in > stretch. We also did this in jessie. dpkg also does this. APT now maintains stable branches matching Debian and Ubuntu releases, and 1.4.y is the branch for stretch and artful. > > > * New microrelease fixing issues in http method (LP: #1702326) > > => I'll also upload this to Ubuntu, that's just a tag for them, it > >also helps summarizing the main part of the upload > > This isn't much informative: I have no idea what issues you're fixing, > or how. Users won't know, either. That's true. I'm still figuring out the best way to keep the Ubuntu one in sync, so I thought I'd just add the tracking bug I need for that release there in here and then upload the whole thing there after fiddling with changes. I'm basically just trying to keep a single continuity of 1.4.y, and not have 1.4.y-debian and 1.4.y-ubuntu. That won't last long however, the Ubuntu release only has 9 months of support since April. We can of course make it more helpful, if you have any suggestions :) > > > [ Robert Luberda ] > > * fix a "critical" typo in old changelog entry (Closes: 866358) > > > > => Remove a letter, and works around a bug in apt-listchanges. > > Having a quick glance at the BTS, severity:minor isn't exactly what > we're considering for proposed-updates. Having correct bug meta data > would help (from reading the bug report, working around the issue might > be an idea, but fixing apt-listchanges in stable as well might be > better). It's not the main focus of this release, but since we are already fixing the important bugs in the http stack, I thought we'd include this for the ride. It's removing a single character from a changelog file, after all. > > > [ David Kalnischkies ] > > * use port from SRV record instead of initial port > > => Might have picked the wrong port > > > > [ Julian Andres Klode ] > > * Reset failure reason when connection was successful > > => Some failures were only treated as warnings, not errors > > No bug reports with details for those? [...] > > > * http: A response with Content-Length: 0 has no content > > > > => Downloading failed if server responded with Content-Length: 0, as > >APT was waiting for content to read. > > No bug report with details? I discovered the last two while writing the TLS support in 1.5, so I did not open up a bug report for each. I'm not sure how David noticed the first one, but all of them seem to be important bugs. (1) SRV Stuff: Clearly if we connect to the target host with the wrong port, then it does not work. You could work around that by using only SRV records where target port = src port. (2) Failure reason: This caused random failures in the test suite for https because some repositories with missing InRelease files did not cause an error, but only a warning; and apt did not try fetching Release and Release.gpg because it thought it could not connect to the host at all. Not sure why it only randomly failed, I assume there's another bug somewhere. For this to happen, you need to have a server with multiple IP addresses, and not be able to connect() to one of them before you can connect to it. I think not following up on a missing InRelease and try to fetch Release.gpg and Release can be considered release critical, as can the fact that the failing repository does not cause "update" to exit with an error. (3) Content-Length: I only noticed this when interacting with Launchpad,
Bug#867190: stretch-pu: package apt/1.4.7
Control: tag -1 moreinfo Hi, Julian Andres Klode(2017-07-04): > This release fixes several smaller bugs in the network connection. > Apart from the changes in the changelog, there also are some changes > to our travis CI integration and the test suite to make CI more > reliable (by fixing coverage errors messing up our tests), more future > proof (by using docker instead of mixing travis' ubuntu trusty with > wily and xenial packages...), and the CI now runs on stretch, so > that's good too :) > > All fixes are straight cherry-picks from unstable, just the travis > stuff had some changes (one less variant to build and stretch isntead > of testing), but that does not affect us. apt will need to migrate to testing before we could tentatively accept anything from stretch-new; but we're not there yet. > Let me know if this is good to go. > > apt (1.4.7) stretch; urgency=medium I'll let Adam comment on whether it's OK for this specific case not to use +debXuY versioning, since you seem to be going for 1.4.x series in stretch. > * New microrelease fixing issues in http method (LP: #1702326) > => I'll also upload this to Ubuntu, that's just a tag for them, it >also helps summarizing the main part of the upload This isn't much informative: I have no idea what issues you're fixing, or how. Users won't know, either. > [ Robert Luberda ] > * fix a "critical" typo in old changelog entry (Closes: 866358) > > => Remove a letter, and works around a bug in apt-listchanges. Having a quick glance at the BTS, severity:minor isn't exactly what we're considering for proposed-updates. Having correct bug meta data would help (from reading the bug report, working around the issue might be an idea, but fixing apt-listchanges in stable as well might be better). > [ David Kalnischkies ] > * use port from SRV record instead of initial port > => Might have picked the wrong port > > [ Julian Andres Klode ] > * Reset failure reason when connection was successful > => Some failures were only treated as warnings, not errors No bug reports with details for those? > * debian/gbp.conf: Set debian-branch to 1.4.y > => Building ... > > * http: A response with Content-Length: 0 has no content > > => Downloading failed if server responded with Content-Length: 0, as >APT was waiting for content to read. No bug report with details? > diff -Nru apt-1.4.6/Dockerfile apt-1.4.7/Dockerfile > --- apt-1.4.6/Dockerfile 1970-01-01 01:00:00.0 +0100 > +++ apt-1.4.7/Dockerfile 2017-07-04 17:11:59.0 +0200 > @@ -0,0 +1,11 @@ > +FROM debian:stretch > +COPY . /tmp > +WORKDIR /tmp > +RUN sed -i s#://deb.debian.org#://cdn-fastly.deb.debian.org# > /etc/apt/sources.list \ > +&& apt-get update \ > +&& adduser --home /home/travis travis --quiet --disabled-login --gecos > "" --uid 1000 \ > +&& env DEBIAN_FRONTEND=noninteractive apt-get install build-essential > ccache ninja-build expect curl git -q -y \ > +&& env DEBIAN_FRONTEND=noninteractive ./prepare-release travis-ci \ > +&& dpkg-reconfigure ccache \ > +&& rm -r /tmp/* \ > +&& apt-get clean Not documented in changelog. Not sure this addition belongs to stable anyway. > diff -Nru apt-1.4.6/methods/basehttp.cc apt-1.4.7/methods/basehttp.cc > --- apt-1.4.6/methods/basehttp.cc 2017-06-01 10:50:26.0 +0200 > +++ apt-1.4.7/methods/basehttp.cc 2017-07-04 17:11:59.0 +0200 > @@ -146,6 +146,9 @@ > > if (stringcasecmp(Tag,"Content-Length:") == 0) > { > + auto ContentLength = strtoull(Val.c_str(), NULL, 10); > + if (ContentLength == 0) > + return true; >if (Encoding == Closes) >Encoding = Stream; >HaveContent = true; > @@ -154,7 +157,7 @@ >if (Result == 416 || (Result >= 300 && Result < 400)) >DownloadSizePtr = > > - *DownloadSizePtr = strtoull(Val.c_str(), NULL, 10); > + *DownloadSizePtr = ContentLength; >if (*DownloadSizePtr >= std::numeric_limits::max()) >return _error->Errno("HeaderLine", _("The HTTP server sent an invalid > Content-Length header")); >else if (*DownloadSizePtr == 0) > diff -Nru apt-1.4.6/methods/connect.cc apt-1.4.7/methods/connect.cc > --- apt-1.4.6/methods/connect.cc 2017-06-01 10:50:26.0 +0200 > +++ apt-1.4.7/methods/connect.cc 2017-07-04 17:11:59.0 +0200 > @@ -144,7 +144,9 @@ >return _error->Errno("connect",_("Could not connect to %s:%s > (%s)."),Host.c_str(), > Service,Name); > } > - > + > + Owner->SetFailReason(""); > + > return true; > } > /*}}}*/ > @@ -312,12 +314,15 @@ > size_t stackSize = 0; > // try to connect in the priority order of the srv records > std::string initialHost{std::move(Host)}; > + auto const initialPort = Port; > while(SrvRecords.empty() == false) > { >
Bug#867190: stretch-pu: package apt/1.4.7
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu This release fixes several smaller bugs in the network connection. Apart from the changes in the changelog, there also are some changes to our travis CI integration and the test suite to make CI more reliable (by fixing coverage errors messing up our tests), more future proof (by using docker instead of mixing travis' ubuntu trusty with wily and xenial packages...), and the CI now runs on stretch, so that's good too :) All fixes are straight cherry-picks from unstable, just the travis stuff had some changes (one less variant to build and stretch isntead of testing), but that does not affect us. Let me know if this is good to go. apt (1.4.7) stretch; urgency=medium * New microrelease fixing issues in http method (LP: #1702326) => I'll also upload this to Ubuntu, that's just a tag for them, it also helps summarizing the main part of the upload [ Robert Luberda ] * fix a "critical" typo in old changelog entry (Closes: 866358) => Remove a letter, and works around a bug in apt-listchanges. [ David Kalnischkies ] * use port from SRV record instead of initial port => Might have picked the wrong port [ Julian Andres Klode ] * Reset failure reason when connection was successful => Some failures were only treated as warnings, not errors * debian/gbp.conf: Set debian-branch to 1.4.y => Building ... * http: A response with Content-Length: 0 has no content => Downloading failed if server responded with Content-Length: 0, as APT was waiting for content to read. -- Julian Andres KlodeTue, 04 Jul 2017 17:11:59 +0200 -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (900, 'unstable'), (900, 'testing'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) -- Debian Developer - deb.li/jak | jak-linux.org - free software dev | Ubuntu Core Developer | When replying, only quote what is necessary, and write each reply directly below the part(s) it pertains to ('inline'). Thank you. diff -Nru apt-1.4.6/CMakeLists.txt apt-1.4.7/CMakeLists.txt --- apt-1.4.6/CMakeLists.txt 2017-06-01 10:50:26.0 +0200 +++ apt-1.4.7/CMakeLists.txt 2017-07-04 17:11:59.0 +0200 @@ -172,7 +172,7 @@ # Configure some variables like package, version and architecture. set(PACKAGE ${PROJECT_NAME}) set(PACKAGE_MAIL "APT Development Team ") -set(PACKAGE_VERSION "1.4.6") +set(PACKAGE_VERSION "1.4.7") if (NOT DEFINED DPKG_DATADIR) execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;" diff -Nru apt-1.4.6/debian/changelog apt-1.4.7/debian/changelog --- apt-1.4.6/debian/changelog 2017-06-01 10:50:26.0 +0200 +++ apt-1.4.7/debian/changelog 2017-07-04 17:11:59.0 +0200 @@ -1,3 +1,20 @@ +apt (1.4.7) stretch; urgency=medium + + * New microrelease fixing issues in http method (LP: #1702326) + + [ Robert Luberda ] + * fix a "critical" typo in old changelog entry (Closes: 866358) + + [ David Kalnischkies ] + * use port from SRV record instead of initial port + + [ Julian Andres Klode ] + * Reset failure reason when connection was successful + * debian/gbp.conf: Set debian-branch to 1.4.y + * http: A response with Content-Length: 0 has no content + + -- Julian Andres Klode Tue, 04 Jul 2017 17:11:59 +0200 + apt (1.4.6) unstable; urgency=medium * apt.systemd.daily: Do not pass -d to unattended-upgrade for the download @@ -3330,7 +3347,7 @@ -- Michael Vogt Fri, 22 Mar 2013 21:57:08 +0100 -apt (0.9.7.8) unstable; urgency=criticial +apt (0.9.7.8) unstable; urgency=critical * SECURITY UPDATE: InRelease verification bypass - CVE-2013-1051 diff -Nru apt-1.4.6/debian/gbp.conf apt-1.4.7/debian/gbp.conf --- apt-1.4.6/debian/gbp.conf 2017-06-01 10:50:26.0 +0200 +++ apt-1.4.7/debian/gbp.conf 2017-07-04 17:11:59.0 +0200 @@ -3,7 +3,7 @@ ;preexport = ./prepare-release pre-export prebuild = ./prepare-release pre-build postbuild = ./prepare-release post-build -debian-branch = master +debian-branch = 1.4.y debian-tag = %(version)s export-dir = ../build-area sign-tags = True diff -Nru apt-1.4.6/doc/apt-verbatim.ent apt-1.4.7/doc/apt-verbatim.ent --- apt-1.4.6/doc/apt-verbatim.ent 2017-06-01 10:50:26.0 +0200 +++ apt-1.4.7/doc/apt-verbatim.ent 2017-07-04 17:11:59.0 +0200 @@ -239,7 +239,7 @@ "> - + diff -Nru apt-1.4.6/doc/po/apt-doc.pot apt-1.4.7/doc/po/apt-doc.pot --- apt-1.4.6/doc/po/apt-doc.pot 2017-06-01 10:50:26.0