Browse Source

Replace whitelist/blacklist with allowlist/denylist

tags/debian/2.1.8
Julian Andres Klode 3 months ago
parent
commit
7d8bb85548
6 changed files with 21 additions and 21 deletions
  1. +1
    -1
      apt-pkg/contrib/strutl.cc
  2. +1
    -1
      apt-private/private-update.cc
  3. +1
    -1
      debian/apt.postinst
  4. +5
    -5
      debian/changelog
  5. +7
    -7
      test/integration/status-bug-lp1347721-dpkg-ordering
  6. +6
    -6
      test/integration/status-ubuntu-bug-614993

+ 1
- 1
apt-pkg/contrib/strutl.cc View File

@@ -1771,7 +1771,7 @@ URI::operator string()
{
// FIXME: Technically userinfo is permitted even less
// characters than these, but this is not conveniently
// expressed with a blacklist.
// expressed with a denylist.
Res << QuoteString(User, ":/?#[]@");
if (Password.empty() == false)
Res << ":" << QuoteString(Password, ":/?#[]@");


+ 1
- 1
apt-private/private-update.cc View File

@@ -110,7 +110,7 @@ bool DoUpdate(CommandLine &CmdL)
if (uri.User.empty() && uri.Password.empty())
continue;
// we can't really predict if a +http method supports everything http does,
// so we play it safe and use a whitelist here.
// so we play it safe and use an allowlist here.
char const *const affected[] = {"http", "https", "tor+http", "tor+https", "ftp"};
if (std::find(std::begin(affected), std::end(affected), uri.Access) != std::end(affected))
// TRANSLATOR: the first two are manpage references, the last the URI from a sources.list


+ 1
- 1
debian/apt.postinst View File

@@ -60,7 +60,7 @@ case "$1" in
chmod -f 0640 /var/log/apt/term.log* || true
fi

# create kernel autoremoval blacklist on update
# create kernel autoremoval denylist on update
if dpkg --compare-versions "$2" lt 0.9.9.3; then
/etc/kernel/postinst.d/apt-auto-removal
fi


+ 5
- 5
debian/changelog View File

@@ -994,7 +994,7 @@ apt (1.6~alpha3) unstable; urgency=medium

apt (1.6~alpha2) unstable; urgency=medium

* seccomp: Conditionalize statx() whitelisting
* seccomp: Conditionalize statx() allowlisting
* CMake: methods: Cleanup link libraries, use OBJECT libraries
* methods: Enable additional syscalls (SYSV IPC) in fakeroot (Closes: #879662)
* Don't segfault if receiving a method warning on empty queue
@@ -1363,7 +1363,7 @@ apt (1.4~rc1) unstable; urgency=medium
* make the moo reproducible.
Thanks to Chris Lamb for initial patch and guru meditation (Closes: #848721)
* update release mappings in documentation
* avoid malloc if option whitelist is disabled (default)
* avoid malloc if option allowlist is disabled (default)

[ Julian Andres Klode ]
* basehttp: Only read Content-Range on 416 and 206 responses (LP: #1657567)
@@ -1413,7 +1413,7 @@ apt (1.4~beta3) unstable; urgency=medium
Thanks to Kristian Glass for initial patch! (Closes: #709092)
* separating state variables regarding server/request (Closes: #440057)
* fix minimum pkgs option for dpkg --recursive usage
* allow warning generation for non-whitelisted options
* allow warning generation for non-allowlisted options

[ Oriol Debian ]
* Catalan program translation update (Closes: #846514)
@@ -4310,7 +4310,7 @@ apt (0.9.9.3) unstable; urgency=low
[ Ben Hutchings ]
* debian/apt.auto-removal.sh:
- do not include debug symbol packages for the kernel in the
blacklist (closes: #717616)
denylist (closes: #717616)

[ Michael Vogt ]
* debian/apt.postinst:
@@ -6627,7 +6627,7 @@ apt (0.8.11) unstable; urgency=low
* methods/{gzip,bzip}.cc:
- print a good error message if FileSize() is zero
* apt-pkg/aptconfiguration.cc:
- remove the inbuilt Translation files whitelist
- remove the inbuilt Translation files allowlist
* cmdline/apt-cache.cc:
- remove not implemented 'apt-cache add' command
* doc/apt-cache.8.xml:


+ 7
- 7
test/integration/status-bug-lp1347721-dpkg-ordering View File

@@ -684,14 +684,14 @@ Depends: libc6 (>= 2.17), libkmod2, sysv-rc (>= 2.88dsf-24) | file-rc (>= 0.8.16
Breaks: module-init-tools (<< 4)
Conffiles:
/etc/init/kmod.conf 2686532745c8b71d6d3df91c3a53aef3
/etc/modprobe.d/blacklist-framebuffer.conf 097e2142ae3e4dd2911eda7844ce0c18
/etc/modprobe.d/blacklist-rare-network.conf 8fb4b96124e461f53adceba9ca91f09a
/etc/modprobe.d/blacklist.conf bc6754fa320733c6d239a4bb0148ffd7
/etc/modprobe.d/denylist-framebuffer.conf 097e2142ae3e4dd2911eda7844ce0c18
/etc/modprobe.d/denylist-rare-network.conf 8fb4b96124e461f53adceba9ca91f09a
/etc/modprobe.d/denylist.conf bc6754fa320733c6d239a4bb0148ffd7
/etc/modprobe.d/iwlwifi.conf f27bc645e93e20c8e532325d190ac8ee
/etc/modprobe.d/blacklist-ath_pci.conf d1da9bb08c2b0f56f3be93fd0e37946b
/etc/modprobe.d/denylist-ath_pci.conf d1da9bb08c2b0f56f3be93fd0e37946b
/etc/modprobe.d/mlx4.conf b2a0bedb7461daeb0138270639581bbf
/etc/modprobe.d/blacklist-firewire.conf 9cc07a17e8e64f9cd35ff59c29debe69
/etc/modprobe.d/blacklist-watchdog.conf 55327f9270c8a6257a833c4d127a39e1
/etc/modprobe.d/denylist-firewire.conf 9cc07a17e8e64f9cd35ff59c29debe69
/etc/modprobe.d/denylist-watchdog.conf 55327f9270c8a6257a833c4d127a39e1
/etc/init.d/kmod e6d43abead3714ceb8aca68dd77e1dad
/etc/depmod.d/ubuntu.conf 7c8439ef36b12e5f226b5dbfa20b8c2d
Description: tools for managing Linux kernel modules
@@ -1884,7 +1884,7 @@ Conffiles:
/etc/init/udev-finish.conf 5c953c5b98ccfbb2a02985bfa2f80aed
/etc/init/udev.conf 41c0081f3a830e0902aaff76a53edf98
/etc/init/udevmonitor.conf b541dfb5aa4958e9a5336ecaec00ca15
/etc/modprobe.d/fbdev-blacklist.conf 01cd03c88ce6821c03baf904f7dfcbd0
/etc/modprobe.d/fbdev-denylist.conf 01cd03c88ce6821c03baf904f7dfcbd0
/etc/udev/rules.d/README 3b6de9f3f911176734c66903b4f8735c obsolete
Description: /dev/ and hotplug management daemon
udev is a daemon which dynamically creates and removes device nodes from


+ 6
- 6
test/integration/status-ubuntu-bug-614993 View File

@@ -488,11 +488,11 @@ Depends: libc6 (>= 2.8), upstart-job
Breaks: initramfs-tools (<< 0.92bubuntu23)
Conffiles:
/etc/depmod.d/ubuntu.conf 7c8439ef36b12e5f226b5dbfa20b8c2d
/etc/modprobe.d/blacklist-ath_pci.conf d1da9bb08c2b0f56f3be93fd0e37946b
/etc/modprobe.d/blacklist-firewire.conf cb8a4c10a5dddd1d67092198b1ae415f
/etc/modprobe.d/blacklist-framebuffer.conf b46c9509180b5a76145f08be46b1aff5
/etc/modprobe.d/blacklist-watchdog.conf 55327f9270c8a6257a833c4d127a39e1
/etc/modprobe.d/blacklist.conf bc6754fa320733c6d239a4bb0148ffd7
/etc/modprobe.d/denylist-ath_pci.conf d1da9bb08c2b0f56f3be93fd0e37946b
/etc/modprobe.d/denylist-firewire.conf cb8a4c10a5dddd1d67092198b1ae415f
/etc/modprobe.d/denylist-framebuffer.conf b46c9509180b5a76145f08be46b1aff5
/etc/modprobe.d/denylist-watchdog.conf 55327f9270c8a6257a833c4d127a39e1
/etc/modprobe.d/denylist.conf bc6754fa320733c6d239a4bb0148ffd7
/etc/init/module-init-tools.conf 48db1b767c3148fd83eba59d12fc9a5e
Description: tools for managing Linux kernel modules
This package contains a set of programs for loading, inserting, and
@@ -4886,7 +4886,7 @@ Version: 2.11.1-0ubuntu7
Replaces: libc0.1, libc0.3, libc6, libc6.1
Breaks: libc0.1 (<< 2.10), libc0.3 (<< 2.10), libc6 (<< 2.10), libc6.1 (<< 2.10)
Conffiles:
/etc/bindresvport.blacklist 154db0e55fa99051ff1bd99e5b2c0584
/etc/bindresvport.denylist 154db0e55fa99051ff1bd99e5b2c0584
/etc/ld.so.conf.d/libc.conf d4d833fd095fb7b90e1bb4a547f16de6
/etc/gai.conf 4b3389be7132a6a8805f3df8d0ff00f6
Description: Embedded GNU C Library: Binaries


Loading…
Cancel
Save