Browse Source

apt Debian release 1.8.0

-----BEGIN PGP SIGNATURE-----
 
 iQJPBAABCgA5FiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAlyCRK8bHGp1bGlhbi5r
 bG9kZUBjYW5vbmljYWwuY29tAAoJEG+kWN0dsD9xg80P/1RsXnG4xYKAMxUV30dT
 BDeHHQBQOEy7IbWaWcQGT1aURs42LRZIVC3rT9b1Pzb3ZdMkYMUXT5qImgD5kpT/
 WfbE59At7i4KmTiE11jvTnoF5TtVE43G1fRXBr35whM8AVv9nFmUFhlQyIQDvNYw
 zsz8Ptdo6IcNhrJ2x/tsJuOds+jcmR1AYiWz6jv/MTazwJs8ED5LA+PjhBdOTDmi
 4/H0lSl3EuS5LOMqSsNC3XIN4ooGnuXAqr9hdXDlpL8VHbTDmQbhaz8Xgo1OwoL0
 FV4KsFWyb6xDbHQSHJuzF+GB4DEBwnytisOSnR+JbrGfdKelOT46iAG+B6IAtXM0
 IZqFCZsb+wTjJQJZAXEdoSGJm4X8gwPTdQ2D2MUn8aB648noCn7uDqyya1KF/Hnr
 qk4zEh8zBciJSMLhSgxbCP1ClDNBag+nDg9DulHcQQnIxuT7x1LXnk9mxs8f+EMQ
 GavWbDRfvkG3cwUHHVsVqzat5CwR0/8/U4e6mDoXFAvExKvgB+GAI6RdRFjVg2FY
 XkqY/AyGBlm9bRJcHI0bsbqC3zIHdDdOs+E9oPwMTFmJg8Pt0qv2AeTBiuTvruTH
 n6IdpV3/N2R5k37+8PzTBbbOdJzPkr216ppfAAjz9ewh5G4R5Tse26LSAOq9t5WO
 2JS49po/FsJhdjaNoP8+IkGS
 =523R
 -----END PGP SIGNATURE-----

Merge tag '1.8.0'

apt Debian release 1.8.0
tags/debian/1.9.0
Julian Andres Klode 2 years ago
parent
commit
f541aec06b
11 changed files with 94 additions and 45 deletions
  1. +2
    -1
      CMakeLists.txt
  2. +16
    -2
      apt-pkg/contrib/gpgv.cc
  3. +1
    -1
      apt-private/private-update.cc
  4. +18
    -0
      debian/changelog
  5. +1
    -1
      doc/apt-verbatim.ent
  6. +2
    -2
      doc/po/apt-doc.pot
  7. +5
    -9
      doc/po/nl.po
  8. +2
    -2
      po/apt-all.pot
  9. +15
    -18
      po/it.po
  10. +10
    -9
      po/nl.po
  11. +22
    -0
      test/integration/test-bug-921685-binary-detached-signature

+ 2
- 1
CMakeLists.txt View File

@@ -188,7 +188,7 @@ check_cxx_target(HAVE_FMV_SSE42_AND_CRC32DI "sse4.2" "__builtin_ia32_crc32di(0,
# Configure some variables like package, version and architecture.
set(PACKAGE ${PROJECT_NAME})
set(PACKAGE_MAIL "APT Development Team <deity@lists.debian.org>")
set(PACKAGE_VERSION "1.8.0~rc4")
set(PACKAGE_VERSION "1.8.0")

if (NOT DEFINED DPKG_DATADIR)
execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;"
@@ -243,6 +243,7 @@ endif()
# Create our directories.
install_empty_directories(
${CONF_DIR}/apt.conf.d
${CONF_DIR}/auth.conf.d
${CONF_DIR}/preferences.d
${CONF_DIR}/sources.list.d
${CONF_DIR}/trusted.gpg.d


+ 16
- 2
apt-pkg/contrib/gpgv.cc View File

@@ -297,10 +297,24 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
}
if (found_signatures == 0 && statusfd != -1)
{
// This is not an attack attempt but a file even gpgv would complain about
// likely the result of a paywall which is covered by the gpgv method
auto const errtag = "[GNUPG:] NODATA\n";
FileFd::Write(fd[1], errtag, strlen(errtag));
// guess if this is a binary signature, we never officially supported them,
// but silently accepted them via passing them unchecked to gpgv
if (found_badcontent)
{
rewind(detached.get());
auto ptag = fgetc(detached.get());
// §4.2 says that the first bit is always set and gpg seems to generate
// only old format which is indicated by the second bit not set
if (ptag != EOF && (ptag & 0x80) != 0 && (ptag & 0x40) == 0)
{
apt_error(std::cerr, statusfd, fd, "Detached signature file '%s' is in unsupported binary format", FileGPG.c_str());
local_exit(112);
}
}
// This is not an attack attempt but a file even gpgv would complain about
// likely the result of a paywall which is covered by the gpgv method
local_exit(113);
}
else if (found_badcontent)


+ 1
- 1
apt-private/private-update.cc View File

@@ -139,7 +139,7 @@ bool DoUpdate(CommandLine &CmdL)
else
ioprintf(c1out, msg, upgradable);

RunScripts("APT::Update-Post-Invoke-Stats");
RunScripts("APT::Update::Post-Invoke-Stats");
}

return true;


+ 18
- 0
debian/changelog View File

@@ -1,3 +1,21 @@
apt (1.8.0) unstable; urgency=medium

[ David Kalnischkies ]
* Add explicit message for unsupported binary signature (Closes: #921685)

[ Milo Casagrande ]
* [l10n] Update Italian translation

[ Julian Andres Klode ]
* Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
* CMake: Install auth.conf.d directory (LP: #1818996)

[ Frans Spiesschaert ]
* Dutch program translation update (Closes: #923728)
* Dutch manpages translation update (Closes: #923834)

-- Julian Andres Klode <jak@debian.org> Fri, 08 Mar 2019 09:41:20 +0100

apt (1.8.0~rc4) unstable; urgency=medium

* update: Provide APT::Update-Post-Invoke-Stats script hook point


+ 1
- 1
doc/apt-verbatim.ent View File

@@ -268,7 +268,7 @@
">

<!-- this will be updated by 'prepare-release' -->
<!ENTITY apt-product-version "1.8.0~rc4">
<!ENTITY apt-product-version "1.8.0">

<!-- (Code)names for various things used all over the place -->
<!ENTITY debian-oldstable-codename "stretch">


+ 2
- 2
doc/po/apt-doc.pot View File

@@ -5,9 +5,9 @@
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.8.0~rc4\n"
"Project-Id-Version: apt-doc 1.8.0\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-26 08:33+0100\n"
"POT-Creation-Date: 2019-03-08 09:41+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"


+ 5
- 9
doc/po/nl.po View File

@@ -4,10 +4,10 @@
#
msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.8.0~beta1\n"
"Project-Id-Version: apt-doc 1.8.0~rc3\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-10 14:34+0100\n"
"PO-Revision-Date: 2019-01-30 12:49+0100\n"
"POT-Creation-Date: 2019-03-08 09:41+0100\n"
"PO-Revision-Date: 2019-02-16 20:46+0100\n"
"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
"Language: nl\n"
@@ -1241,16 +1241,12 @@ msgstr ""

#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
#, fuzzy
#| msgid ""
#| "A new <literal>list</literal> command is available similar to "
#| "<literal>dpkg --list</literal>."
msgid ""
"<literal>reinstall</literal> is an alias for <literal>install --reinstall</"
"literal>."
msgstr ""
"Een nieuw commando <literal>list</literal> staat ter beschikking, "
"vergelijkbaar met <literal>dpkg --list</literal>."
"<literal>reinstall</literal> is een alias voor <literal>install --reinstall</"
"literal>."

#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml


+ 2
- 2
po/apt-all.pot View File

@@ -5,9 +5,9 @@
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: apt 1.8.0~rc4\n"
"Project-Id-Version: apt 1.8.0\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-26 08:33+0100\n"
"POT-Creation-Date: 2019-03-08 09:41+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"


+ 15
- 18
po/it.po View File

@@ -1,15 +1,15 @@
# Italian translation of apt
# Copyright (C) 2002-2010, 2011, 2012, 2013, 2014, 2015, 2017, 2018 The Free Software Foundation, Inc.
# Copyright (C) 2002-2010, 2011, 2012, 2013, 2014, 2015, 2017, 2018, 2019 The Free Software Foundation, Inc.
# This file is distributed under the same license as the apt package.
# Samuele Giovanni Tonon <samu@debian.org>, 2002.
# Milo Casagrande <milo@milo.name>, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2017, 2018.
# Milo Casagrande <milo@milo.name>, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2017, 2018, 2019.
#
msgid ""
msgstr ""
"Project-Id-Version: apt\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"PO-Revision-Date: 2018-12-04 09:33+0100\n"
"POT-Creation-Date: 2019-02-26 08:33+0100\n"
"PO-Revision-Date: 2019-03-04 11:05+0100\n"
"Last-Translator: Milo Casagrande <milo@milo.name>\n"
"Language-Team: Italian <tp@lists.linux.it>\n"
"Language: it\n"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n!=1);\n"
"X-Generator: Poedit 2.1.1\n"
"X-Generator: Poedit 2.2.1\n"

#: apt-inst/contrib/arfile.cc
msgid "Invalid archive signature"
@@ -433,6 +433,8 @@ msgid ""
"The method '%s' is unsupported and disabled by default. Consider switching "
"to http(s). Set Dir::Bin::Methods::%s to \"%s\" to enable it again."
msgstr ""
"Il metodo \"%s\" non è supportato ed è disabilitato: passare a http(s). Per "
"abilitarlo nuovamente, impostare Dir::Bin::Methods::%s a \"%s\"."

#: apt-pkg/acquire-worker.cc
#, c-format
@@ -1632,6 +1634,8 @@ msgstr "Impossibile comprendere il tipo di gancio %s"
msgid ""
"%s: The special 'Pin-Priority: %s' can only be used for 'Package: *' records"
msgstr ""
"%s: il valore speciale \"Pin-Priority: %s\" può essere usato solamente con "
"voci \"Package: *\""

#: apt-pkg/policy.cc
#, c-format
@@ -2944,10 +2948,8 @@ msgid "Install new packages (pkg is libc6 not libc6.deb)"
msgstr "Installa nuovi pacchetti (PKG è libc6 non libc6.deb)"

#: cmdline/apt-get.cc
#, fuzzy
#| msgid "Install new packages (pkg is libc6 not libc6.deb)"
msgid "Reinstall packages (pkg is libc6 not libc6.deb)"
msgstr "Installa nuovi pacchetti (PKG è libc6 non libc6.deb)"
msgstr "Installa nuovamente pacchetti (PKG è libc6 non libc6.deb)"

#: cmdline/apt-get.cc
msgid "Remove packages"
@@ -3102,13 +3104,11 @@ msgstr "%s è già stato impostato come installato automaticamente.\n"

#: cmdline/apt-mark.cc
msgid "No changes necessary"
msgstr ""
msgstr "Nessuna modifica necessaria"

#: cmdline/apt-mark.cc
#, fuzzy
#| msgid "The following NEW packages will be installed:"
msgid "The following packages will be marked as automatically installed:"
msgstr "I seguenti pacchetti NUOVI saranno installati:"
msgstr "I seguenti pacchetti verranno segnati come installati automaticamente:"

#: cmdline/apt-mark.cc
#, c-format
@@ -3177,10 +3177,9 @@ msgid "Mark the given packages as manually installed"
msgstr "Segna i pacchetti forniti come installati manualmente"

#: cmdline/apt-mark.cc
#, fuzzy
#| msgid "Mark the given packages as automatically installed"
msgid "Mark all dependencies of meta packages as automatically installed."
msgstr "Segna i pacchetti forniti come installati automaticamente"
msgstr ""
"Segna tutte le dipendenze dei meta pacchetti come installate automaticamente"

#: cmdline/apt-mark.cc
msgid "Mark a package as held back"
@@ -3260,10 +3259,8 @@ msgid "install packages"
msgstr "Installa pacchetti"

#: cmdline/apt.cc
#, fuzzy
#| msgid "install packages"
msgid "reinstall packages"
msgstr "Installa pacchetti"
msgstr "Installa nuovamente pacchetti"

#: cmdline/apt.cc
msgid "remove packages"


+ 10
- 9
po/nl.po View File

@@ -10,10 +10,10 @@
#
msgid ""
msgstr ""
"Project-Id-Version: apt 1.8.0~beta1\n"
"Project-Id-Version: apt 1.8.0~rc3\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-10 13:19+0100\n"
"PO-Revision-Date: 2019-01-29 17:31+0100\n"
"POT-Creation-Date: 2019-03-08 09:41+0100\n"
"PO-Revision-Date: 2019-02-16 20:35+0100\n"
"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
"Language: nl\n"
@@ -439,6 +439,9 @@ msgid ""
"The method '%s' is unsupported and disabled by default. Consider switching "
"to http(s). Set Dir::Bin::Methods::%s to \"%s\" to enable it again."
msgstr ""
"Methode '%s' wordt niet ondersteund en is standaard uitgeschakeld. U "
"schakelt best over op http(s). Stel Dir::Bin::Methods::%s in op \"%s\" om "
"deze opnieuw in te schakelen."

#: apt-pkg/acquire-worker.cc
#, c-format
@@ -1632,6 +1635,8 @@ msgstr "Pintype %s wordt niet begrepen"
msgid ""
"%s: The special 'Pin-Priority: %s' can only be used for 'Package: *' records"
msgstr ""
"%s: Het bijzondere 'Pin-Priority: %s' kan enkel gebruikt worden voor "
"structuren van het type 'Package: *'"

#: apt-pkg/policy.cc
#, c-format
@@ -2937,10 +2942,8 @@ msgid "Install new packages (pkg is libc6 not libc6.deb)"
msgstr "Nieuwe pakketten installeren (pakket is bijv. libc6, niet libc6.deb)"

#: cmdline/apt-get.cc
#, fuzzy
#| msgid "Install new packages (pkg is libc6 not libc6.deb)"
msgid "Reinstall packages (pkg is libc6 not libc6.deb)"
msgstr "Nieuwe pakketten installeren (pakket is bijv. libc6, niet libc6.deb)"
msgstr "Pakketten opnieuw installeren (pakket is libc6, niet libc6.deb)"

#: cmdline/apt-get.cc
msgid "Remove packages"
@@ -3247,10 +3250,8 @@ msgid "install packages"
msgstr "pakketten installeren"

#: cmdline/apt.cc
#, fuzzy
#| msgid "install packages"
msgid "reinstall packages"
msgstr "pakketten installeren"
msgstr "pakketten opnieuw installeren"

#: cmdline/apt.cc
msgid "remove packages"


+ 22
- 0
test/integration/test-bug-921685-binary-detached-signature View File

@@ -0,0 +1,22 @@
#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'amd64'

insertpackage 'unstable' 'foo' 'all' '1'

buildaptarchive
setupdistsaptarchive

for RELEASE in $(find aptarchive -name 'Release'); do
# note the missing --armor
dosigning "keys/joesixpack" --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
done

testfailure apt show foo
testfailure aptget update
testsuccess grep 'W: .* Detached signature file .* is in unsupported binary format' rootdir/tmp/testfailure.output
testfailure apt show foo

Loading…
Cancel
Save