Compare commits

...

32 Commits

Author SHA1 Message Date
Julian Andres Klode 6c60a60fff Release 1.8.5 2 years ago
David Kalnischkies 730c5c861c Harden test for no new acquires after transaction abort 2 years ago
Julian Andres Klode cfee71c6f2 Make immediate configuration optional 2 years ago
Julian Andres Klode 7f65fa3843 Do not immediately configure m-a: same packages in lockstep 2 years ago
Julian Andres Klode 75f452c730 Do not produce late error if immediate configuration fails, just warn 2 years ago
Julian Andres Klode 96942f9180 Default Acquire::AllowReleaseInfoChange::Suite to "true" 2 years ago
Julian Andres Klode ec4fb5ce33 Make ADDARG{,C}() macros expand to single statements 2 years ago
Julian Andres Klode fc5545cf88 Protect currently running kernel at run-time 2 years ago
Julian Andres Klode a0ba5b9f90 RunScripts: Do not reset SIGQUIT and SIGINT to SIG_DFL 2 years ago
Julian Andres Klode fdf0290c36 Do not require force-loopbreak on Protected/Important packages 2 years ago
Julian Andres Klode 68871481c3 Add basic support for the Protected field 2 years ago
Julian Andres Klode 04915ca6fb Include all translations when building the cache 2 years ago
Julian Andres Klode 037856f935 Implement update --error-on=any 2 years ago
David Kalnischkies 70ff9a269c Fix incorrect base64 encoding due to int promotion 2 years ago
Julian Andres Klode f9dbbea528 Merge branch '1.8.2.z' into 1.8.y 2 years ago
Julian Andres Klode 95e417cb06 Release 1.8.2.2 2 years ago
Julian Andres Klode 0e3b54db6d CVE-2020-27350: tarfile: integer overflow: Limit tar items to 128 GiB 2 years ago
Julian Andres Klode ed786183bf CVE-2020-27350: debfile: integer overflow: Limit control size to 64 MiB 2 years ago
Julian Andres Klode 29581d103f tarfile: OOM hardening: Limit size of long names/links to 1 MiB 2 years ago
Julian Andres Klode 66962a6697 CVE-2020-27350: arfile: Integer overflow in parsing 2 years ago
Julian Andres Klode bb8d03f29d Fix location of testdeb in added regression tests 3 years ago
Julian Andres Klode b382030fc5 Release 1.8.2.1 3 years ago
Julian Andres Klode 9dd4e8aa12 .gitlab.ci.yml: Point to debian:buster 3 years ago
Julian Andres Klode 11a2869591 SECURITY UPDATE: Fix out of bounds read in .ar and .tar implementation (CVE-2020-3810) 3 years ago
Julian Andres Klode 6c2b965f00 Release 1.8.4 3 years ago
Julian Andres Klode 3924d70a5e Fix use of GTest to adjust for GTest 1.9 3 years ago
Julian Andres Klode cfc6870e9b Pass --abort-after=1 to dpkg when using --force-depends 3 years ago
Julian Andres Klode 2303766e34 apt.systemd.daily: Do not numerically check if intervals equal 0 3 years ago
Julian Andres Klode 4bdff533fb CMake: Pass -Werror=return-type to gcc 3 years ago
Julian Andres Klode 5c0a328aa2 Release 1.8.3 4 years ago
Brian Murray 8559d3fbb7 Do not include squashfs file systems in df output. 4 years ago
Simon Körner 162a585ac1 http: Fix Host header in proxied https connections 4 years ago
  1. 2
      .gitlab-ci.yml
  2. 3
      CMakeLists.txt
  3. 25
      apt-inst/contrib/arfile.cc
  4. 23
      apt-inst/contrib/extracttar.cc
  5. 15
      apt-inst/deb/debfile.cc
  6. 2
      apt-pkg/acquire-item.cc
  7. 4
      apt-pkg/contrib/fileutl.cc
  8. 2
      apt-pkg/contrib/strutl.cc
  9. 4
      apt-pkg/deb/deblistparser.cc
  10. 7
      apt-pkg/deb/debsystem.cc
  11. 2
      apt-pkg/deb/debsystem.h
  12. 24
      apt-pkg/deb/dpkgpm.cc
  13. 37
      apt-pkg/depcache.cc
  14. 44
      apt-pkg/packagemanager.cc
  15. 1
      apt-pkg/tagfile-keys.list
  16. 3
      apt-pkg/tagfile-order.c
  17. 21
      apt-pkg/update.cc
  18. 1
      apt-private/private-cmndline.cc
  19. 16
      debian/apt.systemd.daily
  20. 77
      debian/changelog
  21. 6
      doc/apt-get.8.xml
  22. 2
      doc/apt-verbatim.ent
  23. 5
      doc/examples/configure-index
  24. 14
      doc/po/apt-doc.pot
  25. 12
      doc/po/de.po
  26. 16
      doc/po/es.po
  27. 12
      doc/po/fr.po
  28. 12
      doc/po/it.po
  29. 12
      doc/po/ja.po
  30. 12
      doc/po/nl.po
  31. 12
      doc/po/pl.po
  32. 12
      doc/po/pt.po
  33. 12
      doc/po/pt_BR.po
  34. 6
      methods/http.cc
  35. 11
      po/apt-all.pot
  36. 13
      po/ar.po
  37. 15
      po/ast.po
  38. 15
      po/bg.po
  39. 9
      po/bs.po
  40. 15
      po/ca.po
  41. 15
      po/cs.po
  42. 16
      po/cy.po
  43. 15
      po/da.po
  44. 15
      po/de.po
  45. 16
      po/dz.po
  46. 16
      po/el.po
  47. 15
      po/es.po
  48. 16
      po/eu.po
  49. 16
      po/fi.po
  50. 15
      po/fr.po
  51. 15
      po/gl.po
  52. 15
      po/hu.po
  53. 15
      po/it.po
  54. 15
      po/ja.po
  55. 16
      po/km.po
  56. 15
      po/ko.po
  57. 9
      po/ku.po
  58. 12
      po/lt.po
  59. 16
      po/mr.po
  60. 15
      po/nb.po
  61. 16
      po/ne.po
  62. 15
      po/nl.po
  63. 16
      po/nn.po
  64. 15
      po/pl.po
  65. 15
      po/pt.po
  66. 16
      po/pt_BR.po
  67. 16
      po/ro.po
  68. 15
      po/ru.po
  69. 15
      po/sk.po
  70. 15
      po/sl.po
  71. 15
      po/sv.po
  72. 15
      po/th.po
  73. 16
      po/tl.po
  74. 15
      po/tr.po
  75. 16
      po/uk.po
  76. 15
      po/vi.po
  77. 15
      po/zh_CN.po
  78. 16
      po/zh_TW.po
  79. 29
      test/integration/test-apt-get-remove-depends
  80. 6
      test/integration/test-apt-update-failure-propagation
  81. 14
      test/integration/test-apt-update-releaseinfo-changes
  82. 76
      test/integration/test-bug-490000-search-in-all-translations
  83. 25
      test/integration/test-cve-2020-27350
  84. 20
      test/integration/test-dpkg-protected
  85. 93
      test/integration/test-essential-force-loopbreak
  86. 88
      test/integration/test-github-111-invalid-armember
  87. 23
      test/integration/test-kernel-helper-autoremove
  88. 12
      test/integration/test-pdiff-usage
  89. 22
      test/integration/test-proxy-connect
  90. 4
      test/integration/test-ubuntu-bug-835625-multiarch-lockstep-installed-first
  91. 2
      test/interactive-helper/CMakeLists.txt
  92. 325
      test/interactive-helper/createdeb-cve-2020-27350.cc
  93. 2
      test/libapt/CMakeLists.txt
  94. 4
      test/libapt/strutil_test.cc

2
.gitlab-ci.yml

@ -1,4 +1,4 @@
image: debian:testing
image: debian:buster
variables:
DEBIAN_FRONTEND: noninteractive

3
CMakeLists.txt

@ -69,6 +69,7 @@ add_optional_compile_options(Wnoexcept)
add_optional_compile_options(Wsign-promo)
add_optional_compile_options(Wundef)
add_optional_compile_options(Wdouble-promotion)
add_optional_compile_options(Werror=return-type)
# apt-ftparchive dependencies
find_package(BerkeleyDB REQUIRED)
@ -193,7 +194,7 @@ check_cxx_target(HAVE_FMV_SSE42_AND_CRC32DI "sse4.2" "__builtin_ia32_crc32di(0,
# Configure some variables like package, version and architecture.
set(PACKAGE ${PROJECT_NAME})
set(PACKAGE_MAIL "APT Development Team <deity@lists.debian.org>")
set(PACKAGE_VERSION "1.8.2")
set(PACKAGE_VERSION "1.8.5")
if (NOT DEFINED DPKG_DATADIR)
execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;"

25
apt-inst/contrib/arfile.cc

@ -92,9 +92,14 @@ bool ARArchive::LoadHeaders()
StrToNum(Head.Size,Memb->Size,sizeof(Head.Size)) == false)
{
delete Memb;
return _error->Error(_("Invalid archive member header %s"), Head.Name);
return _error->Error(_("Invalid archive member header"));
}
if (Left < 0 || Memb->Size > static_cast<unsigned long long>(Left))
{
delete Memb;
return _error->Error(_("Invalid archive member header"));
}
// Check for an extra long name string
if (memcmp(Head.Name,"#1/",3) == 0)
{
@ -106,6 +111,13 @@ bool ARArchive::LoadHeaders()
delete Memb;
return _error->Error(_("Invalid archive member header"));
}
if (Len > Memb->Size)
{
delete Memb;
return _error->Error(_("Invalid archive member header"));
}
if (File.Read(S,Len) == false)
{
delete Memb;
@ -119,7 +131,14 @@ bool ARArchive::LoadHeaders()
else
{
unsigned int I = sizeof(Head.Name) - 1;
for (; Head.Name[I] == ' ' || Head.Name[I] == '/'; I--);
for (; Head.Name[I] == ' ' || Head.Name[I] == '/'; I--)
{
if (I == 0)
{
delete Memb;
return _error->Error(_("Invalid archive member header"));
}
}
Memb->Name = std::string(Head.Name,I+1);
}

23
apt-inst/contrib/extracttar.cc

@ -55,7 +55,17 @@ struct ExtractTar::TarHeader
char Major[8];
char Minor[8];
};
// We need to read long names (names and link targets) into memory, so let's
// have a limit (shamelessly stolen from libarchive) to avoid people OOMing
// us with large streams.
static const unsigned long long APT_LONGNAME_LIMIT = 1048576llu;
// A file size limit that we allow extracting. Currently, that's 128 GB.
// We also should leave some wiggle room for code adding files to it, and
// possibly conversion for signed, so this should not be larger than like 2**62.
static const unsigned long long APT_FILESIZE_LIMIT = 1llu << 37;
// ExtractTar::ExtractTar - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* */
@ -170,6 +180,11 @@ bool ExtractTar::Go(pkgDirStream &Stream)
StrToNum(Tar->Minor,Itm.Minor,sizeof(Tar->Minor),8) == false)
return _error->Error(_("Corrupted archive"));
// Security check. Prevents overflows below the code when rounding up in skip/copy code,
// and provides modest protection against decompression bombs.
if (Itm.Size > APT_FILESIZE_LIMIT)
return _error->Error("Tar member too large: %llu > %llu bytes", Itm.Size, APT_FILESIZE_LIMIT);
// Grab the filename and link target: use last long name if one was
// set, otherwise use the header value as-is, but remember that it may
// fill the entire 100-byte block and needs to be zero-terminated.
@ -222,6 +237,8 @@ bool ExtractTar::Go(pkgDirStream &Stream)
{
unsigned long long Length = Itm.Size;
unsigned char Block[512];
if (Length > APT_LONGNAME_LIMIT)
return _error->Error("Long name to large: %llu bytes > %llu bytes", Length, APT_LONGNAME_LIMIT);
while (Length > 0)
{
if (InFd.Read(Block,sizeof(Block),true) == false)
@ -241,6 +258,8 @@ bool ExtractTar::Go(pkgDirStream &Stream)
{
unsigned long long Length = Itm.Size;
unsigned char Block[512];
if (Length > APT_LONGNAME_LIMIT)
return _error->Error("Long name to large: %llu bytes > %llu bytes", Length, APT_LONGNAME_LIMIT);
while (Length > 0)
{
if (InFd.Read(Block,sizeof(Block),true) == false)
@ -258,7 +277,7 @@ bool ExtractTar::Go(pkgDirStream &Stream)
default:
BadRecord = true;
_error->Warning(_("Unknown TAR header type %u, member %s"),(unsigned)Tar->LinkFlag,Tar->Name);
_error->Warning(_("Unknown TAR header type %u"), (unsigned)Tar->LinkFlag);
break;
}

15
apt-inst/deb/debfile.cc

@ -184,11 +184,23 @@ bool debDebFile::ControlExtract::DoItem(Item &Itm,int &Fd)
// ---------------------------------------------------------------------
/* This sets up to extract the control block member file into a memory
block of just the right size. All other files go into the bit bucket. */
// Upper size limit for control files. Two reasons for having a limit here:
//
// 1. We read those files into memory and want to avoid being killed by OOM
//
// 2. We allocate (Itm.Size+2)-large arrays, so this can overflow if Itm.Size
// becomes 2**64-2 or larger. This is obviously
//
// 64 MiB seems like a terribly large size that everyone should be happy with.
static const unsigned long long DEB_CONTROL_SIZE_LIMIT = 64 * 1024 * 1024;
bool debDebFile::MemControlExtract::DoItem(Item &Itm,int &Fd)
{
// At the control file, allocate buffer memory.
if (Member == Itm.Name)
{
if (Itm.Size > DEB_CONTROL_SIZE_LIMIT)
return _error->Error("Control file too large: %llu > %llu bytes", Itm.Size, DEB_CONTROL_SIZE_LIMIT);
delete [] Control;
Control = new char[Itm.Size+2];
IsControl = true;
@ -237,6 +249,9 @@ bool debDebFile::MemControlExtract::Read(debDebFile &Deb)
record. */
bool debDebFile::MemControlExtract::TakeControl(const void *Data,unsigned long long Size)
{
if (Size > DEB_CONTROL_SIZE_LIMIT)
return _error->Error("Control file too large: %llu > %llu bytes", Size, DEB_CONTROL_SIZE_LIMIT);
delete [] Control;
Control = new char[Size+2];
Length = Size;

2
apt-pkg/acquire-item.cc

@ -1828,7 +1828,7 @@ bool pkgAcqMetaBase::VerifyVendor(string const &) /*{{{*/
{ "Origin", AllowInfoChange, &metaIndex::GetOrigin },
{ "Label", AllowInfoChange, &metaIndex::GetLabel },
{ "Version", true, &metaIndex::GetVersion }, // numbers change all the time, that is okay
{ "Suite", AllowInfoChange, &metaIndex::GetSuite },
{ "Suite", true, &metaIndex::GetSuite },
{ "Codename", AllowInfoChange, &metaIndex::GetCodename },
{ nullptr, false, nullptr }
};

4
apt-pkg/contrib/fileutl.cc

@ -144,10 +144,6 @@ bool RunScripts(const char *Cnf)
return _error->Errno("waitpid","Couldn't wait for subprocess");
}
// Restore sig int/quit
signal(SIGQUIT,SIG_DFL);
signal(SIGINT,SIG_DFL);
// Check for an error code.
if (WIFEXITED(Status) == 0 || WEXITSTATUS(Status) != 0)
{

2
apt-pkg/contrib/strutl.cc

@ -546,7 +546,7 @@ string Base64Encode(const string &S)
base64. */
for (string::const_iterator I = S.begin(); I < S.end(); I += 3)
{
char Bits[3] = {0,0,0};
uint8_t Bits[3] = {0,0,0};
Bits[0] = I[0];
if (I + 1 < S.end())
Bits[1] = I[1];

4
apt-pkg/deb/deblistparser.cc

@ -261,7 +261,7 @@ bool debListParser::NewVersion(pkgCache::VerIterator &Ver)
// ListParser::AvailableDescriptionLanguages /*{{{*/
std::vector<std::string> debListParser::AvailableDescriptionLanguages()
{
std::vector<std::string> const understood = APT::Configuration::getLanguages();
std::vector<std::string> const understood = APT::Configuration::getLanguages(true);
std::vector<std::string> avail;
static constexpr int prefixLen = 12;
char buf[32] = "Description-";
@ -326,6 +326,8 @@ bool debListParser::UsePackage(pkgCache::PkgIterator &Pkg,
return false;
if (Section.FindFlag(pkgTagSection::Key::Important,Pkg->Flags,pkgCache::Flag::Important) == false)
return false;
if (Section.FindFlag(pkgTagSection::Key::Protected, Pkg->Flags, pkgCache::Flag::Important) == false)
return false;
if (std::find(forceEssential.begin(), forceEssential.end(), Pkg.Name()) != forceEssential.end())
{

7
apt-pkg/deb/debsystem.cc

@ -420,9 +420,14 @@ pid_t debSystem::ExecDpkg(std::vector<std::string> const &sArgs, int * const inp
}
/*}}}*/
bool debSystem::SupportsMultiArch() /*{{{*/
{
return AssertFeature("multi-arch");
}
/*}}}*/
bool debSystem::AssertFeature(std::string const &feature) /*{{{*/
{
std::vector<std::string> Args = GetDpkgBaseCommand();
Args.push_back("--assert-multi-arch");
Args.push_back("--assert-" + feature);
pid_t const dpkgAssertMultiArch = ExecDpkg(Args, nullptr, nullptr, true);
if (dpkgAssertMultiArch > 0)
{

2
apt-pkg/deb/debsystem.h

@ -50,7 +50,7 @@ class debSystem : public pkgSystem
APT_HIDDEN static pid_t ExecDpkg(std::vector<std::string> const &sArgs, int * const inputFd, int * const outputFd, bool const DiscardOutput);
APT_HIDDEN static bool SupportsMultiArch();
APT_HIDDEN static std::vector<std::string> SupportedArchitectures();
APT_HIDDEN static bool AssertFeature(std::string const &Feature);
APT_HIDDEN bool LockInner();
APT_HIDDEN bool UnLockInner(bool NoErrors=false);
APT_HIDDEN bool IsLocked();

24
apt-pkg/deb/dpkgpm.cc

@ -1431,6 +1431,15 @@ static bool ItemIsEssential(pkgDPkgPM::Item const &I)
return true;
return (I.Pkg->Flags & pkgCache::Flag::Essential) != 0;
}
static bool ItemIsProtected(pkgDPkgPM::Item const &I)
{
static auto const cachegen = _config->Find("pkgCacheGen::Protected");
if (cachegen == "none" || cachegen == "native")
return true;
if (unlikely(I.Pkg.end()))
return true;
return (I.Pkg->Flags & pkgCache::Flag::Important) != 0;
}
bool pkgDPkgPM::ExpandPendingCalls(std::vector<Item> &List, pkgDepCache &Cache)
{
{
@ -1727,6 +1736,7 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
OpenLog();
bool dpkgMultiArch = debSystem::SupportsMultiArch();
bool dpkgProtectedField = debSystem::AssertFeature("protected-field");
// start pty magic before the loop
StartPtyMagic();
@ -1770,8 +1780,8 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
if (pipe(fd) != 0)
return _error->Errno("pipe","Failed to create IPC pipe to dpkg");
#define ADDARG(X) Args.push_back(X); Size += strlen(X)
#define ADDARGC(X) Args.push_back(X); Size += sizeof(X) - 1
#define ADDARG(X) do { const char *arg = (X); Args.push_back(arg); Size += strlen(arg); } while (0)
#define ADDARGC(X) ADDARG(X)
ADDARGC("--status-fd");
char status_fd_buf[20];
@ -1790,10 +1800,15 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
case Item::Remove:
case Item::Purge:
ADDARGC("--force-depends");
ADDARGC("--abort-after=1");
if (std::any_of(I, J, ItemIsEssential))
{
ADDARGC("--force-remove-essential");
}
if (dpkgProtectedField && std::any_of(I, J, ItemIsProtected))
{
ADDARGC("--force-remove-protected");
}
ADDARGC("--remove");
break;
@ -1824,6 +1839,9 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
case Item::Install:
ADDARGC("--unpack");
ADDARGC("--auto-deconfigure");
// dpkg < 1.20.8 needs --force-remove-protected to deconfigure protected packages
if (dpkgProtectedField)
ADDARGC("--force-remove-protected");
break;
}
@ -2475,7 +2493,7 @@ void pkgDPkgPM::WriteApportReport(const char *pkgpath, const char *errormsg)
{
fprintf(report, "Df:\n");
FILE *log = popen("/bin/df -l","r");
FILE *log = popen("/bin/df -l -x squashfs","r");
if(log != NULL)
{
char buf[1024];

37
apt-pkg/depcache.cc

@ -11,6 +11,7 @@
#include <apt-pkg/aptconfiguration.h>
#include <apt-pkg/cachefile.h>
#include <apt-pkg/cachefilter.h>
#include <apt-pkg/cacheset.h>
#include <apt-pkg/configuration.h>
#include <apt-pkg/depcache.h>
@ -36,6 +37,7 @@
#include <string.h>
#include <sys/stat.h>
#include <sys/utsname.h>
#include <apti18n.h>
/*}}}*/
@ -1808,9 +1810,42 @@ APT_PURE signed short pkgDepCache::Policy::GetPriority(pkgCache::VerIterator con
APT_PURE signed short pkgDepCache::Policy::GetPriority(pkgCache::PkgFileIterator const &/*File*/)
{ return 0; }
/*}}}*/
class APT_HIDDEN DefaultRootSetFunc2 : public pkgDepCache::InRootSetFunc, public Configuration::MatchAgainstConfig
{
std::unique_ptr<APT::CacheFilter::PackageNameMatchesRegEx> unameMatcher;
public:
DefaultRootSetFunc2() : Configuration::MatchAgainstConfig("APT::NeverAutoRemove")
{
bool Debug = _config->FindB("Debug::pkgAutoRemove", false);
struct utsname u;
if (not _config->FindB("APT::Protect-Kernels", true) || uname(&u) != 0)
return;
// Escape . and + in the the uname
std::string uname = u.release;
for (size_t pos = 0; (pos = uname.find_first_of(".+", pos)) != uname.npos; pos += 2)
uname.insert(pos, 1, '\\');
std::string pattern;
for (auto const &kernelPackage : _config->FindVector("APT::VersionedKernelPackages"))
pattern += "|^" + kernelPackage + "-" + uname + "$";
if (pattern.empty())
return;
if (Debug)
std::clog << "Kernel protection regex: " << pattern.substr(1) << std::endl;
unameMatcher.reset(new APT::CacheFilter::PackageNameMatchesRegEx(pattern.substr(1)));
};
bool InRootSet(const pkgCache::PkgIterator &pkg) APT_OVERRIDE { return pkg.end() == false && ((unameMatcher && (*unameMatcher)(pkg)) || Match(pkg.Name())); };
};
pkgDepCache::InRootSetFunc *pkgDepCache::GetRootSetFunc() /*{{{*/
{
DefaultRootSetFunc *f = new DefaultRootSetFunc;
DefaultRootSetFunc2 *f = new DefaultRootSetFunc2;
if(f->wasConstructedSuccessfully())
return f;
else

44
apt-pkg/packagemanager.cc

@ -609,7 +609,8 @@ bool pkgPackageManager::SmartConfigure(PkgIterator Pkg, int const Depth)
List->Flag(Pkg,pkgOrderList::Configured,pkgOrderList::States);
if ((Cache[Pkg].InstVerIter(Cache)->MultiArch & pkgCache::Version::Same) == pkgCache::Version::Same)
if ((Cache[Pkg].InstVerIter(Cache)->MultiArch & pkgCache::Version::Same) == pkgCache::Version::Same &&
not List->IsFlag(Pkg, pkgOrderList::Immediate))
for (PkgIterator P = Pkg.Group().PackageList();
P.end() == false; P = Pkg.Group().NextPkg(P))
{
@ -655,9 +656,11 @@ bool pkgPackageManager::EarlyRemove(PkgIterator Pkg, DepIterator const * const D
// Essential packages get special treatment
bool IsEssential = false;
if ((Pkg->Flags & pkgCache::Flag::Essential) != 0 ||
(Pkg->Flags & pkgCache::Flag::Important) != 0)
if ((Pkg->Flags & pkgCache::Flag::Essential) != 0)
IsEssential = true;
bool IsProtected = false;
if ((Pkg->Flags & pkgCache::Flag::Important) != 0)
IsProtected = true;
/* Check for packages that are the dependents of essential packages and
promote them too */
@ -665,14 +668,17 @@ bool pkgPackageManager::EarlyRemove(PkgIterator Pkg, DepIterator const * const D
{
for (pkgCache::DepIterator D = Pkg.RevDependsList(); D.end() == false &&
IsEssential == false; ++D)
if (D->Type == pkgCache::Dep::Depends || D->Type == pkgCache::Dep::PreDepends)
if ((D.ParentPkg()->Flags & pkgCache::Flag::Essential) != 0 ||
(D.ParentPkg()->Flags & pkgCache::Flag::Important) != 0)
if (D->Type == pkgCache::Dep::Depends || D->Type == pkgCache::Dep::PreDepends) {
if ((D.ParentPkg()->Flags & pkgCache::Flag::Essential) != 0)
IsEssential = true;
if ((D.ParentPkg()->Flags & pkgCache::Flag::Important) != 0)
IsProtected = true;
}
}
if (IsEssential == true)
{
// FIXME: Unify messaging with Protected below.
if (_config->FindB("APT::Force-LoopBreak",false) == false)
return _error->Error(_("This installation run will require temporarily "
"removing the essential package %s due to a "
@ -683,6 +689,16 @@ bool pkgPackageManager::EarlyRemove(PkgIterator Pkg, DepIterator const * const D
// dpkg will auto-deconfigure it, no need for the big remove hammer
else if (Dep != NULL && (*Dep)->Type == pkgCache::Dep::DpkgBreaks)
return true;
else if (IsProtected == true)
{
// FIXME: Message should talk about Protected, not Essential, and unified.
if (_config->FindB("APT::Force-LoopBreak",false) == false)
return _error->Error(_("This installation run will require temporarily "
"removing the essential package %s due to a "
"Conflicts/Pre-Depends loop. This is often bad, "
"but if you really want to do it, activate the "
"APT::Force-LoopBreak option."),Pkg.FullName().c_str());
}
bool Res = SmartRemove(Pkg);
if (Cache[Pkg].Delete() == false)
@ -1013,10 +1029,18 @@ bool pkgPackageManager::SmartUnPack(PkgIterator Pkg, bool const Immediate, int c
return false;
if (Immediate == true) {
// Perform immediate configuration of the package.
if (SmartConfigure(Pkg, Depth + 1) == false)
_error->Error(_("Could not perform immediate configuration on '%s'. "
"Please see man 5 apt.conf under APT::Immediate-Configure for details. (%d)"),Pkg.FullName().c_str(),2);
// Perform immediate configuration of the package.
_error->PushToStack();
bool configured = SmartConfigure(Pkg, Depth + 1);
_error->RevertToStack();
if (not configured && Debug) {
clog << OutputInDepth(Depth);
ioprintf(clog, _("Could not perform immediate configuration on '%s'. "
"Please see man 5 apt.conf under APT::Immediate-Configure for details. (%d)"),
Pkg.FullName().c_str(), 2);
clog << endl;
}
}
return true;

1
apt-pkg/tagfile-keys.list

@ -48,6 +48,7 @@ Package-Revision
Package-Type
Pre-Depends
Priority
Protected
Provides
Recommended
Recommends

3
apt-pkg/tagfile-order.c

@ -11,7 +11,7 @@ static const char *iTFRewritePackageOrder[] = {
"Architecture",
"Subarchitecture", // Used only by d-i
"Version",
"Revision", // Obsolete (warning in dpkg)
"Revision", // Obsolete (warning in dpkg)
"Package-Revision", // Obsolete (warning in dpkg)
"Package_Revision", // Obsolete (warning in dpkg)
"Kernel-Version", // Used only by d-i
@ -23,6 +23,7 @@ static const char *iTFRewritePackageOrder[] = {
"Priority",
"Class", // dpkg nickname for Priority
"Build-Essential",
"Protected",
"Essential",
"Installer-Menu-Item", // Used only by d-i
"Section",

21
apt-pkg/update.cc

@ -46,6 +46,20 @@ bool ListUpdate(pkgAcquireStatus &Stat,
bool AcquireUpdate(pkgAcquire &Fetcher, int const PulseInterval,
bool const RunUpdateScripts, bool const ListCleanup)
{
enum class ErrorMode
{
Persistent,
Any
};
std::string errorModeS = _config->Find("APT::Update::Error-Mode", "persistent");
ErrorMode errorMode = ErrorMode::Persistent;
if (errorModeS == "persistent")
errorMode = ErrorMode::Persistent;
else if (errorModeS == "any")
errorMode = ErrorMode::Any;
else
return _error->Error("Unknown update error mode %s", errorModeS.c_str());
// Run scripts
if (RunUpdateScripts == true)
RunScripts("APT::Update::Pre-Invoke");
@ -69,7 +83,10 @@ bool AcquireUpdate(pkgAcquire &Fetcher, int const PulseInterval,
AllFailed = false;
continue;
case pkgAcquire::Item::StatTransientNetworkError:
TransientNetworkFailure = true;
if (errorMode == ErrorMode::Any)
Failed = true;
else
TransientNetworkFailure = true;
break;
case pkgAcquire::Item::StatIdle:
case pkgAcquire::Item::StatFetching:
@ -89,7 +106,7 @@ bool AcquireUpdate(pkgAcquire &Fetcher, int const PulseInterval,
uri.Password.clear();
std::string const descUri = std::string(uri);
// Show an error for non-transient failures, otherwise only warn
if ((*I)->Status == pkgAcquire::Item::StatTransientNetworkError)
if ((*I)->Status == pkgAcquire::Item::StatTransientNetworkError && errorMode != ErrorMode::Any)
_error->Warning(_("Failed to fetch %s %s"), descUri.c_str(),
(*I)->ErrorText.c_str());
else

1
apt-private/private-cmndline.cc

@ -205,6 +205,7 @@ static bool addArgumentsAPTGet(std::vector<CommandLine::Args> &Args, char const
addArg(0, "allow-releaseinfo-change-codename", "Acquire::AllowReleaseInfoChange::Codename", 0);
addArg(0, "allow-releaseinfo-change-suite", "Acquire::AllowReleaseInfoChange::Suite", 0);
addArg(0, "allow-releaseinfo-change-defaultpin", "Acquire::AllowReleaseInfoChange::DefaultPin", 0);
addArg('e', "error-on", "APT::Update::Error-Mode", CommandLine::HasArg);
}
else if (CmdMatches("source"))
{

16
debian/apt.systemd.daily

@ -84,7 +84,7 @@ check_stamp()
return 0
fi
if [ "$interval" -eq 0 ]; then
if [ "$interval" = 0 ]; then
debug_echo "check_stamp: interval=0"
# treat as no time has passed
return 1
@ -237,7 +237,7 @@ do_cache_backup()
BackupArchiveInterval="$1"
if [ "$BackupArchiveInterval" = always ]; then
:
elif [ "$BackupArchiveInterval" -eq 0 ]; then
elif [ "$BackupArchiveInterval" = 0 ]; then
return
fi
@ -415,12 +415,12 @@ if [ $UpdateInterval = always ] ||
[ $AutocleanInterval = always ] ||
[ $CleanInterval = always ] ; then
:
elif [ $UpdateInterval -eq 0 ] &&
[ $DownloadUpgradeableInterval -eq 0 ] &&
[ $UnattendedUpgradeInterval -eq 0 ] &&
[ $BackupArchiveInterval -eq 0 ] &&
[ $AutocleanInterval -eq 0 ] &&
[ $CleanInterval -eq 0 ] ; then
elif [ $UpdateInterval = 0 ] &&
[ $DownloadUpgradeableInterval = 0 ] &&
[ $UnattendedUpgradeInterval = 0 ] &&
[ $BackupArchiveInterval = 0 ] &&
[ $AutocleanInterval = 0 ] &&
[ $CleanInterval = 0 ] ; then
# check cache size
check_size_constraints

77
debian/changelog

@ -1,3 +1,80 @@
apt (1.8.5) buster; urgency=medium
* Merge 1.8.2.z security uploads back into 1.8.y branch; bringing
the changes from 1.8.3, 1.8.4 and this upload to buster.
[ David Kalnischkies ]
* Fix incorrect base64 encoding due to int promotion (LP: #1916050)
* Harden test for no new acquires after transaction abort (Closes: #984966)
(LP: #1918920)
[ Julian Andres Klode ]
* Implement update --error-on=any (Closes: #594813) (LP: #1693900)
* Include all translations when building the cache (LP: #1907850)
* Add basic support for the Protected field, and do not require force-loopbreak
on Protected/Important packages (Closes: #983014) (LP: #1916725)
* Protect currently running kernel at run-time (LP: #1615381)
* Make ADDARG{,C}() macros expand to single statements
* Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
* Improve immediate configuration handling (LP: #1871268)
- Do not immediately configure m-a: same packages in lockstep
- Ignore failures from immediate configuration. This does not change the
actual installation ordering - we never passed the return code to the
caller and installation went underway anyway if it could be ordered at a
later stage, this just removes spurious after-the-fact errors.
(Closes: #973305, #188161, #211075, #649588)
-- Julian Andres Klode <jak@debian.org> Fri, 12 Mar 2021 12:57:44 +0100
apt (1.8.4) unstable; urgency=medium
* CMake: Pass -Werror=return-type to gcc
* apt.systemd.daily: Do not numerically check if intervals equal 0
(LP: #1840995)
* Pass --abort-after=1 to dpkg when using --force-depends (Closes: #935910)
(LP: #1844634)
* Fix use of GTest to adjust for GTest 1.9
-- Julian Andres Klode <jak@debian.org> Thu, 19 Sep 2019 22:06:45 +0200
apt (1.8.3) unstable; urgency=medium
[ Simon Körner ]
* http: Fix Host header in proxied https connections (LP: #1838771)
[ Brian Murray ]
* Do not include squashfs file systems in df output. (LP: #1756595)
-- Julian Andres Klode <jak@debian.org> Fri, 09 Aug 2019 11:16:15 +0200
apt (1.8.2.2) buster-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
* Fix autopkgtest regression in 1.8.2.1 security update
-- Julian Andres Klode <jak@debian.org> Mon, 07 Dec 2020 12:31:04 +0100
apt (1.8.2.1) buster-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
* .gitlab.ci.yml: Point to debian:buster
-- Julian Andres Klode <jak@debian.org> Tue, 12 May 2020 11:57:30 +0200
apt (1.8.2) unstable; urgency=medium
[ Alwin Henseler ]

6
doc/apt-get.8.xml

@ -14,7 +14,7 @@
&apt-email;
&apt-product;
<!-- The last update date -->
<date>2019-01-27T00:00:00Z</date>
<date>2021-01-08T00:00:00Z</date>
</refentryinfo>
<refmeta>
@ -620,6 +620,10 @@
</para></listitem>
</varlistentry>
<varlistentry><term><option>-e<replaceable>any</replaceable></option></term><term><option>--error-on=<replaceable>any</replaceable></option></term>
<listitem><para>Fail the update command if any error occured, even a transient one.</para></listitem>
</varlistentry>
&apt-commonoptions;
</variablelist>

2
doc/apt-verbatim.ent

@ -268,7 +268,7 @@
">
<!-- this will be updated by 'prepare-release' -->
<!ENTITY apt-product-version "1.8.2">
<!ENTITY apt-product-version "1.8.5">
<!-- (Code)names for various things used all over the place -->
<!ENTITY debian-oldstable-codename "stretch">

5
doc/examples/configure-index

@ -54,6 +54,9 @@ APT
Build-Profiles "<STRING_OR_LIST>";
NeverAutoRemove "<LIST>"; // list of package name regexes
LastInstalledKernel "<STRING>"; // last installed kernel version
VersionedKernelPackages "<LIST>"; // regular expressions to be protected from autoremoval (kernel uname will be appended)
Protect-Kernels "<BOOL>"; // whether to protect installed kernels against autoremoval (default: true)
// Options for apt-get
Get
@ -157,6 +160,7 @@ APT
{
Pre-Invoke {"touch /var/lib/apt/pre-update-stamp"; };
Post-Invoke {"touch /var/lib/apt/post-update-stamp"; };
Error-Mode "<STRING>";
};
/* define a new supported compressor on the fly
@ -555,6 +559,7 @@ Debug
pkgCacheGen
{
Essential "<STRING>"; // native,all, none, installed
Protected "<STRING>"; // native,all, none, installed
ForceEssential "<STRING_OR_LIST>"; // package names
ForceImportant "<LIST>"; // package names
};

14
doc/po/apt-doc.pot

@ -5,9 +5,9 @@
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.8.2\n"
"Project-Id-Version: apt-doc 1.8.5\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-05-28 16:41+0200\n"
"POT-Creation-Date: 2021-03-12 11:57+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -1480,6 +1480,16 @@ msgid ""
"&apt-cache; for further details."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/de.po

@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt 1.6\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2018-10-21 12:58+0200\n"
"Last-Translator: Chris Leick <c.leick@vollbio.de>\n"
"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
@ -2072,6 +2072,16 @@ msgstr ""
"verwendet werden, um mehrere Dateien hinzuzufügen. Weitere Einzelheiten der "
"<option>--with-source</option>-Beschreibung finden Sie unter &apt-cache;."
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

16
doc/po/es.po

@ -38,7 +38,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.0.5\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2014-07-04 01:31+0200\n"
"Last-Translator: Omar Campagne <ocampagne@gmail.com>\n"
"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n"
@ -2119,6 +2119,16 @@ msgid ""
"cache; for further details."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml
@ -9991,8 +10001,8 @@ msgid ""
"from polluting its cache with (big) .deb files."
msgstr ""
"Se proporcionan tres opciones de configuración para el control de la caché "
"con proxy cachés conformes an HTTP/1.1. <literal>No-Cache</literal> indica al "
"proxy que nunca utilice la respuesta cacheada. <literal>Max-Age</literal> "
"con proxy cachés conformes an HTTP/1.1. <literal>No-Cache</literal> indica "
"al proxy que nunca utilice la respuesta cacheada. <literal>Max-Age</literal> "
"define la máxima antigüedad permitida (en segundos) de un fichero de índice "
"en la caché de un proxy. <literal>No-Store</literal> define que el proxy no "
"debe almacenar ficheros del archivo en su caché, que se puede utilizar para "

12
doc/po/fr.po

@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.8.0\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-05-21 14:38+0200\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2019-05-01 17:00+0100\n"
"Last-Translator: Jean-Pierre Giraud <jean-pierregiraud@neuf.fr>\n"
"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
@ -2070,6 +2070,16 @@ msgstr ""
"répétée pour ajouter de multiples fichiers. Voir la description de l'option "
"<option>--with-source</option> dans &apt-cache; pour plus de détails."
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/it.po

@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.0.5\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2017-03-27 19:05+0200\n"
"Last-Translator: Beatrice Torracca <beatricet@libero.it>\n"
"Language-Team: Italian <debian-l10n-italian@lists.debian.org>\n"
@ -2101,6 +2101,16 @@ msgstr ""
"per aggiungere più file. Vedere la descrizione di <option>--with-source</"
"option> in &apt-cache; per ulteriori dettagli."
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/ja.po

@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.4\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2017-01-06 04:50+0900\n"
"Last-Translator: Takuma Yamada <tyamada@takumayamada.com>\n"
"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
@ -2031,6 +2031,16 @@ msgstr ""
"ファイルを追加できます。さらなる詳細については &apt-cache; の <option>--with-"
"source</option> の説明を見てください。"
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/nl.po

@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.8.0~rc3\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-03-08 09:41+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2019-02-16 20:46+0100\n"
"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
@ -2140,6 +2140,16 @@ msgstr ""
"meerdere bestanden toe te voegen. Zie voor verdere details de beschrijving "
"van de optie <option>--with-source</option> in &apt-cache;."
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/pl.po

@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.0.5\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2014-07-04 02:13+0200\n"
"Last-Translator: Robert Luberda <robert@debian.org>\n"
"Language-Team: Polish <manpages-pl-list@lists.sourceforge.net>\n"
@ -2128,6 +2128,16 @@ msgid ""
"cache; for further details."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/pt.po

@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt 1.8.0\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-05-21 14:35+0200\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2019-04-07 22:02+0000\n"
"Last-Translator: Américo Monteiro <a_monteiro@gmx.com>\n"
"Language-Team: Portuguese <>\n"
@ -2083,6 +2083,16 @@ msgstr ""
"repetido para adicionar vários ficheiros. Veja a descrição de <option>--with-"
"source</option> em &apt-cache; para mais detalhes."
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml
#: apt_preferences.5.xml apt_auth.conf.5.xml

12
doc/po/pt_BR.po

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: apt-doc 1.0.5\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
"POT-Creation-Date: 2019-02-04 15:34+0100\n"
"POT-Creation-Date: 2021-03-10 13:40+0000\n"
"PO-Revision-Date: 2004-09-20 17:02+0000\n"
"Last-Translator: André Luís Lopes <andrelop@debian.org>\n"
"Language-Team: <debian-l10n-portuguese@lists.debian.org>\n"
@ -1452,6 +1452,16 @@ msgid ""
"cache; for further details."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option><replaceable>
#: apt-get.8.xml
msgid "any"
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt-get.8.xml
msgid "Fail the update command if any error occured, even a transient one."
msgstr ""
#. type: Content of: <refentry><refsect1><title>
#: apt-get.8.xml apt-cache.8.xml apt-key.8.xml apt-mark.8.xml apt.conf.5.xml