dpkg (1.17.12ubuntu1) utopic; urgency=medium
* Merge with Debian; remaining changes:
- Change native source version/format mismatch errors into warnings
until the dust settles on Debian bug 737634 about override options.
- Add DPKG_UNTRANSLATED_MESSAGES environment check so that higher-level
tools can get untranslated dpkg terminal log messages while at the
same time having translated debconf prompts.
- Special-case arm{el,hf} ELF objects in Shlibs/Objdump.pm for multilib.
- Map unqualified package names of multiarch-same packages to the native
arch instead of throwing an error, so that we don't break on upgrade
when there are unqualified names stored in the dpkg trigger database.
- Add logic to the postinst to `dpkg --add-architecture i386' on new
installs on amd64, mimicking our previous behaviour with the conffile.
- Apply a workaround from mvo to consider ^rc packages as multiarch,
during the dpkg consistency checks. (see LP: 1015567 and 1057367).
dpkg (1.17.12) unstable; urgency=low
[ Guillem Jover ]
* Only build the compatibility selinux code if libselinux is available or
the user requested it. Also fixes build failures on non-Linux systems.
Closes: #757637
* Documentation:
- Add a short description to each virtual field in dpkg-query(1), and
mention the version they got introduced in dpkg.
- Fix formatting of last paragraphs inside dselect(1) --color description.
* Rework dselect columns code, to make it easier to maintain and read.
* Add new architecture columns to dselect package list view. The new
columns, shown by default, can be turned off with the new ‘A’ key,
or bound to another key via the new “archdisplay” keybinding.
* Fix a descriptor leak on dselect subprocesses when --debug is used.
* Use «tar --format=gnu» when creating source archives. This makes sure we
get a deterministic output format, regardless of what tar defaults to.
Thanks to Jan Blunck <email address hidden>..
* Use perl's length instead of defined when checking some environment
variables, if we require them to have content.
* Allow specifying the same build type option multiple times in
dpkg-buildpackage and dpkg-genchanges. There seems to be scripts with
such invocations in the wild. Closes: #757795
[ Updated programs translations ]
* German (Sven Joachim).
[ Updated scripts translations ]
* German (Helge Kreutzmann).
[ Updated manpages translations ]
* German (Helge Kreutzmann).
dpkg (1.17.11) unstable; urgency=low
[ Guillem Jover ]
* Switch URLs in docs and code comments from http:// to https:// if the
latter is available (round two). This includes the quilt patch header
templates, and examples in man pages.
* Update some dpkg git URLs to the new and newer (cgit switch) scheme.
* Changes to libcompat:
- Make the library testable.
- Do not run qsort() over the scandir() list if it is NULL.
- Add a setexecfilecon() compatibility function out from dpkg code.
* Use SELinux setexecfilecon() if available in dpkg instead of ad-hoc code.
* Replace obsolete <sys/fcntl.h> with <fcntl.h>, which fixes compilation on
Android. Thanks to Fredrik Fornwall <email address hidden>. Closes: #752036
* Fix file triggers/Unincorp descriptor leak on subprocesses. Regression
introduced with the initial triggers implementation in dpkg 1.14.17.
Closes: #751021
* Do not disable the stack-protector build flags on arm64 in Debian and
derivatives, the toolchain supports them now.
Thanks to Adam Conrad <email address hidden>. Closes: #751032
* When parsing the statoverride database from dpkg-statoverride do not
consider it an error and refuse to operate at all if the user or group
names are not known to the system, just preserve them. Closes: #563307
* Do not write to the available file when unpacking binary packages. This
information is not useful as dpkg has never recorded the archive path,
so it has never been truly available for re-installation anyway.
* Add versioned Provides support:
- Add a new dpkg --assert-versioned-provides command.
- Packages can provide a specific version, “virtual (= 1.0)” which will
be honored, previously it would just be accepted when parsing.
- Non-versioned virtual packages will not satisfy versioned dependencies.
- Versioned virtual packages will satisfy non-versioned dependencies.
Based on skeletal code by Ben Collins <email address hidden>.
Closes: #7330, #24934, #112131, #134582, #180316
* On removal check Depends and Pre-Depends for packages in unpacked and
half-configured states too.
* Add support for new hardening build flag stackprotectorstrong in Debian
and derivatives, enabled by default. It will fallback to stackprotector
when the former is not functional or disabled by the user.
Thanks to Romain Francoise <email address hidden>.
* Change «dpkg-deb --field» code to use the libdpkg deb822 parser instead
of an ad-hoc one. This makes sure any field fixup and sanity check is
performed on the input, and gets reflected on the output.
* Add new dpkg-query virtual fields db:Status-Want, db:Status-Status and
db:Status-Eflag to allow fine-grained access to the Status values.
* Automatically add the Testsuite field in dpkg-source to the .dsc file.
* Spell nocheck option in dpkg-scanpackages wait_child() call correctly.
Spotted by James McCoy <email address hidden> (in devscripts).
* Move the explanation of functional checks from --verify-format to the
--verify command in the dpkg(1) man page. Closes: #747264
* Improve dpkg-buildpackage(1) man page:
- Mark DEB_CHECK_COMMAND environment variable in bold.
- Add final item for done hook in the actions sequence.
- Mention that -nc does not apply either when -F is specified.
- Mention that the --FOO-option options can be used multiple times.
- Fix a typo in the BUGS section.
* Mark the “and” between the filenames as regular format in dpkg-source(1).
* Add --format and --ignore-bad-version to dpkg-source --help output.
* Clarify error message in Dpkg::Source::Quilt when patches fail to apply,
to note that the patch might be malformed (besides not accepting patches
with fuzz).
* Try to preallocate the disk size for extracted files on unpack. This
might help in avoiding filesystem fragmentation, and possibly improve
performance on some filesystems.
* Print the correct removed binary filename when building a source package
with dpkg-source --include-removal. Closes: #755166
* Add powerpcel support to cputable. Thanks to Jae Junh <email address hidden>.
* Bump the i386 architecture GNU triplet to i586-linux-gnu to match the
change in gcc. Somewhat reluctantly, as i386 wants to be its unique
snowflake and use a GNU triplet not matching its baseline. This will
cause problems when cross-building and using unmatched combinations of
dpkg-dev and gcc. Closes: #751363
* Update i386 architecture GNU cpu regex in cputable to match i786 too.
* Remove unused pkglibdir variable from libdpkg.pc.in.
* Perl modules:
- Add new set_as_auto() method to Dpkg::Substvars.
- Add support for sig and delete_sig spawn() options in Dpkg::IPC.
- Add %opts to ensure_open() member in Dpkg::Compression::FileHandle.
- Change find_command() to handle an empty or undef argument in Dpkg:Path.
* Mark Format and Installed-Size as automatic substvars in dpkg-genchanges
and dpkg-gencontrol respectively.
* Warn on usage of deprecated Source-Version substvar.
* Say OpenPGP instead of PGP when referring to the standard on code comments
and output messages.
* Add a hint to the “no dependency information found” error message in
dpkg-shlibdeps, to check if the library is actually packaged.
Thanks to Sylvestre Ledru <email address hidden>. Closes: #756230
* Delete the current compressor SIGPIPE disposition in Dpkg::Source::Archive,
which fixes ignoring SIGPIPE from the calling process. Closes: #756526
* Ignore DEB_CHECK_COMMAND in dpkg-buildpackage if the command is not found.
* Emit a warning when using the deprecated -is/-ip/-isp/-ips options in
dpkg-gencontrol.
* Only print build type once in dpkg-genchanges, instead of once for each
specified -A or -B option and then yet another time for the general build
type description.
* Unify build options description in --help output for dpkg-buildpackage
and dpkg-genchanges.
* Only allow one build type option in dpkg-genchanges and dpkg-buildpackage.
* Correctly filter the host architecture on the Architecture field in the
generated .changes file from dpkg-genchanges, when the debian/files
contains arch-specific packages but dpkg-genchanges was called with
one of the build types excluding them.
* Add new -g and -G options to dpkg-genchanges and dpkg-buildpackage for
source plus arch-indep/specific builds. Closes: #756975
* Fix dpkg --add-architecture and --remove-architecture to check that they
get exactly one argument. Closes: #757254
[ Updated programs translations ]
* Danish (Joe Dalton). Closes: #754127
* French (Jean-Baka Domelevo Entfellner, Julien Patriarca).
* Portuguese (Miguel Figueiredo). Closes: #756920
* Spanish (Guillem Jover): Fix «dpkg-query -l» header. Closes: #756209
* Swedish (Peter Krefting).
[ Updated scripts translations ]
* Swedish (Peter Krefting).
[ Updated manpages translations ]
* Swedish (Peter Krefting).
-- Matthias Klose <email address hidden> Sun, 17 Aug 2014 13:14:31 +0200
dpkg (1.17.10ubuntu1) utopic; urgency=medium
* Merge from Debian unstable. Remaining changes:
- Allow -fstack-protector on arm64 now that GCC and glibc support it.
- Change native source version/format mismatch errors into warnings
until the dust settles on Debian bug 737634 about override options.
- Add DPKG_UNTRANSLATED_MESSAGES environment check so that higher-level
tools can get untranslated dpkg terminal log messages while at the
same time having translated debconf prompts.
- Special-case arm{el,hf} ELF objects in Shlibs/Objdump.pm for multilib.
- Map unqualified package names of multiarch-same packages to the native
arch instead of throwing an error, so that we don't break on upgrade
when there are unqualified names stored in the dpkg trigger database.
- Add logic to the postinst to `dpkg --add-architecture i386' on new
installs on amd64, mimicking our previous behaviour with the conffile.
- Apply a workaround from mvo to consider ^rc packages as multiarch,
during the dpkg consistency checks. (see LP: 1015567 and 1057367).
dpkg (1.17.10) unstable; urgency=medium
[ Guillem Jover ]
* Use libtool to build the static libraries, which makes it possible to
embed libcompat inside libdpkg, as required by some external programs
linking against the latter. Closes: #746122
* Fix word wrapping logic in dselect. Regression introduced in dpkg 1.17.3.
* Fix possible out of bounds buffer read access in the error output on
bogus ar member sizes.
* Fix memory leaks in buffer_copy() on error conditions.
* Test suite:
- Improve C code coverage.
- Add template test cases for most perl modules.
- Add test cases for Dpkg::Deps OR relationships.
- Add minimal test case for Dpkg::Source::Quilt.
- Add test cases for Dpkg::Source::Patch CVE-2014-0471 and CVE-2014-3127.
- Add test case for patch disabling hunks; not security sensitive.
* Fix non-security sensitive TOCTOU race in triggers database loading.
* Fix non-security sensitive TOCTOU race in update-alternative alternative
database loading.
* Fix non-security sensitive TOCTOU race in update-alternative rename code.
* Add a workaround to start-stop-daemon for bogus OpenVZ Linux kernels that
prepend, instead of appending, the " (deleted)" marker in /proc/PID/exe.
Closes: #731530
* Move dpkg-architecture -L argument to the Commands --help output section.
* Make dpkg-maintscript-helper print only once that we are moving a
conffile, and not on every interim state transition. Closes: #747370
* Do not use global match variables in perl code.
* Man pages:
- Attempt to clarify and improve wording of some strange or confused
constructs. Reported by Helge Kreutzmann.
- Expand Vcs-* field names into each supported field name in
deb-src-control(5) to make it easier to search for them.
- Change control.tar.gz reference to simply control.tar in deb(5).
- Document in dpkg-deb(1) -Z option that bzip2 and lzma are deprecated.
- Add notes in dpkg-gensymbols(1) about symbol backward-compatibility.
Based on a patch by Bernhard R. Link <email address hidden>.
Closes: #746973
- Document that dpkg-buildpackage(1) -j argument is optional.
- Add current and deprecated media types to deb(5).
- Document in dpkg(1) that --audit now does more than just searching for
partially installed packages.
* Add support for automatic parallel job selection in dpkg-buildpackage,
matching currently active processors, when using -jauto. Closes: #748012
* Perl modules:
- Bump $VERSION for Dpkg::Patch, missed in 1.16.1.
- Bump $VERSION for Dpkg::Deps, missed in 1.17.0.
- Update and fix CHANGES POD sections for public modules.
- Add missing Dpkg::Deps::Multiple profile_is_concerned() and
reduce_profiles() methods, inherited by Dpkg::Deps::Union,
Dpkg::Deps::AND and Dpkg::Deps::OR.
* Do not mangle quilt series files with a missing newline on the last line.
Closes: #584233
* Quiesce tar warnings in cron job by redirecting stderr to /dev/null, as
it seems --warning=none does not work correctly. Closes: #748544
* Do not emit a trailing space from Dpkg::Control::Hash on a field's empty
first line. Bump dpkg-dev Breaks on devscripts to 2.14.4, as previous
versions expect a trailing space from dpkg-parsechangelog output.
Based on a patch by Johannes Schauer <email address hidden>. Closes: #749044
* Do not assume that sensible-editor is present on «dpkg-source --commit»,
as that command is very Debian specific. Fallback to try VISUAL, EDITOR,
or vi, if the previous commands are either unset or not found.
* Use badusage() instead of ohshit() on dpkg --ignore-depends argument
parsing errors.
* Add per package dpkg --audit support.
* Add support for DragonFlyBSD to ostable and triplettable.
Thanks to Hleb Valoshka <email address hidden>.
* Add support for DragonFlyBSD to start-stop-daemon. Closes: #734452
Based on a patch by Hleb Valoshka <email address hidden>.
* Correctly parse patch headers in Dpkg::Source::Patch, to avoid directory
traversal attempts from hostile source packages when unpacking them.
Reported by Javier Serrano Polo <email address hidden> as an unspecified
directory traversal; meanwhile also independently found by me both
#749183 and what was supposed to be #746498, which was later on published
and ended up being just a subset of the other non-reported issue.
Fixes CVE-2014-3864 and CVE-2014-3865. Closes: #746498, #749183
[ Updated programs translations ]
* Catalan (Guillem Jover).
* Italian (Milo Casagrande). Closes: #750105
[ Updated scripts translations ]
* German (Helge Kreutzmann).
[ Updated manpages translations ]
* German (Helge Kreutzmann).
[ Raphaël Hertzog ]
* Let dpkg-source unpack additional tarballs in a deterministic order.
Thanks to Samuel Bronson for the report. Closes: #747148
-- Adam Conrad <email address hidden> Mon, 09 Jun 2014 12:18:09 -0600
