-
python-apt (1.6.6) bionic; urgency=medium
* The "It's an upstream release again" release. Ran all the usual
upstream CI and release bits :)
* AcquireFile: Handle large files (LP: #1998265)
* Get Debian mirrors from mirror-master.debian.org, the previous location
stopped working
* Update mirror lists
* d/t/control: Add missing binutils test dependency
-- Julian Andres Klode <email address hidden> Thu, 01 Dec 2022 13:36:29 +0100
-
python-apt (1.6.5ubuntu0.7) bionic; urgency=medium
* Update mirror lists.
-- Brian Murray <email address hidden> Fri, 03 Sep 2021 11:40:37 -0700
-
python-apt (1.6.5ubuntu0.6) bionic; urgency=medium
* debfile: Pass `Name` instead of `Binary` to ExtractTar.
Passing the binary causes it to fail trying to find the `false`
compressor when a binary for a given compressor is not installed.
(LP: #1926437)
* Update mirror lists
-- Julian Andres Klode <email address hidden> Thu, 29 Apr 2021 21:33:02 +0200
-
python-apt (1.6.5ubuntu0.5) bionic-security; urgency=medium
* REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or
apt_inst.DebFile caused a segmentation fault (LP: #1907676)
- python/arfile.cc: Fix segmentation fault when opening fd, track
lifetime correctly
-- Marc Deslauriers <email address hidden> Thu, 10 Dec 2020 09:48:08 -0500
-
python-apt (1.6.5ubuntu0.4) bionic-security; urgency=high
* SECURITY UPDATE: various memory and file descriptor leaks (LP: #1899193)
- python/arfile.cc, python/generic.h, python/tag.cc, python/tarfile.cc:
fix file descriptor and memory leaks
- python/apt_instmodule.cc, python/apt_instmodule.h, python/arfile.h:
Avoid reference cycle with control,data members in apt_inst.DebFile
objects
- tests/test_cve_2020_27351.py: Test cases for DebFile (others not easily
testable)
- CVE-2020-27351
* data/templates: Update mirror lists
-- Julian Andres Klode <email address hidden> Tue, 01 Dec 2020 20:16:11 +0100
-
python-apt (1.6.5ubuntu0.3) bionic; urgency=medium
* Don't duplicate disabled sources during add() (LP: #1311056)
-- Dave Jones <email address hidden> Fri, 24 Jan 2020 22:06:25 +0000
-
python-apt (1.6.5ubuntu0.2) bionic-security; urgency=medium
* SECURITY REGRESSION: crash with ubuntu-release-upgrader (LP: #1860606)
- apt/cache.py: make allow_unauthenticated argument to
fetch_archives() optional.
-- Marc Deslauriers <email address hidden> Wed, 22 Jan 2020 16:52:51 -0500
-
python-apt (1.6.5ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Check that repository is trusted before downloading
files from it (LP: #1858973)
- apt/cache.py: Add checks to fetch_archives() and commit()
- apt/package.py: Add checks to fetch_binary() and fetch_source()
- CVE-2019-15796
* SECURITY UPDATE: Do not use MD5 for verifying downloadeds
(Closes: #944696) (#LP: #1858972)
- apt/package.py: Use all hashes when fetching packages, and
check that we have trusted hashes when downloading
- CVE-2019-15795
* To work around the new checks, the parameter allow_unauthenticated=True
can be passed to the functions. It defaults to the value of the
APT::Get::AllowUnauthenticated option.
- Bump Breaks aptdaemon (<< 1.1.1+bzr982-0ubuntu21.2), as it will have
to set that parameter after having done validation.
* Automatic changes and fixes for external regressions:
- Adjustments to test suite and CI to fix CI regressions
- Automatic mirror list update
-- Julian Andres Klode <email address hidden> Wed, 15 Jan 2020 17:01:17 +0100
-
python-apt (1.6.4) bionic; urgency=medium
* apt.Cache: Fix (un)locking of archives (Closes: #922416) (LP: #1826870)
* apt.Cache: Use explicit, more safe locking in update()
* Update mirror lists
-- Julian Andres Klode <email address hidden> Mon, 29 Apr 2019 13:49:15 +0200
-
python-apt (1.6.3ubuntu1) bionic; urgency=medium
* updated mirror lists for the forthcoming point release.
-- Brian Murray <email address hidden> Thu, 31 Jan 2019 16:38:36 -0800
-
python-apt (1.6.3) bionic; urgency=medium
* Frontend locking and related locking improvements (LP: #1795407)
- apt.Cache: Keep / Re-establish the system lock in commit()
- apt.Cache: Keep archive locked during commit()/ in fetch_archives()
- apt.Cache: Reinstate locks in a finally / run dpkg inside try
- Introduce frontend locking
- Convert apt.Cache.commit and apt_pkg.DepCache.commit to FE lock
* Other changes to make that work:
- Cherry-pick apt_pkg.Error type hint from 1.7
- travis CI: bionic only; stretch does not have FE locking nor PPA
* As always, updated mirror lists
-- Julian Andres Klode <email address hidden> Mon, 01 Oct 2018 16:00:14 +0200
-
python-apt (1.6.2) unstable; urgency=medium
* Introduce gitlab ci
* Document whatsnew in 1.6.y
* Add more extensive test cases for cache remapping
* Do not override __hash__ in apt.package.Package (LP: #1780099)
* debian/python-apt.docs: README is README.md since some time
* debian/control: Point to salsa instead of anonscm
-- Julian Andres Klode <email address hidden> Mon, 09 Jul 2018 15:37:51 +0200
-
python-apt (1.6.1) unstable; urgency=medium
* apt: Fix typing errors to get CI pass again
* apt.Cache: Remap objects when reopening cache (LP: #1773316)
* apt_pkg.DepCache: Raise CacheMismatchError if argument belongs to diff. cache
* Set branch to 1.6.y and adjust travis CI to run against stable releases
* travis CI / Dockerfile: Pin mypy to 0.600 to prevent future changes breaking CI
* utils/get_debian_mirrors.py: Get data from salsa
-- Julian Andres Klode <email address hidden> Wed, 06 Jun 2018 15:14:59 -0700
-
python-apt (1.6.0) unstable; urgency=medium
* Final release, no further changes.
-- Julian Andres Klode <email address hidden> Wed, 18 Apr 2018 15:54:47 +0200
-
python-apt (1.6.0~rc3) unstable; urgency=medium
* Revert change to make apt.Cache subclass of dict
* Fix get_changelog() to correctly decode non-unicode changelogs
* Try to work around memory corruption in PackageRecords.*_hash
* apt/auth.py: Protect against race with gpg when removing tmpdir
(Closes: #871585)
* Document Architecture: all handling in Package.{fullname,architecture()}
(Closes: #863193)
* python/tag.cc: Fix invalid read in TagFileNext
* Raise ValueError if objects passed to DepCache are from different cache
(LP: #1737441)
* DepCache: Check that candidate we are setting belongs to package
* debian/gbp.conf: Default branch is master now
-- Julian Andres Klode <email address hidden> Fri, 13 Apr 2018 13:06:37 +0200
-
python-apt (1.6.0~rc2ubuntu2) bionic; urgency=medium
* apt/auth.py: Protect against race with gpg when removing tmpdir
(Closes: #871585)
* Document Architecture: all handling in Package.{fullname,architecture()}
(Closes: #863193)
* python/tag.cc: Fix invalid read in TagFileNext
* Raise ValueError if objects passed to DepCache are from different cache
(LP: #1737441)
-- Julian Andres Klode <email address hidden> Thu, 12 Apr 2018 11:22:27 +0200
-
python-apt (1.6.0~rc2ubuntu1) bionic; urgency=medium
* Revert change to make apt.Cache subclass of dict
* Fix get_changelog() to correctly decode non-unicode changelogs
* Try to work around memory corruption in PackageRecords.*_hash
-- Julian Andres Klode <email address hidden> Mon, 26 Mar 2018 12:13:04 +0200
-
python-apt (1.6.0~rc1) unstable; urgency=medium
[ Michael Vogt ]
* add info how to run the tests
* Fix the remaining pep8 erorrs
* README: add intro how to use python-apt with mypy
* tests/old: update to py3
* apt: make Version.fetch_binary() less noisy
* README: make markdown and add info about building/testing
* apt: add support for pep484 (type hints)
* fix tests
* python: add pkgsrcrecord.Files.{hashes,size,path,type} getters
* python: stop using deprecated hash access (and drive by indent fixes)
[ Julian Andres Klode ]
* pkgsrcrecords: Fix off-by-one error in OR group handling
* data/templates/Ubuntu.info.in: Add bionic template
* apt/cache.py: Fix pep8
* Switch travis to use Docker based tests
* tests: Make test_sourcerecords.py more reliable
-- Julian Andres Klode <email address hidden> Fri, 23 Mar 2018 00:41:08 +0100
-
python-apt (1.4.0~beta3ubuntu1) bionic; urgency=medium
* data/templates/Ubuntu.info.in: Add bionic template
-- Julian Andres Klode <email address hidden> Thu, 26 Oct 2017 00:11:27 +0200
-
python-apt (1.4.0~beta3build2) artful; urgency=medium
* No-change rebuild to build to drop python3.5.
-- Matthias Klose <email address hidden> Sat, 05 Aug 2017 16:22:11 +0000