apt 2.8.3 source package in Ubuntu
Changelog
apt (2.8.3) noble; urgency=medium * Revert increased key size requirements from 2.8.0-2.8.2 (LP: #2073126) - Revert "Only install 00-temporary-rsa1024 for >=2.7.6 and improve comment" - Revert "Only warn about <rsa2048 when upgrading from 2.7.x to 2.8.x" - Revert rsa1024 to warnings again This leaves the mechanisms in place and no longer warns about NIST curves. * Fix keeping back removals of obsolete packages; and return an error if ResolveByKeep() is unsuccessful (LP: #2078720) * Fix buffer overflow, stack overflow, exponential complexity in apt-ftparchive Contents generation (LP: #2083697) - ftparchive: Mystrdup: Add safety check and bump buffer size - ftparchive: contents: Avoid exponential complexity and overflows - test framework: Improve valgrind support - test: Check that apt-ftparchive handles deep paths - Workaround valgrind "invalid read" in ExtractTar::Go by moving large buffer from stack to heap. The large buffer triggered some bugs in valgrind stack clash protection handling. apt (2.8.2) noble; urgency=medium * Only install 00-temporary-rsa1024 for >=2.7.6 and improve comment (follow-up for LP: #2073126) apt (2.8.1) noble; urgency=medium * Only revoke weak RSA keys for now, add 'next' and 'future' levels (backported from 2.9.7) Note that the changes to warn about keys not matching the future level in the --audit level are not fully included, as the --audit feature has not yet been backported. (LP: #2073126) * Introduce further mitigation on upgrades from 2.7.x to allow these systems to continue using rsa1024 repositories with warnings until the 24.04.2 point release (LP: #2073126) apt (2.8.0) noble; urgency=medium [ Julian Andres Klode ] * Revert "Temporarily downgrade key assertions to "soon worthless"" We temporarily downgraded the errors to warnings to give the launchpad PPAs time to be fixed, but warnings are not safe: Untrusted keys could be hiding on your system, but just not used at the moment. Hence revert this so we get the errors we want. (LP: #2060721) * Branch off the stable 2.8.y branch for noble: - CI: Test in ubuntu:noble images for 2.8.y - debian/gbp.conf: Point at the 2.8.y branch [ David Kalnischkies ] * Test suite fixes: - Avoid subshell hiding failure report from testfilestats - Ignore umask of leftover diff_Index in failed pdiff test * Documentation translation fixes: - Fix and unfuzzy previous VCG/Graphviz URI change -- Julian Andres Klode <email address hidden> Tue, 22 Oct 2024 15:02:22 +0200
Upload details
- Uploaded by:
- Julian Andres Klode
- Uploaded to:
- Noble
- Original maintainer:
- APT Development Team
- Architectures:
- any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Noble | updates | main | admin |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apt_2.8.3.tar.xz | 2.2 MiB | 088522b3613b28fdbcfa61f1f7e476bf6dc6b0120a8f74409e9527580c9f9d3b |
| apt_2.8.3.dsc | 2.9 KiB | 1d41cd04115e1a79f0fa4d738e5c34603ae8a4f40122d8a18a622fd6d20a5523 |
Available diffs
- diff from 2.7.12 (in Debian) to 2.8.3 (67.8 KiB)
- diff from 2.8.2 to 2.8.3 (8.4 KiB)
Binary packages built by this source
- apt: commandline package manager
This package provides commandline tools for searching and
managing as well as querying information about packages
as a low-level access to all features of the libapt-pkg library.
.
These include:
* apt-get for retrieval of packages and information about them
from authenticated sources and for installation, upgrade and
removal of packages together with their dependencies
* apt-cache for querying available information about installed
as well as installable packages
* apt-cdrom to use removable media as a source for packages
* apt-config as an interface to the configuration settings
* apt-key as an interface to manage authentication keys
- apt-dbgsym: debug symbols for apt
- apt-doc: documentation for APT
This package contains the user guide and offline guide for various
APT tools which are provided in a html and a text-only version.
- apt-transport-https: transitional package for https support
This is a dummy transitional package - https support has been moved into
the apt package in 1.5. It can be safely removed.
- apt-utils: package management related utility programs
This package contains some less used commandline utilities related
to package management with APT.
.
* apt-extracttemplates is used by debconf to prompt for configuration
questions before installation.
* apt-ftparchive is used to create Packages and other index files
needed to publish an archive of Debian packages
* apt-sortpkgs is a Packages/Sources file normalizer.
- apt-utils-dbgsym: debug symbols for apt-utils
- libapt-pkg-dev: development files for APT's libapt-pkg and libapt-inst
This package contains the header files and libraries for
developing with APT's libapt-pkg Debian package manipulation
library and the libapt-inst deb/tar/ar library.
- libapt-pkg-doc: documentation for APT development
This package contains documentation for development of the APT
Debian package manipulation program and its libraries.
.
This includes the source code documentation generated by doxygen
in html format.
- libapt-pkg6.0t64: package management runtime library
This library provides the common functionality for searching and
managing packages as well as information about packages.
Higher-level package managers can depend upon this library.
.
This includes:
* retrieval of information about packages from multiple sources
* retrieval of packages and all dependent packages
needed to satisfy a request either through an internal
solver or by interfacing with an external one
* authenticating the sources and validating the retrieved data
* installation and removal of packages in the system
* providing different transports to retrieve data over cdrom, ftp,
http(s), rsh as well as an interface to add more transports like
tor+http(s) (apt-transport-tor).
- libapt-pkg6.0t64-dbgsym: debug symbols for libapt-pkg6.0t64
