Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
This release fixes several smaller bugs in the network connection. Apart from the changes in the changelog, there also are some changes to our travis CI integration and the test suite to make CI more reliable (by fixing coverage errors messing up our tests), more future proof (by using docker instead of mixing travis' ubuntu trusty with wily and xenial packages...), and the CI now runs on stretch, so that's good too :) All fixes are straight cherry-picks from unstable, just the travis stuff had some changes (one less variant to build and stretch isntead of testing), but that does not affect us. Let me know if this is good to go. apt (1.4.7) stretch; urgency=medium * New microrelease fixing issues in http method (LP: #1702326) => I'll also upload this to Ubuntu, that's just a tag for them, it also helps summarizing the main part of the upload [ Robert Luberda ] * fix a "critical" typo in old changelog entry (Closes: 866358) => Remove a letter, and works around a bug in apt-listchanges. [ David Kalnischkies ] * use port from SRV record instead of initial port => Might have picked the wrong port [ Julian Andres Klode ] * Reset failure reason when connection was successful => Some failures were only treated as warnings, not errors * debian/gbp.conf: Set debian-branch to 1.4.y => Building ... * http: A response with Content-Length: 0 has no content => Downloading failed if server responded with Content-Length: 0, as APT was waiting for content to read. -- Julian Andres Klode <j...@debian.org> Tue, 04 Jul 2017 17:11:59 +0200 -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (900, 'unstable'), (900, 'testing'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) -- Debian Developer - deb.li/jak | jak-linux.org - free software dev | Ubuntu Core Developer | When replying, only quote what is necessary, and write each reply directly below the part(s) it pertains to ('inline'). Thank you.
diff -Nru apt-1.4.6/CMakeLists.txt apt-1.4.7/CMakeLists.txt --- apt-1.4.6/CMakeLists.txt 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/CMakeLists.txt 2017-07-04 17:11:59.000000000 +0200 @@ -172,7 +172,7 @@ # Configure some variables like package, version and architecture. set(PACKAGE ${PROJECT_NAME}) set(PACKAGE_MAIL "APT Development Team <de...@lists.debian.org>") -set(PACKAGE_VERSION "1.4.6") +set(PACKAGE_VERSION "1.4.7") if (NOT DEFINED DPKG_DATADIR) execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;" diff -Nru apt-1.4.6/debian/changelog apt-1.4.7/debian/changelog --- apt-1.4.6/debian/changelog 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/debian/changelog 2017-07-04 17:11:59.000000000 +0200 @@ -1,3 +1,20 @@ +apt (1.4.7) stretch; urgency=medium + + * New microrelease fixing issues in http method (LP: #1702326) + + [ Robert Luberda ] + * fix a "critical" typo in old changelog entry (Closes: 866358) + + [ David Kalnischkies ] + * use port from SRV record instead of initial port + + [ Julian Andres Klode ] + * Reset failure reason when connection was successful + * debian/gbp.conf: Set debian-branch to 1.4.y + * http: A response with Content-Length: 0 has no content + + -- Julian Andres Klode <j...@debian.org> Tue, 04 Jul 2017 17:11:59 +0200 + apt (1.4.6) unstable; urgency=medium * apt.systemd.daily: Do not pass -d to unattended-upgrade for the download @@ -3330,7 +3347,7 @@ -- Michael Vogt <m...@debian.org> Fri, 22 Mar 2013 21:57:08 +0100 -apt (0.9.7.8) unstable; urgency=criticial +apt (0.9.7.8) unstable; urgency=critical * SECURITY UPDATE: InRelease verification bypass - CVE-2013-1051 diff -Nru apt-1.4.6/debian/gbp.conf apt-1.4.7/debian/gbp.conf --- apt-1.4.6/debian/gbp.conf 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/debian/gbp.conf 2017-07-04 17:11:59.000000000 +0200 @@ -3,7 +3,7 @@ ;preexport = ./prepare-release pre-export prebuild = ./prepare-release pre-build postbuild = ./prepare-release post-build -debian-branch = master +debian-branch = 1.4.y debian-tag = %(version)s export-dir = ../build-area sign-tags = True diff -Nru apt-1.4.6/doc/apt-verbatim.ent apt-1.4.7/doc/apt-verbatim.ent --- apt-1.4.6/doc/apt-verbatim.ent 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/apt-verbatim.ent 2017-07-04 17:11:59.000000000 +0200 @@ -239,7 +239,7 @@ "> <!-- this will be updated by 'prepare-release' --> -<!ENTITY apt-product-version "1.4.6"> +<!ENTITY apt-product-version "1.4.7"> <!-- (Code)names for various things used all over the place --> <!ENTITY debian-oldstable-codename "jessie"> diff -Nru apt-1.4.6/doc/po/apt-doc.pot apt-1.4.7/doc/po/apt-doc.pot --- apt-1.4.6/doc/po/apt-doc.pot 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/apt-doc.pot 2017-07-04 17:11:59.000000000 +0200 @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt-doc 1.4.6\n" +"Project-Id-Version: apt-doc 1.4.7\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <l...@li.org>\n" diff -Nru apt-1.4.6/doc/po/de.po apt-1.4.7/doc/po/de.po --- apt-1.4.6/doc/po/de.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/de.po 2017-07-04 17:11:59.000000000 +0200 @@ -7,7 +7,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.3\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2016-11-15 21:51+0200\n" "Last-Translator: Chris Leick <c.le...@vollbio.de>\n" "Language-Team: German <debian-l10n-ger...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/es.po apt-1.4.7/doc/po/es.po --- apt-1.4.6/doc/po/es.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/es.po 2017-07-04 17:11:59.000000000 +0200 @@ -38,7 +38,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.5\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2014-07-04 01:31+0200\n" "Last-Translator: Omar Campagne <ocampa...@gmail.com>\n" "Language-Team: Debian l10n Spanish <debian-l10n-span...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/fr.po apt-1.4.7/doc/po/fr.po --- apt-1.4.6/doc/po/fr.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/fr.po 2017-07-04 17:11:59.000000000 +0200 @@ -12,7 +12,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.5\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2017-01-24 22:43+0100\n" "Last-Translator: Jean-Pierre Giraud <jean-pierregir...@neuf.fr>\n" "Language-Team: French <debian-l10n-fre...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/it.po apt-1.4.7/doc/po/it.po --- apt-1.4.6/doc/po/it.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/it.po 2017-07-04 17:11:59.000000000 +0200 @@ -10,7 +10,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.5\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2015-12-27 21:26+0200\n" "Last-Translator: Beatrice Torracca <beatri...@libero.it>\n" "Language-Team: Italian <debian-l10n-ital...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/ja.po apt-1.4.7/doc/po/ja.po --- apt-1.4.6/doc/po/ja.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/ja.po 2017-07-04 17:11:59.000000000 +0200 @@ -10,7 +10,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.4\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2017-01-06 04:50+0900\n" "Last-Translator: Takuma Yamada <tyam...@takumayamada.com>\n" "Language-Team: Japanese <debian-japan...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/nl.po apt-1.4.7/doc/po/nl.po --- apt-1.4.6/doc/po/nl.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/nl.po 2017-07-04 17:11:59.000000000 +0200 @@ -6,7 +6,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.4~beta4-nl\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2017-01-19 17:53+0100\n" "Last-Translator: Frans Spiesschaert <frans.spiesscha...@yucom.be>\n" "Language-Team: Debian Dutch l10n Team <debian-l10n-du...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/pl.po apt-1.4.7/doc/po/pl.po --- apt-1.4.6/doc/po/pl.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/pl.po 2017-07-04 17:11:59.000000000 +0200 @@ -11,7 +11,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.5\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2014-07-04 02:13+0200\n" "Last-Translator: Robert Luberda <rob...@debian.org>\n" "Language-Team: Polish <manpages-pl-l...@lists.sourceforge.net>\n" diff -Nru apt-1.4.6/doc/po/pt_BR.po apt-1.4.7/doc/po/pt_BR.po --- apt-1.4.6/doc/po/pt_BR.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/pt_BR.po 2017-07-04 17:11:59.000000000 +0200 @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.5\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2004-09-20 17:02+0000\n" "Last-Translator: André Luís Lopes <andre...@debian.org>\n" "Language-Team: <debian-l10n-portugu...@lists.debian.org>\n" diff -Nru apt-1.4.6/doc/po/pt.po apt-1.4.7/doc/po/pt.po --- apt-1.4.6/doc/po/pt.po 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/doc/po/pt.po 2017-07-04 17:11:59.000000000 +0200 @@ -7,7 +7,7 @@ msgstr "" "Project-Id-Version: apt-doc 1.0.7\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: 2014-08-29 00:34+0100\n" "Last-Translator: Américo Monteiro <a_monte...@gmx.com>\n" "Language-Team: Portuguese <tra...@debianpt.org>\n" diff -Nru apt-1.4.6/Dockerfile apt-1.4.7/Dockerfile --- apt-1.4.6/Dockerfile 1970-01-01 01:00:00.000000000 +0100 +++ apt-1.4.7/Dockerfile 2017-07-04 17:11:59.000000000 +0200 @@ -0,0 +1,11 @@ +FROM debian:stretch +COPY . /tmp +WORKDIR /tmp +RUN sed -i s#://deb.debian.org#://cdn-fastly.deb.debian.org# /etc/apt/sources.list \ + && apt-get update \ + && adduser --home /home/travis travis --quiet --disabled-login --gecos "" --uid 1000 \ + && env DEBIAN_FRONTEND=noninteractive apt-get install build-essential ccache ninja-build expect curl git -q -y \ + && env DEBIAN_FRONTEND=noninteractive ./prepare-release travis-ci \ + && dpkg-reconfigure ccache \ + && rm -r /tmp/* \ + && apt-get clean diff -Nru apt-1.4.6/methods/basehttp.cc apt-1.4.7/methods/basehttp.cc --- apt-1.4.6/methods/basehttp.cc 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/methods/basehttp.cc 2017-07-04 17:11:59.000000000 +0200 @@ -146,6 +146,9 @@ if (stringcasecmp(Tag,"Content-Length:") == 0) { + auto ContentLength = strtoull(Val.c_str(), NULL, 10); + if (ContentLength == 0) + return true; if (Encoding == Closes) Encoding = Stream; HaveContent = true; @@ -154,7 +157,7 @@ if (Result == 416 || (Result >= 300 && Result < 400)) DownloadSizePtr = &JunkSize; - *DownloadSizePtr = strtoull(Val.c_str(), NULL, 10); + *DownloadSizePtr = ContentLength; if (*DownloadSizePtr >= std::numeric_limits<unsigned long long>::max()) return _error->Errno("HeaderLine", _("The HTTP server sent an invalid Content-Length header")); else if (*DownloadSizePtr == 0) diff -Nru apt-1.4.6/methods/connect.cc apt-1.4.7/methods/connect.cc --- apt-1.4.6/methods/connect.cc 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/methods/connect.cc 2017-07-04 17:11:59.000000000 +0200 @@ -144,7 +144,9 @@ return _error->Errno("connect",_("Could not connect to %s:%s (%s)."),Host.c_str(), Service,Name); } - + + Owner->SetFailReason(""); + return true; } /*}}}*/ @@ -312,12 +314,15 @@ size_t stackSize = 0; // try to connect in the priority order of the srv records std::string initialHost{std::move(Host)}; + auto const initialPort = Port; while(SrvRecords.empty() == false) { _error->PushToStack(); ++stackSize; // PopFromSrvRecs will also remove the server - Host = PopFromSrvRecs(SrvRecords).target; + auto Srv = PopFromSrvRecs(SrvRecords); + Host = Srv.target; + Port = Srv.port; auto const ret = ConnectToHostname(Host, Port, Service, DefPort, Fd, TimeOut, Owner); if (ret) { @@ -327,6 +332,7 @@ } } Host = std::move(initialHost); + Port = initialPort; // we have no (good) SrvRecords for this host, connect right away _error->PushToStack(); diff -Nru apt-1.4.6/po/apt-all.pot apt-1.4.7/po/apt-all.pot --- apt-1.4.6/po/apt-all.pot 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/po/apt-all.pot 2017-07-04 17:11:59.000000000 +0200 @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt 1.4.6\n" +"Project-Id-Version: apt 1.4.7\n" "Report-Msgid-Bugs-To: APT Development Team <de...@lists.debian.org>\n" -"POT-Creation-Date: 2017-06-01 10:51+0200\n" +"POT-Creation-Date: 2017-07-04 17:12+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <l...@li.org>\n" diff -Nru apt-1.4.6/test/integration/framework apt-1.4.7/test/integration/framework --- apt-1.4.6/test/integration/framework 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/test/integration/framework 2017-07-04 17:11:59.000000000 +0200 @@ -1428,12 +1428,12 @@ local TMPFILE2="${TMPWORKINGDIRECTORY}/rootdir/tmp/checkdiff.2.tmp" touch "$TMPFILE1" "$TMPFILE2" if [ "$1" != '-' ]; then - sed -e '/^profiling:/ d' < "$1" >"$TMPFILE1" + sed -e '/^profiling:/ d' -e '/\.\.\.profiling:/{N;s#\.\.\.profiling:.*\n#...#g}' < "$1" >"$TMPFILE1" else TMPFILE1='-' fi if [ "$2" != '-' ]; then - sed -e '/^profiling:/ d' < "$2" >"$TMPFILE2" + sed -e '/^profiling:/ d' -e '/\.\.\.profiling:/{N;s#\.\.\.profiling:.*\n#...#g}' < "$2" >"$TMPFILE2" else TMPFILE2='-' fi diff -Nru apt-1.4.6/test/integration/test-bug-738785-switch-protocol apt-1.4.7/test/integration/test-bug-738785-switch-protocol --- apt-1.4.6/test/integration/test-bug-738785-switch-protocol 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/test/integration/test-bug-738785-switch-protocol 2017-07-04 17:11:59.000000000 +0200 @@ -47,4 +47,4 @@ # check that downgrades from https to http are not allowed webserverconfig 'aptwebserver::support::http' 'true' sed -i -e "s#:${APTHTTPPORT}/redirectme#:${APTHTTPSPORT}/downgrademe#" -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/* -testfailure aptget update --allow-insecure-repositories -o Acquire::https::Timeout=1 +testfailure aptget update --allow-insecure-repositories -o Acquire::https::Timeout=1 -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::https=1 diff -Nru apt-1.4.6/.travis.yml apt-1.4.7/.travis.yml --- apt-1.4.6/.travis.yml 2017-06-01 10:50:26.000000000 +0200 +++ apt-1.4.7/.travis.yml 2017-07-04 17:11:59.000000000 +0200 @@ -1,33 +1,20 @@ language: cpp cache: ccache sudo: required -dist: trusty +services: + - docker env: - - TEST_SUITE=user CMAKE_FLAGS= - - TEST_SUITE=root CMAKE_FLAGS=-DWITH_DOC=OFF -before_install: - - sudo add-apt-repository 'deb http://archive.ubuntu.com/ubuntu/ wily main universe' -y - - sudo add-apt-repository 'deb http://archive.ubuntu.com/ubuntu/ xenial main' -y - - | - sudo sh -c '/bin/echo -e "Package: *\nPin: release n=wily\nPin-Priority: 1" > /etc/apt/preferences.d/wily' - sudo sh -c '/bin/echo -e "Package: *\nPin: release n=xenial\nPin-Priority: 1" > /etc/apt/preferences.d/xenial' - - sudo apt-get update -qq + - USER=travis CMAKE_FLAGS= + - USER=root CMAKE_FLAGS=-DWITH_DOC=OFF install: - - sudo apt-get -qq -y -t wily install gettext liblz4-dev python3-apt - - sudo apt-get -qq -y -t xenial install cmake ninja-build - - sudo ./prepare-release travis-ci + - sed -i -e "s#1000#$(id -u)#g" Dockerfile + - docker build --tag=apt-ci . before_script: - - ( mkdir build && cd build && cmake -DCMAKE_BUILD_TYPE=Coverage -G Ninja $CMAKE_FLAGS .. ) - - ninja -C build + - docker run --rm -w $PWD -v $HOME/.ccache:$HOME/.ccache -v $PWD:$PWD --user=travis apt-ci sh -e -c "mkdir build && cd build && env PATH=/usr/lib/ccache:\$PATH cmake -DCMAKE_BUILD_TYPE=Coverage -G Ninja $CMAKE_FLAGS .." + - docker run --rm -w $PWD -v $HOME/.ccache:$HOME/.ccache -v $PWD:$PWD --user=travis apt-ci ninja -C build script: - - CTEST_OUTPUT_ON_FAILURE=1 ninja -C build test - - DESTDIR=$PWD/rootdir chronic ninja -C build install - - test "$TEST_SUITE" != "user" || ./test/integration/run-tests -qq - - sudo adduser --force-badname --system --home /nonexistent --no-create-home --quiet _apt || true - - sudo chmod go+x /home/travis - - sudo chmod -R go+rwX /home/travis/build - - test "$TEST_SUITE" != "root" || sudo ./test/integration/run-tests -qq + - docker run --rm -w $PWD -v $PWD:$PWD --user=travis apt-ci env CTEST_OUTPUT_ON_FAILURE=1 ninja -C build test + - docker run --rm -w $PWD -v $PWD:$PWD --user=travis apt-ci env DESTDIR=$PWD/rootdir chronic ninja -C build install + - docker run --rm -w $PWD -v $PWD:$PWD --user=$USER --tmpfs /tmp:suid,exec apt-ci unbuffer ./test/integration/run-tests -qq -j 4 after_script: - - cd build - - gcov -r $(find -name '*.gcno') - - bash <(curl -s https://codecov.io/bash) + - docker run --rm -w $PWD/build -v $PWD:$PWD --user=$USER `bash <(curl -s https://codecov.io/env)` apt-ci bash -c 'bash <(curl -s https://codecov.io/bash)'