Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Hi,
following is a debdiff which should fix the following issues in
apt-zip:
#782179 [G|+| ] [apt-zip] apt-zip: apt-zip-list
--aptgetaction=update doesn't do anything because "apt-get -qq
--print-uris update" outputs nothing
#781915 [G| | ] [apt-zip] Checksum fails and other issues in
Jessie
#638840 [i|+| ] [apt-zip] apt-zip: wrong checksum: checksum
calculation broken
The last one (#638840) is currently only set to severity "important",
but IMHO validates for severity "grave", too, as it doesn't download
any packages anymore because of the failed hashsum check.
This patch does not fix #718376 (Most deb data.tar member files are
unsupported) and there seem similar issues with package lists.
Additionally the patch also fixes this non-RC and no-op issue:
#624368 [m| | ] [apt-zip] Updating the apt-zip Uploaders list
Would the following debdiff suffice for an unblock? If so, I'd upload
it as NMU either directly or to DELAYED/1 so that it migrates to
Testing before the deadline ends.
diff -Nru apt-zip-0.18/debian/changelog apt-zip-0.18+nmu1/debian/changelog
--- apt-zip-0.18/debian/changelog 2008-02-01 08:18:33.000000000 +0100
+++ apt-zip-0.18+nmu1/debian/changelog 2015-04-09 03:49:29.000000000 +0200
@@ -1,3 +1,20 @@
+apt-zip (0.18+nmu1) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * Fix updating package lists by using -q instead of -qq for "apt-get
+ update" (Closes: #782179)
+ * Properly handle package list downloads (Closes: #781915)
+ + Don't try to bunzip2 empty files
+ + Don't save files with .bz2 or .gz suffix without suffix
+ + Don't try to add .bz2 or .gz suffix to URIs which already have them.
+ + Honour the fact that apt can't know checksums of package list in
+ advance.
+ * Fix checksum verification of packages (Closes: #638840; patch by
+ Rainer Dorsch <[email protected]>, thanks!)
+ * Remove François Févotte from Uploaders (Closes: #624368)
+
+ -- Axel Beckert <[email protected]> Thu, 09 Apr 2015 01:30:22 +0200
+
apt-zip (0.18) unstable; urgency=medium
* Use sha256 instead of md5 for checksum, as in apt 0.7.7.
diff -Nru apt-zip-0.18/apt-zip-inst apt-zip-0.18+nmu1/apt-zip-inst
--- apt-zip-0.18/apt-zip-inst 2008-02-01 08:07:37.000000000 +0100
+++ apt-zip-0.18+nmu1/apt-zip-inst 2015-04-09 03:44:21.000000000 +0200
@@ -36,8 +36,9 @@
tar xvf ${MEDIUM}/${APTZIPTARFILE} |
while read FILE
do
- [ `basename "$FILE" .bz2` != "$FILE" ] && bunzip2 -f "$FILE"
- [ `basename "$FILE" .gz` != "$FILE" ] && gunzip -f "$FILE"
+ [ ! -s "$FILE" ] && rm -f "$FILE"
+ [ -e "$FILE" -a `basename "$FILE" .bz2` != "$FILE" ] && bunzip2
-f "$FILE"
+ [ -e "$FILE" -a `basename "$FILE" .gz` != "$FILE" ] && gunzip
-f "$FILE"
done
rm -f foo-stamp
)
diff -Nru apt-zip-0.18/apt-zip-list apt-zip-0.18+nmu1/apt-zip-list
--- apt-zip-0.18/apt-zip-list 2008-02-01 07:57:01.000000000 +0100
+++ apt-zip-0.18+nmu1/apt-zip-list 2015-04-09 02:35:38.000000000 +0200
@@ -33,9 +33,15 @@
TMP=$(tempfile -p aptzip)
TEMP=$(tempfile -p aptzip)
+if [ "$APTGETACTION" = update ]; then
+ APTGETQUIETLEVEL=-q
+else
+ APTGETQUIETLEVEL=-qq
+fi
+
[ -n "$PACKAGES" ] && apt-get ${APTGETEXTRAOPTS} -qq --print-uris install
$PACKAGES > "$TMP"
-[ -n "$APTGETACTION" ] && apt-get ${APTGETEXTRAOPTS} -qq --print-uris
${APTGETACTION} >> "$TMP"
-grep $GREP < "$TMP" | tr -d "'" | sed 's/SHA256://' | sort -u > "$TEMP"
+[ -n "$APTGETACTION" ] && apt-get ${APTGETEXTRAOPTS} ${APTGETQUIETLEVEL}
--print-uris ${APTGETACTION} >> "$TMP"
+grep $GREP < "$TMP" | tr -d "'" | sed 's/MD5Sum://' | sort -u > "$TEMP"
if [ $? != 0 ]
then
error "apt-get failed"
diff -Nru apt-zip-0.18/debian/control apt-zip-0.18+nmu1/debian/control
--- apt-zip-0.18/debian/control 2008-02-01 08:24:00.000000000 +0100
+++ apt-zip-0.18+nmu1/debian/control 2015-04-09 01:50:07.000000000 +0200
@@ -4,7 +4,7 @@
Build-Depends-Indep: docbook-utils, docbook
Build-Depends: debhelper (>= 5), cdbs
Maintainer: Giacomo Catenazzi <[email protected]>
-Uploaders: Eddy Petrișor <[email protected]>, François Févotte
<[email protected]>
+Uploaders: Eddy Petrișor <[email protected]>
Standards-Version: 3.7.3
Homepage: http://alioth.debian.org/projects/apt-zip
diff -Nru apt-zip-0.18/methods/wget apt-zip-0.18+nmu1/methods/wget
--- apt-zip-0.18/methods/wget 2008-02-01 07:54:37.000000000 +0100
+++ apt-zip-0.18+nmu1/methods/wget 2015-04-09 03:34:04.000000000 +0200
@@ -31,10 +31,12 @@
[ ! "${USECHECKSUMS}" = 'no' ] && cat <<-EOF
check(){
[ ! -r "\$1" ] && return 1
+ [ ! -s "\$1" ] && return 1
[ "\$2" = "0" ] && return \$3
[ "\$2" = "" ] && return \$3
- [ "\`type sha256sum\`" ] &&
- if [ "\`sha256sum \$1 | cut -d' ' -f1\`" = \$2 ]
+ [ "\$2" = ":" ] && return \$3
+ [ "\`type md5sum\`" ] &&
+ if [ "\`md5sum \$1 | cut -d' ' -f1\`" = \$2 ]
then return 0
else err \$1 "wrong checksum"; return 1
fi
@@ -158,7 +160,11 @@
FILE=""
for EXT in ".bz2" ".gz" ""
do
- do_wget \$1\$EXT \$2\$EXT \$3 \$4 &&
+ if echo "\$1" | grep -Eq "\$EXT\$"; then
+ do_wget \$1 \$2\$EXT \$3 \$4
+ else
+ do_wget \$1\$EXT \$2\$EXT \$3 \$4
+ fi &&
FILE=\$2\$EXT &&
break
rm -f \$2\$EXT
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (909, 'testing'), (500, 'testing-updates'), (500,
'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive:
https://lists.debian.org/[email protected]
