[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
This bug was fixed in the package apt - 1.0.1ubuntu2.22 --- apt (1.0.1ubuntu2.22) trusty; urgency=medium * apt.dirs: Install auth.conf.d directory (LP: #1818996) * Merge translations from 1.2.31 apt (1.0.1ubuntu2.21) trusty; urgency=medium [ Julian Andres Klode ] * travis CI: Use docker container to get useful results * fix and non-silent fail dpkg-overwrite error test (LP: #1817088) * Introduce experimental 'never' pinning for sources (LP: #1814727) * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * Add a Packages-Require-Authorization Release file field (LP: #1814727) * NeverAutoRemove kernel meta packages (LP: #1787460) * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761) [ David Kalnischkies ] * ftparchive/writer.cc: use a std::vector instead of hardcoded array (LP: #1817048) -- Julian Andres Klode Tue, 12 Mar 2019 15:15:54 +0100 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Released Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
This bug was fixed in the package apt - 1.2.31 --- apt (1.2.31) xenial; urgency=medium * Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...) * apt.dirs: Install auth.conf.d directory (LP: #1818996) * Merge translations from 1.6.10 (via 1.4.y branch) apt (1.2.30) xenial; urgency=medium * merge security upload for content injection in http method (CVE-2019-3462); with fixed autopkgtest (LP: #1815750) * Introduce experimental 'never' pinning for sources (LP: #1814727) * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * Add a Packages-Require-Authorization Release file field (LP: #1814727) * NeverAutoRemove kernel meta packages (LP: #1787460) * doc: Set ubuntu-codename to xenial (LP: #1812696) * update: Provide APT::Update-Post-Invoke-Stats script hook point (LP: #1815760) * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761) -- Julian Andres Klode Tue, 12 Mar 2019 14:59:01 +0100 ** Changed in: apt (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3462 ** Changed in: apt (Ubuntu Trusty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Released Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Reverified against 1.2.31 and 1.0.1ubuntu2.22, updating with an auth.conf.d snippet worked fine. ** Tags removed: verification-needed verification-needed-trusty verification-needed-xenial ** Tags added: verification-done verification-done-trusty verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.0.1ubuntu2.22 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-trusty to verification-done-trusty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-trusty. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Tags removed: verification-done-trusty ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.2.31 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Tags removed: verification-done verification-done-xenial ** Tags added: verification-needed verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Oh, this is slightly embarrassing: THe reason it failed is that I forgot to update apt-transport-https in trusty and xenial. After upgrading apt-transport-https, auth.conf.d support is working correctly in both 1.0.1ubuntu2.21 in trusty-proposed, and 1.2.30 in xenial-proposed. ** Tags removed: verification-failed-trusty verification-failed-xenial verification-needed ** Tags added: verification-done verification-done-trusty verification-done-xenial ** Description changed: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. + + - make sure to upgrade apt-transport-https on trusty & xenial... -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. - make sure to upgrade apt-transport-https on trusty & xenial... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
The auth.conf.d support in trusty and xenial does not seem to be working for https repos at least. Gotta re-investigate, it was working when I committed it, and xenial has a test case for it, so odd. ** Tags removed: verification-needed-trusty verification-needed-xenial ** Tags added: verification-failed-trusty verification-failed-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
There is a bug in that we do not install the auth.conf.d directory in the package, I'm tracking this in bug 1818996 and will soon push out new SRUs with the additional directory and a fix for a wrong hook name. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.0.1ubuntu2.21 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-trusty to verification-done-trusty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-trusty. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: apt (Ubuntu Trusty) Status: In Progress => Fix Committed ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Fix Committed Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.2.30 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: apt (Ubuntu Xenial) Status: In Progress => Fix Committed ** Tags removed: verification-done ** Tags added: verification-needed verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: In Progress Status in apt source package in Xenial: Fix Committed Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
** Changed in: apt (Ubuntu Xenial) Status: Triaged => In Progress ** Changed in: apt (Ubuntu Trusty) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: In Progress Status in apt source package in Xenial: In Progress Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
** Description changed: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. + + Except on trusty- do it manually there, by adding a file for a private + ppa, and then running update. ** CVE removed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3462 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. Except on trusty- do it manually there, by adding a file for a private ppa, and then running update. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
This bug was fixed in the package apt - 1.6.8 --- apt (1.6.8) bionic; urgency=medium * merge security update: content injection in http method (CVE-2019-3462) apt (1.6.7) bionic; urgency=medium [ Milo Casagrande ] * [l10n] Update Italian translation [ Julian Andres Klode ] * NeverAutoRemove kernel meta packages (LP: #1787460) * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * Merge translations from 1.8 series -- Julian Andres Klode Fri, 25 Jan 2019 12:51:00 +0100 ** Changed in: apt (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
This bug was fixed in the package apt - 1.7.2 --- apt (1.7.2) cosmic; urgency=medium * Merge security update content injection in http method (CVE-2019-3462) apt (1.7.1) cosmic; urgency=medium * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * NeverAutoRemove kernel meta packages (LP: #1787460) * Merge translations from 1.8 series * Source-only changes: - debian/gbp.conf: Point to 1.7.y branch - Do CI using ubuntu:cosmic, not debian:testing -- Julian Andres Klode Fri, 25 Jan 2019 12:41:42 +0100 ** Changed in: apt (Ubuntu Cosmic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3462 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
The autopkgtests ran successfully and included a check for this, so this is verified. ** Tags removed: verification-needed verification-needed-bionic verification-needed-cosmic ** Tags added: verification-don verification-done-bionic verification-done-cosmic ** Tags removed: verification-don ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Committed Status in apt source package in Cosmic: Fix Committed Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.7 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: apt (Ubuntu Bionic) Status: Triaged => Fix Committed ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Committed Status in apt source package in Cosmic: Fix Committed Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1811120] Re: Backport auth.conf.d
Hello Julian, or anyone else affected, Accepted apt into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.7.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: apt (Ubuntu Cosmic) Status: Triaged => Fix Committed ** Tags added: verification-needed verification-needed-cosmic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Committed Status in apt source package in Cosmic: Fix Committed Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp