aboutsummaryrefslogtreecommitdiff
path: root/debian
Commit message (Collapse)AuthorAge
* Fix up License paragraph in debian/copyrightAndreas Henriksson2015-06-22
| | | | | | | | - fixes lintian warnings: missing-license-paragraph-in-dep5-copyright copyright-should-refer-to-common-license-file-for-gpl Git-Dch: Full
* Add Turkish debconf template translationMert Dirik2015-06-22
| | | | Closes: #757505
* Mark pbuilder as "Multi-Arch: foreign"Frédéric Brière2015-06-22
| | | | Closes: #752545
* set the USER env variable to BUILDUSERNAME, to fix FTBFS of some package ↵Mattia Rizzolo2015-06-17
| | | | | | | which check for not being run as root using that variable Closes: #677666 Thanks: Tim Landscheidt <tim@tim-landscheidt.de> for the initial patch
* update changelogMattia Rizzolo2015-06-17
|
* debian/source/format: 3.0 (native)Mattia Rizzolo2015-06-17
|
* import 0.125+nmu3Mattia Rizzolo2015-06-17
|
* import 0.125+nmu2Mattia Rizzolo2015-06-17
|
* import 0.125+nmu1Mattia Rizzolo2015-06-17
|
* 0.215Junichi Uekawa2013-03-30
|
* release 0.214Junichi Uekawa2013-03-02
|
* release 0.213Junichi Uekawa2012-10-08
|
* remove /etc/pbuilder/pbuilderrc -> etc/pbuilderrc. (closes: 689213)Junichi Uekawa2012-10-08
| | | | | | /etc/pbuilder/pbuilderrc is a file that you cannot edit and just for your viewing pleasure, but it's hard to see, and dpkg isn't very friendly to anyone who edits this file.
* update changelogJunichi Uekawa2012-10-07
|
* Bug#686410: pbuilder: [INTL:es] Spanish translation update of debconf ↵David Martínez Moreno2012-09-11
| | | | messages - pbuilder.
* Bug#686004: [INTL: it] Italian translation of debconf messages - pbuilderBeatrice Torracca2012-09-11
|
* 0.212 release.Junichi Uekawa2012-08-24
|
* update copyright file to be more machine-process-able, and move homepage ↵Junichi Uekawa2012-05-31
| | | | information to debian/control
* 0.211 releaseJunichi Uekawa2012-05-30
|
* update changelogJunichi Uekawa2012-05-29
|
* first draft of a useful changelogJunichi Uekawa2012-05-29
|
* For testsuite, do not depend on approx instance. It's not always reliable ↵Junichi Uekawa2012-05-28
| | | | | | and confusing. Just trust autoconfiguration result here.
* policy 3.9.1 probably does not require any change.Junichi Uekawa2012-04-24
| | | | | | | | I wasn't sure if I needed to do something for the following, but maybe not: 7.1 Architecture restrictions and wildcards are also allowed in binary package relationships provided that the binary package is not architecture-independent.
* reviewed upgrading checklist for 3.9.0 compatibility.Junichi Uekawa2012-04-24
|
* release 0.210Junichi Uekawa2012-03-31
|
* prepare 0.210Junichi Uekawa2012-03-31
|
* 0.209Junichi Uekawa2012-03-30
|
* prepare for releaseJunichi Uekawa2012-03-30
|
* 0.208Junichi Uekawa2012-03-13
|
* 0.207Junichi Uekawa2012-03-10
|
* add changelog with git dch -a to prepare for 0.207 release.Junichi Uekawa2012-03-09
|
* Bug#579028: pbuilder: installs untrusted packages without askingSimon Ruderich2012-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Package: pbuilder Version: 0.206 Tags: patch Followup-For: Bug #579028 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Maintainer, The attached patch changes the defaults to always enforce signed repositories and aborts if an untrusted/manipulated package is installed. It adds the new option --keyring (APTKEYRINGS) to add additional keyrings, which are then used to verify the (local) signed repositories. This way no untrusted packages can be installed. To still allow untrusted/unsigned repositories - they are a very bad idea and allow remote attackers performing a MITM to take over the system, including all built packages - the new option - --allow-untrusted (ALLOWUNTRUSTED) was added. I tested it with the official Debian repository, signed and unsigned local repositories and it works fine for me. But I'm only a "normal" pbuilder user, so I might have missed something. Please test the patch. I haven't tested it with cdebootstrap, but it should work as well. The old PBUILDERSATISFYDEPENDSOPT --check-key option was deprecated and is no longer used (it emits a warning now) as validation is the default now. The patch also contains documentation updates for the new options/variables and updates for the NEWS file describing the necessary changes to continue using untrusted packages (but please don't do that - especially as a Debian developer). Please have a look and include the patch as soon as possible to fix this security issue. Regards, Simon - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages pbuilder depends on: ii cdebootstrap 0.5.8+b1 ii coreutils 8.13-3 ii debconf [debconf-2.0] 1.5.41 ii debianutils 4.2.1 ii debootstrap 1.0.38 ii dpkg-dev 1.16.1.2 ii wget 1.13.4-2 Versions of packages pbuilder recommends: pn devscripts 2.11.4 pn fakeroot 1.18.2-1 pn sudo <none> Versions of packages pbuilder suggests: pn cowdancer <none> pn gdebi-core <none> pn pbuilder-uml <none> - -- debconf information excluded -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJPVWhvAAoJEJL+/bfkTDL5ivAP/iayE8NRQnyk2HW8R+NiRXU3 uavLilwwpmEZyuciu8GxMQIAhT9HYd/DlkhF9I+yBSd30TO3fl0xW7YV9SaIZ+bv IPwnZbHri4KfeV9Zob/gd2jrT9A2QCoFRW0ny4XNCK3NvtWH5KuH+TG2Mq5CQqdN j4VJ3+76oJcbQbU7AUYXfvKDAsEb7gX+VwTEFLS4GrPkni/FIQJ8HHJhlTscyuCD gQANCoRFZHVSMaas3xqi9KYFKgVS4BZ5Z/9FZuLeY5kWBfcbnIhQloVOWTQZIMRI PhnqP1g62XlPu71K3a/Y2RMAcy3Gs6sUbW4OianIr2iskCndejih/MCb+3LmBFCg Ekxi/CcJGrc7a0pV57Qs8Iwkm1siRZZUxcp4xdD3mo9iayoOt4sfFyrvBCYryilQ 7JKpQc3iNoV3EQql6KBu5G+GmFFWHmokpLvVY27n8LgkV2YSb2wrgxqXPfxcYHj7 0j/y2MFw+HOX/d5YSESMLxn9aiZBi7CkMtlMemzqizxlNlL/+OOZiDsi4vdH8L/j Y0c2i9efjNeooc0/B9wASu/Ck8SWV8wW1EcfTag0p9Rp0avy4hoQUmG+MtgQsV0l MQuWWysyxeJFX4Z8ooau82L6sIGC0L073JH6Y/C7uTOz9gKt+e5tV3fnU+pkWpqH oF3CcmlykKX4SYzhUI/e =6EPj -----END PGP SIGNATURE----- >From cadc48fb599d436577a6efedc7f25e175652a3a1 Mon Sep 17 00:00:00 2001 Message-Id: <cadc48fb599d436577a6efedc7f25e175652a3a1.1330997290.git.simon@ruderich.org> From: Simon Ruderich <simon@ruderich.org> Date: Tue, 6 Mar 2012 02:00:48 +0100 Subject: [PATCH] Enforce valid signed repositories by default.
* 0.206Junichi Uekawa2012-01-28
|
* Bug#598316: pbuilder: mirrorsite is not preseedableMatthew Palmer2012-01-27
| | | | | | | | | | | | | | | | | | | tag 598316 +patch usertags 598316 +patch-supplied thanks Attached are three patches fixing the three issues reported in this bug. Hopefully it should be fairly self-explanatory which one is for which. - Matt >From 3631bcda0a9bf0011d02268942ebc7756fd03ada Mon Sep 17 00:00:00 2001 From: Matt Palmer <mpalmer@hezmatt.org> Date: Mon, 13 Dec 2010 17:04:45 +1100 Subject: [PATCH] Allow arbitrary whitespace in sources.list. Ref: #598316 An overly restrictive regex means that people who like very neat sources.list files get penalised. Not any more.
* release 0.205Junichi Uekawa2011-12-25
|
* pbuilder: [INTL:pt_BR] Brazilian Portuguese debconf templates translation ↵Flamarion Jorge2011-12-24
| | | | (closes: #651265)
* add dpkg-dev to pbuilder dependency (closes: 623623)Junichi Uekawa2011-12-23
| | | | | | | There's a missing dependency: 'dpkg-architecture' is in dpkg-dev and pbuilder now depends on it. Sort the dependency in alpha order on the way.
* release 0.204Junichi Uekawa2011-12-04
|
* installation preparation of packages.Junichi Uekawa2011-12-04
|
* revert change to changelogJunichi Uekawa2011-12-04
|
* Merge branch 'master' of ssh://git.debian.org/git/pbuilder/pbuilderJunichi Uekawa2011-12-04
|\
| * Bug#569917: Support base.tar.xz/bz2 as well as tgzTino Keitel2011-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Package: pbuilder Version: 0.203 Followup-For: Bug #569917 I cooked a little patch that adds a --compressprog command line option and COMPRESSPROG option in pbuilderrc. Tested with pigz, to get multithreaded, and therefore much faster compression/decompression, and xz. Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-00002-g5eeb7f9 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages pbuilder depends on: ii cdebootstrap 0.5.8+b1 ii coreutils 8.13-3 ii debconf [debconf-2.0] 1.5.41 ii debianutils 4.0.4 ii debootstrap 1.0.38 ii wget 1.13.4-1 Versions of packages pbuilder recommends: ii devscripts 2.11.2 ii fakeroot 1.18.1-1 ii sudo 1.8.3p1-2 Versions of packages pbuilder suggests: pn cowdancer 0.65 pn gdebi-core <none> pn pbuilder-uml <none> -- debconf information: pbuilder/mirrorsite: http://ftp.de.debian.org/debian/ pbuilder/nomirror: pbuilder/rewrite: false
* | check for pdebuild in regression test too, just in case.Junichi Uekawa2011-12-04
|/
* pbuilder: [INTL:sk] Slovak po-debconf translationSlavko2011-11-29
|
* release 0.203Junichi Uekawa2011-09-22
|
* start 0.203 development.Junichi Uekawa2011-08-30
|
* 0.202Junichi Uekawa2011-08-30
|
* open up 0.202 developmentJunichi Uekawa2011-08-02
|
* release 0.201Junichi Uekawa2011-08-02
|
* prepare 0.201 changelog from git changelog.Junichi Uekawa2011-08-02
|
generated by cgit v1.2.3 (git 2.45.0) at 2024-11-22 09:20:09 +0000