apt (2.5.2)
[PTS] [DDPO]
COMMITS: VCS has seen 2 commits since the 2.5.2 tag
- Git: https://salsa.debian.org/apt-team/apt.git
-
- Branch: main
- Path: debian/changelog
- Browser: https://salsa.debian.org/apt-team/apt
- Last scan: 2022-08-07 13:07:20+00
- Next scan: 2022-08-16 10:41:00+00
- Merge requests: 16
- CI pipeline status: success
- Debian changelog in Git:
apt (2.5.2) unstable; urgency=medium
[ Julian Andres Klode ]
* Mark broken reverse depends for upgrade (LP: #1974196)
* Upgrade all binaries in a source package
[ Michael Vogt ]
* apt-pkg: (re)export pkgTagSection::Key to fix FTBFS in python-apt
(Closes: #1011678)
-- Julian Andres Klode <jak@debian.org> Sun, 24 Jul 2022 17:57:24 +0200
- This branch is 2 commits ahead of tag 2.5.2
- Git log:
commit 7d10b39f7ad95f6ca3731fb58b1644018e8dea6b
Merge: 2d87af57e 5e4d241e2
Author: Julian Andres Klode <jak@debian.org>
Date: Sun Aug 7 12:45:17 2022 +0000
Merge branch 'doc-explain-apt-download-authenticity' into 'main'
doc: Explain that apt-get download ensures package authenticity
See merge request apt-team/apt!251
commit 5e4d241e273e32cfc72c80526e8951a767efaaeb
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sat Aug 6 15:43:46 2022 +0300
doc: Explain that apt-get download ensures package authenticity
The documentation currently does not specify whether `apt-get download`
verifies the authenticity of downloaded packages or not. The underlying
code does verify the authenticity of packages as usual and would fail if
the package signature is invalid. Therefore it makes sense to make this
guarantee explicit in the documentation, because without it
security-conscious users will likely want to recheck the signatures or
checksums manually which is not necessary in this case and just wastes
time.