[pacman-dev] [GIT] The official pacman repository branch, maint, updated. v4.1.1-12-g450be92
Allan McRae
allan at archlinux.org
Wed Jun 5 23:28:29 EDT 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The official pacman repository".
The branch, maint has been updated
via 450be928da1a71bebc3524f3f0bdb4160845b37e (commit)
via d080a469a002a6fd3d99e58211494292172fd77a (commit)
via dd62fde53ec00f1b08d312951b919e15050efe86 (commit)
via fe794ccb25d3ab1f7c07331b437b61c30c08a018 (commit)
via f1d74d928a7ce106dad9303c036222823f347af2 (commit)
from 7d2c7fb347e8b5ea89127f3f8b4a545772394600 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 450be928da1a71bebc3524f3f0bdb4160845b37e
Author: Allan McRae <allan at archlinux.org>
Date: Thu Jun 6 13:12:20 2013 +1000
Pull translation updates and regenerate
Signed-off-by: Allan McRae <allan at archlinux.org>
commit d080a469a002a6fd3d99e58211494292172fd77a
Author: Dave Reisner <dreisner at archlinux.org>
Date: Mon Jun 3 14:13:08 2013 -0400
pacman-key: Do not reinterpret keys from revoked keyrings
Given a revoked keyring containing only:
BC1FBE4D2826A0B51E47ED62E2539214C6C11350
We should only disable this specific keyid. This change enforces that the
contents of the -revoked keyring file are full fingerprints which can uniquely
identify a key.
Before:
# pacman-key --populate archlinux
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
-> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
-> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
-> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
-> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
-> Disabling key 1390420191...
-> Disabling key E2539214C6C11350...
-> Disabling key 8544EA82113502DE...
==> Updating trust database...
gpg: next trustdb check due at 2014-01-22
After:
# pacman-key --populate archlinux
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
-> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
-> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
-> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
-> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
-> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
==> Updating trust database...
gpg: next trustdb check due at 2014-01-22
Partially addresses FS#35478. This does nothing to confirm whether or not the
key was successfully disabled -- a ridiculously simple request which appears to
be far too difficult for gpg to manage.
Signed-off-by: Dave Reisner <dreisner at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit dd62fde53ec00f1b08d312951b919e15050efe86
Author: Simon Gomizelj <simongmzlj at gmail.com>
Date: Wed May 22 00:43:11 2013 -0400
validate %FILEPATH% when parsing repo dbs
Currently we make no effort to validate the %FILENAME% field in the
repo db. This allows for relative paths to be considered valid.
A carefully crafted db entry with a malicious relative path,
(e.g. `../../../../etc/passwd`) will cause pacman to to
overwrite _any_ file on the target's machine.
Add the following validation:
- doesn't start with '.'
- doesn't contain a '/'
- won't overflow PATH_MAX
Signed-off-by: Simon Gomizelj <simongmzlj at gmail.com>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit fe794ccb25d3ab1f7c07331b437b61c30c08a018
Author: Allan McRae <allan at archlinux.org>
Date: Tue Jun 4 13:38:48 2013 +1000
Restrict pkgname from starting with a dot.
Adding this restriction means we can filter any FILENAME entry from
starting with a "/" or a ".". Use the term "dot" as it is more
computing relevant compared to "full stop" or "period" which vary
depending on English locale.
Signed-off-by: Allan McRae <allan at archlinux.org>
commit f1d74d928a7ce106dad9303c036222823f347af2
Author: Eric Bélanger <snowmaniscool at gmail.com>
Date: Sun Apr 28 22:00:17 2013 -0400
Remove backslash typo from makepkg man page
Signed-off-by: Eric Bélanger <snowmaniscool at gmail.com>
Signed-off-by: Dan McGee <dan at archlinux.org>
-----------------------------------------------------------------------
Summary of changes:
doc/PKGBUILD.5.txt | 2 +-
doc/makepkg.8.txt | 2 +-
lib/libalpm/be_sync.c | 30 +++++++
lib/libalpm/po/ar.po | 10 ++-
lib/libalpm/po/ca.po | 10 ++-
lib/libalpm/po/cs.po | 10 ++-
lib/libalpm/po/da.po | 10 ++-
lib/libalpm/po/de.po | 14 ++-
lib/libalpm/po/el.po | 10 ++-
lib/libalpm/po/en_GB.po | 10 ++-
lib/libalpm/po/eo.po | 10 ++-
lib/libalpm/po/es.po | 14 ++-
lib/libalpm/po/fa.po | 10 ++-
lib/libalpm/po/fi.po | 10 ++-
lib/libalpm/po/fr.po | 10 ++-
lib/libalpm/po/gl.po | 62 +++++++------
lib/libalpm/po/hr.po | 10 ++-
lib/libalpm/po/hu.po | 10 ++-
lib/libalpm/po/id.po | 10 ++-
lib/libalpm/po/it.po | 12 ++-
lib/libalpm/po/ja.po | 10 ++-
lib/libalpm/po/kk.po | 10 ++-
lib/libalpm/po/ko.po | 27 ++++--
lib/libalpm/po/libalpm.pot | 12 ++-
lib/libalpm/po/lt.po | 12 ++-
lib/libalpm/po/nb.po | 10 ++-
lib/libalpm/po/nl.po | 10 ++-
lib/libalpm/po/pl.po | 10 ++-
lib/libalpm/po/pt.po | 10 ++-
lib/libalpm/po/pt_BR.po | 12 ++-
lib/libalpm/po/ro.po | 16 +++-
lib/libalpm/po/ru.po | 12 ++-
lib/libalpm/po/sk.po | 10 ++-
lib/libalpm/po/sl.po | 10 ++-
lib/libalpm/po/sr.po | 10 ++-
lib/libalpm/po/sr at latin.po | 10 ++-
lib/libalpm/po/sv.po | 10 ++-
lib/libalpm/po/tr.po | 10 ++-
lib/libalpm/po/uk.po | 10 ++-
lib/libalpm/po/zh_CN.po | 10 ++-
lib/libalpm/po/zh_TW.po | 10 ++-
scripts/makepkg.sh.in | 4 +
scripts/pacman-key.sh.in | 15 +---
scripts/po/ar.po | 53 ++++++------
scripts/po/ca.po | 12 ++-
scripts/po/cs.po | 12 ++-
scripts/po/da.po | 12 ++-
scripts/po/de.po | 12 ++-
scripts/po/el.po | 12 ++-
scripts/po/en_GB.po | 12 ++-
scripts/po/eo.po | 11 ++-
scripts/po/es.po | 12 ++-
scripts/po/fa.po | 11 ++-
scripts/po/fi.po | 12 ++-
scripts/po/fr.po | 12 ++-
scripts/po/gl.po | 11 ++-
scripts/po/hr.po | 12 ++-
scripts/po/hu.po | 12 ++-
scripts/po/id.po | 12 ++-
scripts/po/it.po | 12 ++-
scripts/po/ja.po | 12 ++-
scripts/po/kk.po | 12 ++-
scripts/po/ko.po | 11 ++-
scripts/po/lt.po | 12 ++-
scripts/po/nb.po | 12 ++-
scripts/po/nl.po | 11 ++-
scripts/po/pacman-scripts.pot | 13 +--
scripts/po/pl.po | 12 ++-
scripts/po/pt.po | 12 ++-
scripts/po/pt_BR.po | 12 ++-
scripts/po/ro.po | 58 +++++++------
scripts/po/ru.po | 26 +++---
scripts/po/sk.po | 12 ++-
scripts/po/sl.po | 11 ++-
scripts/po/sr.po | 12 ++-
scripts/po/sr at latin.po | 12 ++-
scripts/po/sv.po | 12 ++-
scripts/po/tr.po | 12 ++-
scripts/po/uk.po | 12 ++-
scripts/po/zh_CN.po | 12 ++-
scripts/po/zh_TW.po | 11 ++-
src/pacman/po/ar.po | 2 +-
src/pacman/po/ca.po | 2 +-
src/pacman/po/cs.po | 2 +-
src/pacman/po/da.po | 2 +-
src/pacman/po/de.po | 12 ++-
src/pacman/po/el.po | 2 +-
src/pacman/po/en_GB.po | 2 +-
src/pacman/po/eo.po | 2 +-
src/pacman/po/es.po | 9 +-
src/pacman/po/fa.po | 2 +-
src/pacman/po/fi.po | 2 +-
src/pacman/po/fr.po | 2 +-
src/pacman/po/gl.po | 63 +++++++-------
src/pacman/po/hr.po | 2 +-
src/pacman/po/hu.po | 2 +-
src/pacman/po/id.po | 2 +-
src/pacman/po/it.po | 2 +-
src/pacman/po/ja.po | 2 +-
src/pacman/po/kk.po | 2 +-
src/pacman/po/ko.po | 2 +-
src/pacman/po/lt.po | 196 +++++++++++++++++++++---------------------
src/pacman/po/nb.po | 30 ++++---
src/pacman/po/nl.po | 2 +-
src/pacman/po/pacman.pot | 4 +-
src/pacman/po/pl.po | 2 +-
src/pacman/po/pt.po | 16 ++--
src/pacman/po/pt_BR.po | 2 +-
src/pacman/po/ro.po | 73 ++++++++--------
src/pacman/po/ru.po | 6 +-
src/pacman/po/sk.po | 10 +--
src/pacman/po/sl.po | 2 +-
src/pacman/po/sr.po | 8 +-
src/pacman/po/sr at latin.po | 8 +-
src/pacman/po/sv.po | 2 +-
src/pacman/po/tr.po | 2 +-
src/pacman/po/uk.po | 2 +-
src/pacman/po/zh_CN.po | 2 +-
src/pacman/po/zh_TW.po | 2 +-
119 files changed, 1039 insertions(+), 525 deletions(-)
hooks/post-receive
--
The official pacman repository
More information about the pacman-dev
mailing list