apt (2.9.24) unstable; urgency=medium
/etc/apt/trusted.gpg is no longer trusted. Setting the Dir::Etc::trusted
option manually continues to work for some more time.
sources.list(5) entries without the Signed-By field are deprecated;
migrate any legacy entries to the deb822 .sources format. See the
apt-secure(8) manual page for best practices for signer configuration.
This deprecates the /etc/apt/trusted.gpg.d directory.
-- Julian Andres Klode <jak@debian.org> Tue, 21 Jan 2025 12:17:36 +0100
apt (2.9.19) unstable; urgency=medium
This release switches to OpenSSL for hashing and TLS, replacing the
GnuTLS and gcrypt libraries.
This release switches to Sequoia for OpenPGP verification on supported
Debian platforms. A Sequoia policy override enabling SHA1 self-signatures
until 2026 is included. To override the policy, the following environment
variables and files are considered:
* The APT_SEQUOIA_CRYPTO_POLICY environment variable, and failing that:
- /etc/crypto-policies/back-ends/apt-sequoia.config,
- /var/lib/crypto-config/profiles/current/apt-sequoia.config
* The SEQUOIA_CRYPTO_POLICY environment variable, and failing that:
- /etc/crypto-policies/back-ends/sequoia.config
- /var/lib/crypto-config/profiles/current/sequoia.config
-- Julian Andres Klode <jak@debian.org> Mon, 23 Dec 2024 12:16:22 +0100
apt (2.9.15) unstable; urgency=medium
This release stops using apt-key to verify the signatures.
Final call to stop using it before it's gone next week.
Please note that due to the switch to internal verification, APT now
has the same requirements on files in trusted.gpg.d as for other .d
directories: Only alphanumerical characters, '_', '-', ':' and '.'
are supported, other characters such as '@' cause the file to silently
be ignored.
-- Julian Andres Klode <jak@debian.org> Thu, 28 Nov 2024 19:31:24 +0100
apt (2.9.11) unstable; urgency=medium
The ftp, rsh, and ssh methods have been removed. They have been unsupported
and disabled since 1.8. Please, migrate to http(s) instead, or contribute
an sftp method.
If you need ad hoc access to a remote repository, you can usually run
`python3 -m http.server` on that machine and use SSH port forwarding to
run HTTP over SSH.
-- Julian Andres Klode <jak@debian.org> Thu, 07 Nov 2024 14:02:07 +0100
apt (2.5.2) unstable; urgency=medium
Installing or upgrading a binary package now upgrades other binaries from
the same source package if they have the same candidate version. You can
disable this by setting `APT::Get::Upgrade-By-Source-Package` to `false`.
-- Julian Andres Klode <juliank@ubuntu.com> Sun, 24 Jul 2022 15:45:15 +0200
apt (2.4.0) unstable; urgency=medium
GPG verification now first tries only the trusted.gpg.d keys, before
then falling back to the legacy trusted.gpg keyring and issuing a
warning to migrate keys if verification succeeded in the fallback.
-- Julian Andres Klode <jak@debian.org> Tue, 22 Feb 2022 20:01:00 +0100
apt (2.3.12) unstable; urgency=medium
The solver will no longer try to remove Essential or Protected packages,
any dependency problem that would need such a solution will have to be
resolved manually.
The "Yes, do as I say" prompt for removing essential packages has been
replaced by an error message. The appropriate command-line option needs
to be used instead.
Thank you to Linus Tech Tips and System76 for bringing this issue
to our attention.
-- Julian Andres Klode <jak@debian.org> Wed, 17 Nov 2021 18:26:40 +0100
apt (2.1.16) unstable; urgency=medium
Automatically remove unused kernels on apt {dist,full}-upgrade. To revert
to previous behavior, set APT::Get::AutomaticRemove::Kernels to false or
pass --no-auto-remove to the command. apt-get remains unchanged.
Packages files can now set the Phased-Update-Percentage field to restrict
update rollout to a specified percentage of machines. Previously, this has
only been available to users of Ubuntu's update-manager tool. See
apt_preferences(5) for details and how to configure multiple systems to get
the same updates. Phased updates are disabled in chroots for now to not
break buildd-style setups.
-- Julian Andres Klode <jak@debian.org> Fri, 08 Jan 2021 22:01:50 +0100
apt (1.9.11) experimental; urgency=medium
apt(8) now waits for the lock indefinitely if connected to a tty, or
for 120 seconds if not.
-- Julian Andres Klode <jak@debian.org> Wed, 26 Feb 2020 20:30:33 +0100
apt (1.9.6) experimental; urgency=medium
apt(8) no longer treats package names passed as regular expressions or fnmatch
expressions, requiring the use of patterns (apt-patterns(7)) to perform complex
searches. For ease of use, regular expressions starting with ^ or ending with
$ continue to work.
This fixes the problem where e.g. g++ could mean either "the package g++"
or, if there is no g++ package, "all packages containing g". This change
will propagate to apt-* after the release of Debian bullseye.
-- Julian Andres Klode <jak@debian.org> Wed, 15 Jan 2020 21:45:18 +0100
apt (1.9.5) unstable; urgency=medium
Credentials in apt_auth.conf(5) now only apply to https and tor+https
sources to avoid them being leaked over plaintext (Closes: #945911). To
opt-in to http, add http:// before the hostname. Note that this will transmit
credentials in plain text, which you do not want on devices that could be
operating in an untrusted network.
-- Julian Andres Klode <juliank@ubuntu.com> Mon, 02 Dec 2019 11:45:52 +0100
Generated by dwww version 1.16 on Tue Dec 16 05:22:09 CET 2025.