apt-get install: regex isn't confirmed if it pulls exactly 1000 dependencies

Bug #366274 reported by Evgeny Kapun on 2009-04-24
Affects Status Importance Assigned to Milestone
apt (Ubuntu)

Bug Description

Binary package hint: apt

Ubuntu 9.04, apt

When 'apt-get install' is called with regular expression as its argument, it usually asks user for confirmation. However, it doesn't if packages matched by regular expression pull exactly 1000 packages as dependencies, not including themselves.

How to reproduce: download attached file and place it somewhere where apt will find it (path to it should look like /path/to/some/dir/dists/test/test/binary-your-arch/Packages.gz), add corresponding entry to sources.list (something like 'deb file:/path/to/some/dir test test'), run 'apt-get update' and then run 'apt-get install ^bad$'. Apt won't confirm installation of 1001 packages (it will probably ask about broken signature, but it wouldn't if signature were correct).

Evgeny Kapun (abacabadabacaba) wrote :
Charlie Kravetz (charlie-tca) wrote :

Thank you for submitting this report. Actually, apt refuses to install the packages if the signing key is missing. Is there any way to verify with a valid key? Can this still be reproduced using the latest development version of Ubuntu, Maverick Meerkat?

Changed in apt (Ubuntu):
status: New → Incomplete
Charlie Kravetz (charlie-tca) wrote :

We'd like to figure out what's causing this bug for you, but we haven't heard back from you in a while. Could you please provide the requested information? Thanks!

Charlie Kravetz (charlie-tca) wrote :

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Changed in apt (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments