Matt Zimmerman wrote: > On Sun, Dec 28, 2003 at 02:28:18PM -0800, Matt Zimmerman wrote: > > > apt 0.5 downloads dists/<dist>/<section>/<binary,source>/Release for use in > > policy calculations. apt 0.6 does not download that file at all, and > > downloads dists/<dist>/Release for use in authentication. However, 0.6 > > still tries to read dists/<dist>/<section>/<binary,source>/Release, which > > has not been downloaded. > > > > This could be fixed one of two ways: > > > > 1. Use dists/<dist>/Release for both purposes (authentication and pinning). > > This is trivial, and works fine for the Debian archive (dists/<dist>/Release > > is more or less a superset of > > dists/<dist>/<section>/<binary,source>/Release), but could have unknown > > effects for third-party repositories which provide per-section Release > > files. > > > > 2. Continue to download them all. This requires some further changes to the > > apt-secure code. > > > > Personally, I find the distinction between these two types of Release files > > to be confusing, and would prefer (1) as it is much simpler. However, I > > don't know whether there is a rationale for why things were done as they > > were for apt-secure, and whether the top-level Release file is intended to > > replace the others. > > After discussing this with Colin Walters, I've implemented (1.) in apt > 0.6.4, which has been uploaded to experimental. Somewhat offtopic, but is there any documentation of the format and fields in Release files anywhere at all? Or did they spring full-fledged (and undocumented) from the sweaty brows of Aj and Jason? :-) -- see shy jo
Attachment:
signature.asc
Description: Digital signature