Comment 20 for bug 346386

Fixed in the debian-sid branch

------------------------------------------------------------
revno: 2126
revision-id: <email address hidden>
parent: <email address hidden>
fixes bug(s): http://bugs.debian.org/195301 https://launchpad.net/bugs/346386
committer: Julian Andres Klode <email address hidden>
branch nick: debian-sid
timestamp: Mon 2011-05-30 14:04:01 +0200
message:
  apt-pkg/acquire-item.cc: Reject files known to be invalid (LP: #346386) (Closes: #195301)

  This commit deals with the following cases:

    - First section of index file (Packages,Sources,Translation) without Package field
    - Signed release files without GPG data (NODATA)
    - i18n/Index files without hash sums

  Handling unsigned Release files is more complicated, and the example code
  using indexRecords is disabled as it can reject correct Release files
  without hashes. How we can reliably check unsigned Release files is
  another question, and not urgent anyway, as it should have no
  dramatic effect (we could check that it is a valid RFC-822 section,
  but that's a bit too long to write)