On Sun, May 08, 2011 at 05:23:59PM -0400, Eric Cooper wrote:
> Alternatively, I can add a one-line patch to 4.5-1 that simply denies
> requests for InRelease files (forcing the clients to fall back to
> Release + Release.gpg files).
I have gone ahead with this approach; here is the patch against version 4.5-1:
diff --git a/approx.ml b/approx.ml
index c6ffa81..c966f9a 100644
--- a/approx.ml
+++ b/approx.ml
@@ -80,7 +80,8 @@ let not_modified () =
with older apt clients that do not support .bz2 *)
let should_deny name =
- (Release.is_index name && extension name = ".bz2") ||
+ (Release.is_index name && extension name <> ".gz") ||
+ Filename.basename name = "InRelease" ||
(pdiffs && Release.is_diff_index name &&
Release.valid_file (Pdiff.file_of_diff_index name ^ ".gz"))
diff --git a/debian/changelog b/debian/changelog
index c545c27..5db08f1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+approx (4.5-1+squeeze1) stable; urgency=low
+
+ * Deny requests for InRelease files, forcing clients to fall back to
+ Release and Release.gpg files.
+ * Deny requests for all non-gzipped index files, not just bz2 versions.
+
+ -- Eric Cooper <e...@cmu.edu> Tue, 10 May 2011 17:43:30 -0400
+
approx (4.5-1) unstable; urgency=low
* New upstream version
Please CC me on any discussion since I'm not subscribed. Thanks.
--
Eric Cooper e c c @ c m u . e d u
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110510220653.GD18542@localhost
