Package: aptitude
Version: 0.8.7-1

Just as a followup on this (despite opening the bug I didn't receive
mail from it after the first response??) -
src/cmdline/cmdline_changelog.cc:do_cmdline_changelog has the following
comment:

========================================================================

      // For real packages/versions, we can do a sanity check on the
      // version and warn the user if it looks like it doesn't have a
      // corresponding source package.

========================================================================

It then proceeds to use aptitude::apt::check_valid_origin shortly after
- so it isn't a security check etc.

The other usage is in src/view_changelog.cc:view_changelog, where it is
probably used as a crutch to avoid validating the changelog data directly:

========================================================================

  // check if we know the origin
  if ( ! aptitude::apt::check_valid_origin(ver) )
    {
      check_apt_errors();
      return;
    }

...<proceeds to start processing the data>

========================================================================

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Aptitude-devel mailing list
Aptitude-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/aptitude-devel

Reply via email to