Package: aptitude Version: 0.8.7-1 Just as a followup on this (despite opening the bug I didn't receive mail from it after the first response??) - src/cmdline/cmdline_changelog.cc:do_cmdline_changelog has the following comment:
========================================================================
// For real packages/versions, we can do a sanity check on the
// version and warn the user if it looks like it doesn't have a
// corresponding source package.
========================================================================
It then proceeds to use aptitude::apt::check_valid_origin shortly after
- so it isn't a security check etc.
The other usage is in src/view_changelog.cc:view_changelog, where it is
probably used as a crutch to avoid validating the changelog data directly:
========================================================================
// check if we know the origin
if ( ! aptitude::apt::check_valid_origin(ver) )
{
check_apt_errors();
return;
}
...<proceeds to start processing the data>
========================================================================
signature.asc
Description: OpenPGP digital signature
