From 55971004215609a02ca19c59bd058da20729ba11 Mon Sep 17 00:00:00 2001
From: Michael Vogt <egon@debian-devbox>
Date: Thu, 14 Mar 2013 14:26:43 +0100
Subject: * SECURITY UPDATE: InRelease verification bypass   - CVE-2013-1051

* apt-pkg/deb/debmetaindex.cc,
  test/integration/test-bug-595691-empty-and-broken-archive-files,
  test/integration/test-releasefile-verification:
  - disable InRelease downloading until the verification issue is
    fixed, thanks to Ansgar Burchardt for finding the flaw
---
 test/integration/test-releasefile-verification | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'test/integration/test-releasefile-verification')

diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index d3ea91de5..01fb2e529 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -184,5 +184,5 @@ runtest2
 
 DELETEFILE="InRelease"
 runtest
-DELETEFILE="Release.gpg"
-runtest
+#DELETEFILE="Release.gpg"
+#runtest
-- 
cgit v1.2.3