> "patch" That would certainly be useful.
But seriously, complaining over semi-broken captive portals? You need a vacation. Fixing an unknown number, but probably hundreds of thousands, broken routers mostly operated by non-tech-savvy people is not going to happen in a timely manner. They will get replaced when they fail and the replacements will have a new set of bugs. So where do we stand? 1. APT cannot recover from receiving broken files. This is *not* just the result of captive portals. Truncated files -- even zero-length files -- seem to cause it trouble too. 2. Anyone with a router can stop a user from getting security updates from then on. Just hand out an IP address and serve a broken file. Yes, that really is a security issue. *You* need to stop blaming the messengers. The problem here is cutting corners in the design: putting that amount of trust on the network is not "best practices" and hasn't been for 3-4 decades. I probably shouldn't write all this without being constructive myself, so here goes: Item 1 seems to be fixable with a basic syntax check on the file. If the check fails, toss the file and life goes on. Item 2 is much trickier. A full fix probably requires signatures or strong checksums, i.e., it cannot happen in APT alone, but APT could certainly issue a "HEAD" request and verify basic things like file length. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/756317 Title: Captive portals may corrupt apt package lists To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/756317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs