Support for older APT clients

When mirroring this repository into Landscape, I get the following error:

```
Cannot parse './lists/update-stable_%2F_flat_InRelease': found no signature but does not looks safe to be assumed unsigned, either.
```

We're running the Landscape 24.04 LTS release with the latest updates.

While I can't quite point out the root cause, I do believe the items below would help support additional APT clients which might use different signature options, including Landscape:

- Support additional [release signatures](https://wiki.debian.org/DebianRepository/Format#MD5Sum.2C_SHA1.2C_SHA256), at least `SHA256` along with the existing `SHA512`, and perhaps others.
- Include the `Release.gpg` signature file as mentioned in DebianRepository [format guildeline](https://wiki.debian.org/DebianRepository/Format).

The guideline has this to say about signature algorithms, although most major repositories support it, such as [Kubernetes](https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.32/deb/InRelease), which is one the many mirrors we currently maintain.

```
Clients may not use the MD5Sum and SHA1 fields for security purposes, and must require a SHA256 or a SHA512 field.
```



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Support for older APT clients #323

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Support for older APT clients #323

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions