+ <varlistentry><term><option>MaxReleaseFileSize</option></term>
+ <listitem><para>
+ The maximum file size of Release/Release.gpg/InRelease files.
+ The default is 10MB.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry><term><option>EnableSrvRecords</option></term>
+ <listitem><para>
+ This option controls if apt will use the DNS SRV server record
+ as specified in RFC 2782 to select an alternative server to
+ connect to.
+ The default is "true".
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry><term><option>AllowInsecureRepositories</option></term>
+ <listitem><para>
+ Allow the update operation to load data files from
+ a repository without a trusted signature. If enabled this
+ option no data files will be loaded and the update
+ operation fails with a error for this source. The default
+ is false for backward compatibility. This will be changed
+ in the future.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry><term><option>AllowDowngradeToInsecureRepositories</option></term>
+ <listitem><para>
+ Allow that a repository that was previously gpg signed to become
+ unsigned durign a update operation. When there is no valid signature
+ of a previously trusted repository apt will refuse the update. This
+ option can be used to override this protection. You almost certainly
+ never want to enable this. The default is false.
+
+ Note that apt will still consider packages from this source
+ untrusted and warn about them if you try to install
+ them.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry><term><option>Changelogs::URI</option> scope</term>
+ <listitem><para>
+ Acquiring changelogs can only be done if an URI is known from where to get them.
+ Preferable the Release file indicates this in a 'Changelogs' field. If this isn't
+ available the Label/Origin field of the Release file is used to check if a
+ <literal>Acquire::Changelogs::URI::Label::<replaceable>LABEL</replaceable></literal> or
+ <literal>Acquire::Changelogs::URI::Origin::<replaceable>ORIGIN</replaceable></literal> option
+ exists and if so this value is taken. The value in the Release file can be overridden
+ with <literal>Acquire::Changelogs::URI::Override::Label::<replaceable>LABEL</replaceable></literal>
+ or <literal>Acquire::Changelogs::URI::Override::Origin::<replaceable>ORIGIN</replaceable></literal>.
+
+ The value should be a normal URI to a text file, except that package specific data is
+ replaced with the placeholder <literal>@CHANGEPATH@</literal>. The
+ value for it is: 1. if the package is from a component (e.g. <literal>main</literal>)
+ this is the first part otherwise it is omitted, 2. the first letter of source package name,
+ except if the source package name starts with '<literal>lib</literal>' in which case it will
+ be the first four letters. 3. The complete source package name. 4. the complete name again and
+ 5. the source version.
+ The first (if present), second, third and fourth part are separated by a slash ('<literal>/</literal>')
+ and between the fourth and fifth part is an underscore ('<literal>_</literal>').
+
+ The special value '<literal>no</literal>' is available for this option indicating that
+ this source can't be used to acquire changelog files from. Another source will be tried
+ if available in this case.
+ </para></listitem>
+ </varlistentry>
+