incorrect pregenerated Release file for extras.ubuntu.com

This was hitting new maverick installations (extras.ubuntu.com is a couple of weeks old), but has been worked around by touching its Release.

I think apt-setup-signed-release's behaviour is correct - the bug is in the calling script. Note that each apt-setup generator uses a different temporary file, and apt-setup-signed-release is only ever called on a single such file. Each generator normally only outputs sources.list lines for a single archive.

The proper fix, I think, is to move extras.ubuntu.com to a separate generator.

The same applies to archive.canonical.com for partner. I think that we should move both of these into the services-select framework.

This bug was fixed in the package apt-setup - 1:0.48ubuntu1

---------------
apt-setup (1:0.48ubuntu1) natty; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Install the Ubuntu mirror generator instead of Debian's.
    - Set apt-setup/security_host to security.ubuntu.com, or
      ports.ubuntu.com on ports architectures; adjust directory and
      distribution to match.
    - Add security sources for restricted, universe, and multiverse,
      commented out unless the respective components are enabled. Disable
      security generator checks for contrib and non-free.
    - For CD installs, leave the sources.list created by apt-setup in
      /etc/apt/sources.list.apt-setup, and restore the sources.list created
      during base installation for the rest of the installation.
    - Honour OVERRIDE_BASE_INSTALLABLE when checking
      /cdrom/.disk/base_installable.
    - Set the mirror verification timeout to 30 seconds.
    - Disable the volatile service for Ubuntu, and don't ask the
      apt-setup/services-select question.
    - Always disable the CD at the end of installation if any mirrors are
      present, even if it's a complete CD.
    - Pre-populate apt's lists directory with signed Release files for
      archive.ubuntu.com (and mirrors) and security.ubuntu.com, to protect
      against downgrade attacks right from initial installation.
    - Run 'apt-get update' for all sources.list lines produced by a single
      generator in one go, and don't comment out sources.list lines if it
      fails.
    - Make the path to security updates configurable, as well as the host.
    - Remove restricted from cdrom entry if apt-setup/restricted is false.
    - Allow preseeding apt-setup/partner to enable the partner repository,
      and apt-setup/extras to enable extras.ubuntu.com.
    - Make sure apt-cdrom doesn't unmount the CD if cd_type ends with
      /single.
    - Enable all network sources, including security updates, even if the
      network is unconfigured.
    - Honour apt-setup/restricted, apt-setup/universe, and
      apt-setup/multiverse when writing -backports lines.
    - Check to make sure the CD filesystem is iso9660 before remounting it
      as such. Do not write a CD identifier if we're not working with
      iso9660 so pkgsel does not try to unmount such disks.
    - Run 'apt-get update', without downloading package lists or cleaning up
      old files, after moving the sources.list generated during base system
      installation back into place.
    - If OVERRIDE_LEAVE_CD_MOUNTED is set, don't unmount /cdrom; this is a
      bad idea in a live CD environment!
    - Bail out cleanly from cdrom generator if /cdrom/.disk/info doesn't
      exist or has zero size.
  * Add Release files for natty.
  * Move partner and extras to the services-select framework, customised for
    Ubuntu (LP: #657176).

apt-setup (1:0.48) unstable; urgency=low

  * Set LC_ALL=C when calling 'apt-cdrom ident', since we parse its output.
    Broken by the change in 1:0.47 to use chroot-setup.sh, which sets LANG.
  * Ask apt-setup/cdrom/media-change at critical priority, since we'll enter
    an infinite loop if it isn't presen...