Re: Apt-get is insecure

To: Samuli Suonpaa <suonpaa@iki.fi>
Cc: debian-security@lists.debian.org
Subject: Re: Apt-get is insecure
From: Hans-JoachimPicht <hans@picht.org>
Date: Thu, 13 Dec 2001 16:45:07 +0100
Message-id: <[🔎] 200112131545.fBDFj7QR005135@Turing.picht.org>
In-reply-to: <[🔎] 877krr2ks9.fsf@puck.erasmus.jurri.net>
References: <[🔎] 20011213172418.A25716@karjala.org> <[🔎] 20011213152447.GV14968@wiggy.net> <[🔎] 877krr2ks9.fsf@puck.erasmus.jurri.net>

On 13 Dec 2001 17:37:42 +0200
Samuli Suonpaa <suonpaa@iki.fi> wrote:

> Umm... What exactly did you mean with your one-liner?

hans@Turing:~/tmp/email$ apt-cache search sign |grep debsig
debsig-verify - Debian Package Signature Verification Tool
debsigs - Utility for creating signatures in .deb

hans@Turing:~/tmp/email$ apt-cache show debsigs
Package: debsigs
Priority: optional
Section: non-US
Installed-Size: 58
Maintainer: John Goerzen <jgoerzen@complete.org>
Architecture: all
Version: 0.1.7
Depends: perl
Filename: pool/non-US/main/d/debsigs/debsigs_0.1.7_all.deb
Size: 13372
MD5sum: 139ada2774cfb53eec6892c38f379e0f
Description: Utility for creating signatures in .deb
 debsigs is a program that allows GPG signatures to be embedded
 inside .deb packages.  These signatures can later be verified to ensure
 the authenticity of the contents of the .deb.

Are you sure that you've included a non-US Mirror in our /etc/apt/sources.list ?

With best regards

	Hans
-- 
Hans-Joachim Picht, Consultant	<h.picht@lnxce.net> 
Linux Consulting Europe	http://www.lnxce.net
Vogelhecke 2	D - 35447 Reiskirchen	Tel: +491751629201 
Fax: +49640862649	Germany

Reply to:

References:
- Apt-get is insecure
  - From: Alexander Karelas <karjala_lists@yahoo.co.uk>
- Re: Apt-get is insecure
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: Apt-get is insecure
  - From: Samuli Suonpaa <suonpaa@iki.fi>

Prev by Date: Re: Apt-get is insecure
Next by Date: Re: Apt-get is insecure
Previous by thread: Re: Apt-get is insecure
Next by thread: Re: Apt-get is insecure
Index(es):
- Date
- Thread