[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apt-get is insecure

On 13 Dec 2001 17:37:42 +0200
Samuli Suonpaa <suonpaa@iki.fi> wrote:

> Umm... What exactly did you mean with your one-liner?

hans@Turing:~/tmp/email$ apt-cache search sign |grep debsig
debsig-verify - Debian Package Signature Verification Tool
debsigs - Utility for creating signatures in .deb

hans@Turing:~/tmp/email$ apt-cache show debsigs
Package: debsigs
Priority: optional
Section: non-US
Installed-Size: 58
Maintainer: John Goerzen <jgoerzen@complete.org>
Architecture: all
Version: 0.1.7
Depends: perl
Filename: pool/non-US/main/d/debsigs/debsigs_0.1.7_all.deb
Size: 13372
MD5sum: 139ada2774cfb53eec6892c38f379e0f
Description: Utility for creating signatures in .deb
 debsigs is a program that allows GPG signatures to be embedded
 inside .deb packages.  These signatures can later be verified to ensure
 the authenticity of the contents of the .deb.

Are you sure that you've included a non-US Mirror in our /etc/apt/sources.list ?

With best regards

Hans-Joachim Picht, Consultant	<h.picht@lnxce.net> 
Linux Consulting Europe	http://www.lnxce.net
Vogelhecke 2	D - 35447 Reiskirchen	Tel: +491751629201 
Fax: +49640862649	Germany 

Reply to: