Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
You may download the new package
and check its checksum
$ sha256sum apt_220.127.116.11.4_amd64.deb
All the best to you!
Idézem/Quoting Patrick Schleizer <firstname.lastname@example.org>:
Is it possible to disable InRelease processing by apt-get?
Very short summary of the bug:
(my own words) During apt-get upgrading signature verification can be
tricked resulting in arbitrary package installation, system compromise.
How to upgrade from the insecure apt-get version 18.104.22.168.3 to the
patched apt-get version 22.214.171.124.4 without being compromised during that
Is it possible to disable InRelease processing by apt-get [for that
upgrade or generally]? And have it check Release.gpg (which is provided
+36-20-4242498 email@example.com skype: szepe.viktor
Budapest, III. kerület