Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
(Adding firstname.lastname@example.org to the loop, so we actually get to see things
on the apt side)
Patrick Schleizer <email@example.com> wrote:
> Is it possible to disable InRelease processing by apt-get?
Not really. What you could do is:
(1) use a proxy that rejects InRelease files; or
(2) look at the InRelease file and see if it contains crap
after you updated (if it looks OK, it's secure - you need
fairly long lines to be able to break this)
Debian Developer - deb.li/jak | jak-linux.org - free software dev
| Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline'). Thank you.