Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252

To: adrelanos@riseup.net
Cc: debian-security@lists.debian.org, deity@lsits.debian.org
Subject: Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
From: Julian Andres Klode <jak@debian.org>
Date: Fri, 16 Dec 2016 00:35:12 +0100
Message-id: <[🔎] 20161216003213.GA26904@debian.org>
Mail-followup-to: Julian Andres Klode <jak@debian.org>, adrelanos@riseup.net, debian-security@lists.debian.org, deity@lsits.debian.org
In-reply-to: <[🔎] becd96d1-1196-8a44-a516-e8e2b0df2fd1@riseup.net>

(Adding deity@l.d.o to the loop, so we actually get to see things
 on the apt side)

Patrick Schleizer <adrelanos@riseup.net> wrote:
> Is it possible to disable InRelease processing by apt-get?

Not really. What you could do is:

(1) use a proxy that rejects InRelease files; or
(2) look at the InRelease file and see if it contains crap
    after you updated (if it looks OK, it's secure - you need
    fairly long lines to be able to break this)

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
                  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.

Reply to:

Follow-Ups:
- Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
  - From: Patrick Schleizer <adrelanos@riseup.net>

References:
- not getting compromised while applying apt-get upgrade for CVE-2016-1252
  - From: Patrick Schleizer <adrelanos@riseup.net>

Prev by Date: Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
Next by Date: Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
Previous by thread: Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
Next by thread: Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252
Index(es):
- Date
- Thread