[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: not getting compromised while applying apt-get upgrade for CVE-2016-1252

(Adding deity@l.d.o to the loop, so we actually get to see things
 on the apt side)

Patrick Schleizer <adrelanos@riseup.net> wrote:
> Is it possible to disable InRelease processing by apt-get?

Not really. What you could do is:

(1) use a proxy that rejects InRelease files; or
(2) look at the InRelease file and see if it contains crap
    after you updated (if it looks OK, it's secure - you need
    fairly long lines to be able to break this)

Debian Developer - deb.li/jak | jak-linux.org - free software dev
                  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.

Reply to: