this problem can be avoided for a user himself if he does this way:
edit /etc/apt/sources.list and put a mirror instead of
http://security.debian.org/debian-security/ .
( for example, http://mirror.yandex.ru/debian-security/ ).
then, after some time, after he runs "apt update", Release file from
Hi,
On Fri, Nov 22, 2019 at 03:20:45PM +0300, dinar qurbanov wrote:
> so, in order to serve a package with malware to a
> user, disrtribution/repository admins would have to also serve wrong
> "packages" and "release" files to him. so, if user checks the
> "release" file, that it is ok, enough,
Package: apt
Version: 1.8.2
it would be good, if users of linux distributions generally use to
check, at least time to time, whether they get same packages as all
users get. that would be a factor to distribution owners and admins to
be more afraid to serve malware only to some of users.
how it
3 matches
Mail list logo
