Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
avereveard
on Jan 22, 2019
|
parent
|
context
|
favorite
| on:
Remote code execution vulnerability in apt/apt-get
also, the apt way to fix this would be to a) move release.gpg out of the package path and b) require the release.gpg to be wrapped and signed with the previous valid key instead of being accepted blindly
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
