@charcol0x89
malicious person
false hash
you
legit repo
apt -o Acquire::http::AllowRedirect=false update
apt -o Acquire::http::AllowRedirect=false upgrade
@charcol0x89
https://www.debian.org/security/2019/dsa-4371
@charcol0x89
https://usn.ubuntu.com/3863-2/
https://justi.cz/security/2019/01/22/apt-rce.html
@charcol0x89
Prevent unauthorised reading of your data
@charcol0x89
Confirmation from the sender the content is genuine
@charcol0x89
install apt-transport-https