5 comments

[ 2.6 ms ] story [ 27.3 ms ] thread
Please use the original title.
Ironic, given the previous discussion on why apt shouldn't use HTTPS connections. With full end-to-end SSL validation, this kind of vulnerability can't exist. Should be interesting to see how the community reacta to this.