Goswin von Brederlow wrote: > > dpkg that it is downgrading the package, and a clever attacker might > > avoid even that. > > How would you avoid it?
Make the replacement package really be a different package entirely, of a higher version than the package it purports to replace. I think aj had some more examples along these lines the last time this came up. -- see shy jo
signature.asc
Description: Digital signature
