Thank you for using Ubuntu and reporting a bug. Based on the information you have provided, aptitude is correctly erroring out on the 'malformed' files, and should not be executing any code as a result. It is theoretically possible for a malicious server to improper files, but the signatures would not match. It might be possible to replay valid old files to prevent you from updating, but this is rather convoluted, is an old issue and fixed in Ubuntu (bug #247445). Replay attacks against security mirrors are also discussed here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499897
** Bug watch added: Debian Bug tracker #499897 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499897 ** Changed in: aptitude (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. https://bugs.launchpad.net/bugs/781132 Title: corrupted /var/lib/apt/lists -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
