> ...circumvent the signature of the InRelease file, leading to arbitrary
code execution.
> For the stable distribution (jessie), this problem has been fixed in version 1.0.9.8.4.
> For the unstable distribution (sid), this problem has been fixed in version 1.4~beta2.
> We recommend that you upgrade your apt packages.
Good find, Project Zero!
