<listitem><para><literal>Mirror network compromise</literal>.
Without signature checking, a malicious agent can compromise a
- mirror host and modify the files in it to propage malicious
+ mirror host and modify the files in it to propagate malicious
software to all users downloading packages from that
host.</para></listitem>
</itemizedlist>
<listitem><para><literal>Create a toplevel Release
file</literal>. if it does not exist already. You can do this
by running <command>apt-ftparchive release</command>
- (provided inftp apt-utils).</para></listitem>
+ (provided in apt-utils).</para></listitem>
<listitem><para><literal>Sign it</literal>. You can do this by running
<command>gpg -abs -o Release.gpg Release</command>.</para></listitem>
&debsign; &debsig-verify;, &gpg;
</para>
-<para>For more backgound information you might want to review the
+<para>For more background information you might want to review the
<ulink
url="http://www.debian.org/doc/manuals/securing-debian-howto/ch7.en.html">Debian
Security Infrastructure</ulink> chapter of the Securing Debian Manual