I ran the Update Manager gui. When I asked it to install all the packages, it prompted me to make sure I wanted to install. There were 3 dropdown lists of packages, one of which was named "NOT AUTHORISED". So I went back and tried installing packages one at a time. I selected one called "ca-certificates", because I thought if I did that one it might make the others install without warnings, and I thought I'd get a chance to say no. But when I ran it with just that one package it just went ahead and installed without prompting me. And I think that one might have been on the naughty list the first time round. So now I've got a possibly malicious update.
How do I know whether this was legit? And if it wasn't, how do I remove it?
I don't see anything suspicious in either the console output or /var/log/dpkg.log, but I can post either if that's helpful.
I'm using Linux Mint version 1.17.3 with dpkg version 1.17.5. I don't know the version of Update Manager (but it's a file called /usr/lib/linuxmint/mintUpdate/mintUpdate.py).
/var/log/dpkg.log:
2017-11-05 12:12:26 startup archives unpack 2017-11-05 12:12:32 upgrade ca-certificates:all 20160104ubuntu0.14.04.1 20170717~14.04.1 2017-11-05 12:12:32 status half-configured ca-certificates:all 20160104ubuntu0.14.04.1 2017-11-05 12:12:32 status unpacked ca-certificates:all 20160104ubuntu0.14.04.1 2017-11-05 12:12:32 status half-installed ca-certificates:all 20160104ubuntu0.14.04.1 2017-11-05 12:12:32 status triggers-pending man-db:amd64 2.6.7.1-1ubuntu1 2017-11-05 12:12:33 status half-installed ca-certificates:all 20160104ubuntu0.14.04.1 2017-11-05 12:12:33 status unpacked ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:33 status unpacked ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:33 trigproc man-db:amd64 2.6.7.1-1ubuntu1 2.6.7.1-1ubuntu1 2017-11-05 12:12:33 status half-configured man-db:amd64 2.6.7.1-1ubuntu1 2017-11-05 12:12:34 status installed man-db:amd64 2.6.7.1-1ubuntu1 2017-11-05 12:12:35 startup packages configure 2017-11-05 12:12:35 configure ca-certificates:all 20170717~14.04.1 <none> 2017-11-05 12:12:35 status unpacked ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:35 status half-configured ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:37 status installed ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:37 status triggers-pending ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:38 trigproc ca-certificates:all 20170717~14.04.1 <none> 2017-11-05 12:12:38 status half-configured ca-certificates:all 20170717~14.04.1 2017-11-05 12:12:43 status installed ca-certificates:all 20170717~14.04.1 console output from update:
(synaptic:12479): GLib-CRITICAL **: g_child_watch_add_full: assertion 'pid > 0' failed Preconfiguring packages ... (Reading database ... 180668 files and directories currently installed.) Preparing to unpack .../ca-certificates_20170717~14.04.1_all.deb ... Unpacking ca-certificates (20170717~14.04.1) over (20160104ubuntu0.14.04.1) ... Processing triggers for man-db (2.6.7.1-1ubuntu1) ... Setting up ca-certificates (20170717~14.04.1) ... Processing triggers for ca-certificates (20170717~14.04.1) ... Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate certificate Go_Daddy_Class_2_CA.pem WARNING: Skipping duplicate certificate Go_Daddy_Class_2_CA.pem 17 added, 42 removed; done. Running hooks in /etc/ca-certificates/update.d.... Adding debian:AC_RAIZ_FNMT-RCM.pem Adding debian:Amazon_Root_CA_1.pem Adding debian:Amazon_Root_CA_2.pem Adding debian:Amazon_Root_CA_3.pem Adding debian:Amazon_Root_CA_4.pem Adding debian:Certplus_Root_CA_G1.pem Adding debian:Certplus_Root_CA_G2.pem Adding debian:Certum_Trusted_Network_CA_2.pem Adding debian:Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem Adding debian:ISRG_Root_X1.pem Adding debian:LuxTrust_Global_Root_2.pem Adding debian:OpenTrust_Root_CA_G1.pem Adding debian:OpenTrust_Root_CA_G2.pem Adding debian:OpenTrust_Root_CA_G3.pem Adding debian:SZAFIR_ROOT_CA2.pem Adding debian:TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem Removing debian:AC_Raíz_Certicámara_S.A..pem Removing debian:ApplicationCA_-_Japanese_Government.pem Removing debian:Buypass_Class_2_CA_1.pem Removing debian:CA_Disig.pem Removing debian:ComSign_CA.pem Removing debian:EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem Removing debian:Equifax_Secure_CA.pem Removing debian:Equifax_Secure_Global_eBusiness_CA.pem Removing debian:Equifax_Secure_eBusiness_CA_1.pem Removing debian:IGC_A.pem Removing debian:Juur-SK.pem Removing debian:Microsec_e-Szigno_Root_CA.pem Removing debian:NetLock_Business_=Class_B=_Root.pem Removing debian:NetLock_Express_=Class_C=_Root.pem Removing debian:NetLock_Notary_=Class_A=_Root.pem Removing debian:NetLock_Qualified_=Class_QA=_Root.pem Removing debian:RSA_Security_2048_v3.pem Removing debian:Root_CA_Generalitat_Valenciana.pem Removing debian:S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem Removing debian:Sonera_Class_1_Root_CA.pem Removing debian:Staat_der_Nederlanden_Root_CA.pem Removing debian:StartCom_Certification_Authority.pem Removing debian:StartCom_Certification_Authority_2.pem Removing debian:StartCom_Certification_Authority_G2.pem Removing debian:SwissSign_Platinum_CA_-_G2.pem Removing debian:TC_TrustCenter_Class_3_CA_II.pem Removing debian:UTN_USERFirst_Email_Root_CA.pem Removing debian:Verisign_Class_1_Public_Primary_Certification_Authority.pem Removing debian:Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem Removing debian:Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem Removing debian:Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem Removing debian:Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem Removing debian:Verisign_Class_3_Public_Primary_Certification_Authority.pem Removing debian:Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem Removing debian:Verisign_Class_3_Public_Primary_Certification_Authority_2.pem Removing debian:WellsSecure_Public_Root_Certificate_Authority.pem Removing debian:WoSign.pem Removing debian:WoSign_China.pem Removing debian:CA_WoSign_ECC_Root.pem Removing debian:Certification_Authority_of_WoSign_G2.pem Removing debian:S-TRUST_Universal_Root_CA.pem Removing debian:TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem done. done. 
/etc/apt/sources.listand any files in the directory/etc/apt/sources.d/dpkg.logsays the package was calledca-certificates, so I added that to the question.