In the paper, they compromise not only the pgp key but also the Debian update server address, so all that is necessary is a software update to be compromised.