USN-7916-1: python-apt vulnerability

USN-7916-1: python-apt vulnerability
Publication date: 9 December 2025
Overview: python-apt could be made to crash if it opened a specially crafted file.

Packages
python-apt - Python interface to libapt-pkg

Details
Julian Andres Klode discovered that python-apt incorrectly handled
deb822 configuration files. An attacker could use this issue to cause
python-apt to crash, resulting in a denial of service.

Update instructions
The problem can be corrected by updating your system to the following package versions:

25.10 questing

• python-apt-dev – 3.0.0ubuntu1.1
• python3-apt – 3.0.0ubuntu1.1

25.04 plucky

• python-apt-dev – 3.0.0ubuntu0.25.04.1
• python3-apt – 3.0.0ubuntu0.25.04.1

24.04 LTS noble

• python-apt-dev – 2.7.7ubuntu5.1
• python3-apt – 2.7.7ubuntu5.1

22.04 LTS jammy

• python-apt-dev – 2.4.0ubuntu4.1
• python3-apt – 2.4.0ubuntu4.1

20.04 LTS focal

• python-apt – 2.0.1ubuntu0.20.04.1+esm1
• python-apt-dev – 2.0.1ubuntu0.20.04.1+esm1
• python3-apt – 2.0.1ubuntu0.20.04.1+esm1

18.04 LTS bionic

• python-apt – 1.6.6ubuntu0.1~esm1
• python-apt-dev – 1.6.6ubuntu0.1~esm1
• python3-apt – 1.6.6ubuntu0.1~esm1

16.04 LTS xenial

• python-apt – 1.1.0~beta1ubuntu0.16.04.12+esm1
• python-apt-dev – 1.1.0~beta1ubuntu0.16.04.12+esm1
• python3-apt – 1.1.0~beta1ubuntu0.16.04.12+esm1

14.04 LTS trusty

• python-apt – 0.9.3.5ubuntu3+esm5
• python-apt-dev – 0.9.3.5ubuntu3+esm5
• python3-apt – 0.9.3.5ubuntu3+esm5