[SECURITY] [DLA 4408-1] python-apt security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4408-1] python-apt security update
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Tue, 16 Dec 2025 01:22:04 +0530
Message-id: <[🔎] CAPP0f97FLLkciwwmNP-kXsrXdzmU1CeN569ZaopHtOicGq0XeA@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-4408-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
December 16, 2025                           https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : python-apt
Version        : 2.2.1.1
CVE ID         : CVE-2025-6966
Debian Bug     : 1122291

Julian Andres Klode discovered that python-apt, a Python interface to
libapt-pkg, incorrectly handled deb822 configuration files. An attacker
could use this issue to cause python-apt to crash, resulting in a
denial of service.

For Debian 11 bullseye, this problem has been fixed in version
2.2.1.1.

We recommend that you upgrade your python-apt packages.

For the detailed security status of python-apt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-apt

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmlAZs0ACgkQgj6WdgbD
S5bBSxAAzaSq2vZzynfpaQELbYfcb7oaAAfu2jX0xprpzvKwXaE+FRVFIMUkCvQm
BvgjR3DOm5LG2iWARYi4f0ucYjCcfekGDwqs2RDXRVlgo6BmrkXuwgZftaC6HsiN
rgO+5AB3N6j6KWp1k+XEJhHtOtCkdTp6BZ7OQGsGNpbL85rBeMzb/1WmPqZd0dHd
Z4xG51r4W4ie1UV3bbg71b+znDnHCP0vXf8ODykeu3nC6xSnOwEi4ZWcBX1SDxzX
yws7wcmIW+BWqd130oiuR+0urmE54bV5sIntYlAB5Y+Z5Wb5gT6OP8WUEX2y/nel
1t0wzY1lqvYZcwQZrz2DC3+zvJG9gU2PvecbdxhJ7TlZNv1Ki8Z67RNDlRfMVMdJ
pe442gSopBjuHCLOFhFA9GBvifRFlx2YALlvYQToK7vm3DQ1CKZ0VfGbI7VTjNhf
wsMrw1Zixboi1H5lgLCjt0dmyg39c72V1ngYTyKJeNImucjODvNwYVsYYTnQZd2t
DdJVGA5fi5pBX9Z0RFxMqdrEueUr3eSvpFgmotuGdnMCnvKDkU2i3wRUj92EWSu4
tvs2MYUKS6v+cbJOSxfe9/2et7ezeUESdiHiRp+cPWb3tSX9IExtmENCxHG/vzE1
AvM52qbix06abeKzyn8kBNEFQQa+CAU9XBf37Ll5VC4J5IjYJDc=
=8cFX
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4407-1] ruby-sidekiq security update
Next by Date: [SECURITY] [DLA 4409-1] paramiko security update
Previous by thread: [SECURITY] [DLA 4407-1] ruby-sidekiq security update
Next by thread: [SECURITY] [DLA 4409-1] paramiko security update
Index(es):
- Date
- Thread