Source: python-apt Version: 3.0.0 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for python-apt. CVE-2025-6966[0]: | NULL pointer dereference in TagSection.keys() in python-apt on APT- | based Linux systems allows a local attacker to cause a denial of | service (process crash) via a crafted deb822 file with a malformed | non-UTF-8 key. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-6966 https://www.cve.org/CVERecord?id=CVE-2025-6966 [1] https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2091865 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
