========================================================================== Ubuntu Security Notice USN-4668-3 January 04, 2021 python-apt regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-4668-1 introduced a regression in python-apt. Software Description: - python-apt: Python interface to libapt-pkg Details: USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: python3-apt 2.1.3ubuntu1.3 Ubuntu 20.04 LTS: python-apt 2.0.0ubuntu0.20.04.3 python3-apt 2.0.0ubuntu0.20.04.3 Ubuntu 18.04 LTS: python-apt 1.6.5ubuntu0.5 python3-apt 1.6.5ubuntu0.5 Ubuntu 16.04 LTS: python-apt 1.1.0~beta1ubuntu0.16.04.11 python3-apt 1.1.0~beta1ubuntu0.16.04.11 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4668-3 https://usn.ubuntu.com/4668-1 https://launchpad.net/bugs/1907676 Package Information: https://launchpad.net/ubuntu/+source/python-apt/2.1.3ubuntu1.3 https://launchpad.net/ubuntu/+source/python-apt/2.0.0ubuntu0.20.04.3 https://launchpad.net/ubuntu/+source/python-apt/1.6.5ubuntu0.5 https://launchpad.net/ubuntu/+source/python-apt/1.1.0~beta1ubuntu0.16.04.11