[Bug 2137070] Re: python3-apt 2.0.1ubuntu0.20.04.1+esm1 version does not comply with PEP 440

Sudhakar Verma 2137070 at bugs.launchpad.net
Wed Jan 14 06:35:43 UTC 2026 

I'll be uploading this to the -proposed

$ head debian/changelog
python-apt (2.0.1ubuntu0.20.04.2esm2) focal-security; urgency=medium

  * SECURITY REGRESSION: PEP 440 incompatible version string (LP: #2137070)
    - Fix version to be compatible with PEP 440

 -- Sudhakar Verma <sudhakar.verma at canonical.com>  Wed, 14 Jan 2026
11:20:20 +0530

python-apt (2.0.1ubuntu0.20.04.1+esm1) focal-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (LP: #2091865)

$ cat target/usr/lib/python3/dist-packages/python_apt-2.0.1+ubuntu0.20.4.2esm2.egg-info/PKG-INFO
Metadata-Version: 1.0
Name: python-apt
Version: 2.0.1+ubuntu0.20.4.2esm2
Summary: Python bindings for APT
Home-page: UNKNOWN
Author: APT Development Team
Author-email: deity at lists.debian.org
License: GNU GPL
Description: UNKNOWN
Platform: posix


which should work

In [1]: from packaging.version import parse, Version

In [2]: Version("2.0.1+ubuntu0.20.4.2esm2")
Out[2]: <Version('2.0.1+ubuntu0.20.4.2esm2')>

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to python-apt in Ubuntu.
https://bugs.launchpad.net/bugs/2137070

Title:
  python3-apt 2.0.1ubuntu0.20.04.1+esm1 version does not comply with PEP
  440

Status in Ubuntu Pro:
  New
Status in python-apt package in Ubuntu:
  Incomplete

Bug description:
  [Description]

  The latest release of python3-apt (2.0.1ubuntu0.20.04.1+esm1) is
  setting the python version to:

  $ pip list | grep apt
  python-apt          2.0.1-ubuntu0.20.04.1-esm1

  This version is not compliant with PEP440 and breaks with other
  software that will check versions:

  $ python3
  Python 3.8.10 (default, Nov 17 2025, 15:36:31) 
  [GCC 9.4.0] on linux
  Type "help", "copyright", "credits" or "license" for more information.
  >>> from packaging.version import parse, Version
  >>> Version("2.0.1-ubuntu0.20.04.1-esm1").micro
  Traceback (most recent call last):
    File "<stdin>", line 1, in <module>
    File "/usr/lib/python3/dist-packages/packaging/version.py", line 277, in __init__
      raise InvalidVersion("Invalid version: '{0}'".format(version))
  packaging.version.InvalidVersion: Invalid version: '2.0.1-ubuntu0.20.04.1-esm1'

  The latest non ESM version works correctly:

  $ pip list | grep apt
  python-apt          2.0.1+ubuntu0.20.4.1

  Notice the replacement of (+) with (-) between the version (2.0.1) and
  the ubuntu0.20.04.1. (+) is the correct separator for local versions:

  https://peps.python.org/pep-0440/#local-version-segments
  https://peps.python.org/pep-0440/#development-release-separators

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-pro/+bug/2137070/+subscriptions

More information about the foundations-bugs mailing list