A security vulnerability affects the APT package manager on Debian GNU/Linux and Ubuntu, as well as other derivatives from the two, allowing a remote attacker to install malicious packages users’ machines. APT considered the packages as valid, thus allowing the attacker to execute code as root and possibly crash the host. Both Debian and Ubuntu released patched versions of the APT packages in their supported distributions, but the Debian Project also respined their installation and live images by releasing the Debian GNU/Linux 9.7 “Stretch” point release to avoid any complications in new deployments of their operating system.