How to Update Packages via Ubuntu Command Line

Keeping your Ubuntu system updated protects against security vulnerabilities, fixes bugs that cause crashes or misbehavior, and unlocks new software features. When you run updates regularly, you ensure that libraries, drivers, and system tools remain compatible with each other. The command-line interface provides the fastest and most reliable way to manage updates, giving you visibility into exactly what changes and full control over when upgrades happen.

This guide covers the essential commands for checking available updates, upgrading packages, and maintaining a healthy Ubuntu system. You will learn the difference between apt and apt-get, discover how to upgrade individual packages, list what needs updating, and perform full system upgrades that handle dependency changes.

These steps work identically on Ubuntu 22.04 LTS, 24.04 LTS, and 26.04 LTS. The commands are the same across all supported LTS releases.

Refresh Package Lists with apt update

Before installing or upgrading any software, refresh your local package index so Ubuntu knows about the latest versions available in the repositories. This step does not install anything; it only downloads metadata about what packages exist and which versions are current.

sudo apt update

The sudo prefix grants administrative privileges required to access the package database. After running this command, APT displays how many packages can be upgraded.

Example output on Ubuntu 26.04 LTS:

Hit:1 http://archive.ubuntu.com/ubuntu resolute InRelease
Get:2 http://archive.ubuntu.com/ubuntu resolute-updates InRelease [126 kB]
Get:3 http://security.ubuntu.com/ubuntu resolute-security InRelease [129 kB]
Fetched 255 kB in 2s (128 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
16 packages can be upgraded. Run 'apt list --upgradable' to see them.

The output confirms which repository sources were contacted and summarizes how many upgrades are pending. If you see “All packages are up to date,” your system already has the latest versions.

Understanding apt vs apt-get

Ubuntu provides two command-line tools for package management: apt and apt-get. Both accomplish the same tasks, but they differ in design philosophy and output formatting.

apt (recommended)

• Designed for interactive terminal use
• Shows progress bars during downloads and installs
• Combines common operations into simpler commands
• Default choice for manual system administration

apt-get (traditional)

• Oldest APT interface, stable since Debian 2.0
• Predictable output format that never changes
• Better suited for scripts that parse command output
• Documented in older tutorials and enterprise runbooks

For daily use, apt provides a cleaner experience with more informative feedback. Use apt-get when writing shell scripts or following legacy documentation. Both tools share the same underlying package database, so mixing them causes no conflicts.

The apt-get equivalent of the update command:

sudo apt-get update

Upgrade All Packages

After refreshing package lists, apply available upgrades to bring all installed software to their latest versions. The upgrade command downloads new package versions and installs them, replacing old files while preserving your configuration.

sudo apt upgrade

APT displays which packages will be upgraded, how much data needs downloading, and how much disk space the operation requires. Press Y when prompted to confirm, or add the -y flag to skip confirmation in scripts.

Example output:

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
  base-files gcc-15-base libgcc-s1 libgpg-error0 liblzma5
  libncursesw6 libproc2-0 libstdc++6 libtinfo6
9 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 2,847 kB of archives.
After this operation, 12.3 kB of additional disk space will be used.
Do you want to continue? [Y/n]

This standard upgrade keeps the system conservative. It never removes packages or installs new dependencies that might change system behavior unexpectedly. For a single command that updates package lists and upgrades in one step, combine them:

sudo apt update && sudo apt upgrade -y

The && operator ensures the upgrade only runs if the update succeeds. This one-liner is convenient for routine maintenance.

The apt-get equivalent:

sudo apt-get upgrade

Upgrade a Specific Package

Sometimes you need to update a single package immediately without upgrading everything else. This approach is useful when a security patch lands for critical software like OpenSSL or when you want to test a new version of one application before committing to a full system upgrade.

To upgrade only a specific package while leaving everything else unchanged:

sudo apt install --only-upgrade firefox

Replace firefox with the actual package name you want to upgrade. The --only-upgrade flag ensures APT upgrades the package only if it is already installed. The command will not install the package fresh if it is missing. This behavior protects against accidentally adding software you did not intend.

Running apt upgrade firefox without the --only-upgrade flag actually upgrades all packages and installs firefox if missing. The --only-upgrade flag restricts the operation to the named package.

If you want to install or upgrade a package regardless of whether it exists, the standard install command handles both cases:

sudo apt install firefox

This command installs firefox if absent or upgrades it to the latest version if already present.

List Packages Available for Upgrade

Before running an upgrade, you may want to review exactly which packages have newer versions available. This preview helps you understand what changes and allows you to research changelogs for critical packages.

First, refresh your package lists to ensure you have current information:

sudo apt update

Then list all upgradeable packages:

apt list --upgradable

This command does not require sudo because it only reads package metadata without modifying anything.

Example output:

Listing...
base-files/resolute 14ubuntu5 amd64 [upgradable from: 14ubuntu4]
gcc-15-base/resolute 15.2.0-11ubuntu1 amd64 [upgradable from: 15.2.0-9ubuntu1]
libgcc-s1/resolute 15.2.0-11ubuntu1 amd64 [upgradable from: 15.2.0-9ubuntu1]
libgpg-error0/resolute 1.58-1 amd64 [upgradable from: 1.56-2]
liblzma5/resolute 5.8.2-1 amd64 [upgradable from: 5.8.1-2]
libncursesw6/resolute 6.5+20251123-1 amd64 [upgradable from: 6.5+20250216-2build1]

Each line shows the package name, repository source, new version, architecture, and current installed version in brackets. This output helps you identify whether critical packages like the kernel, systemd, or security libraries need attention.

Detailed Version Information with apt-show-versions

The apt-show-versions utility provides an alternative view with more explicit version comparison. Unlike the built-in apt list command, it shows both current and available versions on the same line in a format easier to parse visually or with scripts.

Install the utility first:

sudo apt install apt-show-versions -y

Then list packages eligible for upgrade:

apt-show-versions -u

Example output:

base-files:amd64/resolute 14ubuntu4 upgradeable to 14ubuntu5
gcc-15-base:amd64/resolute 15.2.0-9ubuntu1 upgradeable to 15.2.0-11ubuntu1
libgcc-s1:amd64/resolute 15.2.0-9ubuntu1 upgradeable to 15.2.0-11ubuntu1
libgpg-error0:amd64/resolute 1.56-2 upgradeable to 1.58-1
liblzma5:amd64/resolute 5.8.1-2 upgradeable to 5.8.2-1

This format clearly shows the current version and new version side by side for each package, making it straightforward to track version jumps.

Perform a Full System Upgrade

The standard apt upgrade command is intentionally conservative. It never removes packages or installs new dependencies. This caution prevents unexpected behavior but sometimes blocks upgrades when packages require new dependencies or conflict with installed software.

For a more thorough upgrade that handles dependency changes, use full-upgrade:

sudo apt update
sudo apt full-upgrade

This command upgrades all packages and intelligently resolves dependency changes. It may install new packages that existing software now requires, and it may remove packages that conflict with the upgraded versions. APT always shows you what will change before proceeding.

The traditional apt-get equivalent is dist-upgrade:

sudo apt-get update
sudo apt-get dist-upgrade

Despite the name, dist-upgrade does not upgrade your Ubuntu version. It handles complex package dependency changes within your current release. Use full-upgrade or dist-upgrade when a regular upgrade reports “held back” packages or when preparing for major software updates like new kernel versions.

After a full-upgrade completes, especially if the kernel was upgraded, reboot your system for changes to take effect: sudo reboot

Clean Up Orphaned Packages

Over time, package upgrades leave behind orphaned dependencies, which are libraries and tools that were installed automatically to support software that no longer needs them. These orphans consume disk space without providing any benefit.

Remove orphaned packages with:

sudo apt autoremove

APT identifies packages marked as “automatically installed” that no other package currently depends on. Review the list before confirming. Occasionally a dependency tracker error can flag packages you still want.

To also clear the local cache of downloaded package files (which can grow large on systems with frequent updates):

sudo apt clean

This command removes all cached .deb files from /var/cache/apt/archives/. The packages remain installed; only the installation files are deleted. If you need to reinstall later, APT downloads them again.

Troubleshooting Common Update Issues

Package updates occasionally encounter problems. This section covers the most frequent issues and their solutions.

APT Lock File Errors

If you see errors like “Could not get lock /var/lib/dpkg/lock-frontend,” another process is using APT. This commonly happens when automatic updates run in the background or when you accidentally run two terminal sessions with APT commands.

First, check what process holds the lock:

sudo lsof /var/lib/dpkg/lock-frontend

If a legitimate update process is running, wait for it to finish. If the lock is stale (no process appears or the listed process is defunct), you can safely release it:

sudo rm /var/lib/dpkg/lock-frontend
sudo dpkg --configure -a

The dpkg --configure -a command finishes configuring any packages left in an incomplete state.

Packages Held Back

When apt upgrade reports packages are “kept back,” those packages require dependency changes that the conservative upgrade refuses to make. View which packages are held:

apt list --upgradable

To upgrade held packages, either use full-upgrade or install the specific package directly:

sudo apt install package-name

APT will show you what additional packages need installation or removal to satisfy dependencies.

Broken Packages

If an update is interrupted (power failure, network loss, Ctrl+C), packages can end up in a broken state. Fix this with:

sudo dpkg --configure -a
sudo apt install -f

The first command completes pending package configurations. The second attempts to fix broken dependencies by installing missing packages or removing conflicting ones.

Repository Errors

Errors like “Failed to fetch” or “404 Not Found” typically indicate a repository that has moved, been discontinued, or has temporary server issues. If only third-party repositories fail, you can still update from official sources:

sudo apt update --fix-missing

Review and disable problematic repositories in /etc/apt/sources.list.d/ if the issue persists. Repositories with outdated URLs should be updated or removed.

Automate Updates with Unattended Upgrades

For servers and systems where you want security patches applied automatically, Ubuntu provides the unattended-upgrades package. Once configured, it automatically downloads and installs security updates without manual intervention, keeping your system protected even when you are not actively monitoring it.

For complete setup instructions, see our unattended upgrades configuration guide for Ubuntu.

Speed Up Downloads with apt-fast

If you regularly download large updates or have a fast internet connection, apt-fast can significantly speed up package downloads by using parallel connections. It wraps around apt and uses aria2 to download from multiple mirrors simultaneously.

Learn how to set it up in our apt-fast installation guide for Ubuntu.

Related Package Management Tasks

Once you are comfortable with updating packages, these related guides help you manage your Ubuntu system more effectively:

• Remove packages on Ubuntu from the command line: uninstall software and clean up configuration files
• Install Synaptic Package Manager on Ubuntu: graphical interface for package management if you prefer not to use the terminal
• Remove a PPA from Ubuntu: clean up third-party repositories you no longer need

Conclusion

You now have the essential commands for maintaining an up-to-date Ubuntu system. Regular use of apt update and apt upgrade keeps your packages current, while apt full-upgrade handles complex dependency changes. The --only-upgrade flag gives you precise control over individual packages, and apt autoremove keeps your system clean. When updates cause problems, the troubleshooting steps in this guide help you recover quickly and get back to a working state.