Candidate: CVE-2017-7443
PublicDate: 2017-04-05 20:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7443
Description:
 apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response
 splitting via encoded newline characters, related to lack of blocking for
 the %0[ad] regular expression.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858833
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858739
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N [6.1 MEDIUM]

Patches_apt-cacher-ng:
upstream_apt-cacher-ng: released (3-1)
precise_apt-cacher-ng: ignored (reached end-of-life)
precise/esm_apt-cacher-ng: DNE (precise was needed)
trusty_apt-cacher-ng: ignored (reached end-of-life)
trusty/esm_apt-cacher-ng: DNE (trusty was needed)
vivid/stable-phone-overlay_apt-cacher-ng: DNE
vivid/ubuntu-core_apt-cacher-ng: DNE
xenial_apt-cacher-ng: ignored (end of standard support, was needed)
yakkety_apt-cacher-ng: ignored (reached end-of-life)
zesty_apt-cacher-ng: ignored (reached end-of-life)
artful_apt-cacher-ng: not-affected (3-1)
bionic_apt-cacher-ng: not-affected (3-1)
cosmic_apt-cacher-ng: not-affected (3-1)
disco_apt-cacher-ng: not-affected (3-1)
eoan_apt-cacher-ng: not-affected (3-1)
focal_apt-cacher-ng: not-affected (3-1)
groovy_apt-cacher-ng: not-affected (3-1)
hirsute_apt-cacher-ng: not-affected (3-1)
impish_apt-cacher-ng: not-affected (3-1)
jammy_apt-cacher-ng: not-affected (3-1)
devel_apt-cacher-ng: not-affected (3-1)

Patches_apt-cacher:
upstream_apt-cacher: released (1.7.15)
precise_apt-cacher: ignored (reached end-of-life)
precise/esm_apt-cacher: DNE (precise was needed)
trusty_apt-cacher: ignored (reached end-of-life)
trusty/esm_apt-cacher: DNE (trusty was needed)
vivid/stable-phone-overlay_apt-cacher: DNE
vivid/ubuntu-core_apt-cacher: DNE
xenial_apt-cacher: ignored (end of standard support, was needed)
yakkety_apt-cacher: ignored (reached end-of-life)
zesty_apt-cacher: ignored (reached end-of-life)
artful_apt-cacher: not-affected (1.7.15)
bionic_apt-cacher: not-affected (1.7.15)
cosmic_apt-cacher: not-affected (1.7.15)
disco_apt-cacher: not-affected (1.7.15)
eoan_apt-cacher: not-affected (1.7.15)
focal_apt-cacher: not-affected (1.7.15)
groovy_apt-cacher: not-affected (1.7.15)
hirsute_apt-cacher: not-affected (1.7.15)
impish_apt-cacher: not-affected (1.7.15)
jammy_apt-cacher: not-affected (1.7.15)
devel_apt-cacher: not-affected (1.7.15)