Debian Security Advisory DSA 772-1 - Eduard Bloch discovered a bug in apt-cacher, a caching system for Debian package and source files, that could allow remote attackers to execute arbitrary commands on the caching host as user www-data.
5b557a93df5652634a6208c38d0db0edd30ecabd35ed3d38253098fb58161011