Register | Log in

shadowsocks-libev

lightweight and secure socks5 proxy

Choose email to subscribe with

general

source: shadowsocks-libev (main)
version: 3.3.5+ds-4
maintainer: Debian Bridges Team (DMD)
uploaders: Boyuan Yang [DMD] – Roger Shimizu [DMD] – Max Lv [DMD]
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.6.3+ds-3+deb9u1
old-sec: 2.6.3+ds-3+deb9u1
old-bpo: 3.2.5+ds-1~bpo9+1
old-bpo-sl: 3.3.5+ds-1~bpo9+1
stable: 3.2.5+ds-1
stable-bpo: 3.3.5+ds-4~bpo10+1
testing: 3.3.5+ds-4
unstable: 3.3.5+ds-4

versioned links

2.6.3+ds-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.2.5+ds-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.2.5+ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.3.5+ds-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.3.5+ds-4~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.3.5+ds-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libshadowsocks-libev-dev
libshadowsocks-libev2
shadowsocks-libev (3 bugs: 0, 3, 0, 0)

action needed

2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:

CVE-2019-5163: (needs triaging) An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
CVE-2019-5164: (needs triaging) An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-21 19:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-12-21 22:42

news

[2020-12-27] Accepted shadowsocks-libev 3.3.5+ds-4~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2020-12-24] shadowsocks-libev 3.3.5+ds-4 MIGRATED to testing (Debian testing watch)
[2020-12-21] Accepted shadowsocks-libev 3.3.5+ds-4 (source) into unstable (Roger Shimizu)
[2020-12-20] Accepted shadowsocks-libev 3.3.5+ds-3 (source) into unstable (Roger Shimizu)
[2020-12-20] shadowsocks-libev 3.3.5+ds-2 MIGRATED to testing (Debian testing watch)
[2020-12-16] Accepted shadowsocks-libev 3.3.5+ds-2 (source) into unstable (Roger Shimizu)
[2020-09-22] Accepted shadowsocks-libev 3.3.5+ds-1~bpo9+1 (source i386) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
[2020-09-21] Accepted shadowsocks-libev 3.3.5+ds-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2020-09-21] shadowsocks-libev 3.3.5+ds-1 MIGRATED to testing (Debian testing watch)
[2020-09-19] Accepted shadowsocks-libev 3.3.5+ds-1 (source) into unstable (Roger Shimizu)
[2020-08-01] shadowsocks-libev 3.3.4+ds-5 MIGRATED to testing (Debian testing watch)
[2020-07-23] Accepted shadowsocks-libev 3.3.4+ds-5 (source) into unstable (Roger Shimizu)
[2020-06-04] Accepted shadowsocks-libev 3.3.4+ds-4~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
[2020-05-23] Accepted shadowsocks-libev 3.3.4+ds-4~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2020-05-23] shadowsocks-libev 3.3.4+ds-4 MIGRATED to testing (Debian testing watch)
[2020-05-20] Accepted shadowsocks-libev 3.3.4+ds-4 (source) into unstable (Roger Shimizu)
[2020-04-06] Accepted shadowsocks-libev 3.3.4+ds-3~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
[2020-04-02] Accepted shadowsocks-libev 3.3.4+ds-3~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2020-04-02] shadowsocks-libev 3.3.4+ds-3 MIGRATED to testing (Debian testing watch)
[2020-03-29] Accepted shadowsocks-libev 3.3.4+ds-3 (source) into unstable (Roger Shimizu)
[2020-02-26] shadowsocks-libev 3.3.4+ds-2 MIGRATED to testing (Debian testing watch)
[2020-02-23] Accepted shadowsocks-libev 3.3.4+ds-2 (source) into unstable (Boyuan Yang)
[2020-01-18] Accepted shadowsocks-libev 3.3.4+ds-1~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
[2020-01-16] Accepted shadowsocks-libev 3.3.4+ds-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2020-01-14] shadowsocks-libev 3.3.4+ds-1 MIGRATED to testing (Debian testing watch)
[2020-01-11] Accepted shadowsocks-libev 3.3.4+ds-1 (source) into unstable (Roger Shimizu)
[2019-12-13] Accepted shadowsocks-libev 3.3.3+ds-3~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
[2019-12-07] Accepted shadowsocks-libev 3.3.3+ds-3~bpo10+1 (source) into buster-backports (Roger Shimizu)
[2019-12-07] shadowsocks-libev 3.3.3+ds-3 MIGRATED to testing (Debian testing watch)
[2019-12-04] Accepted shadowsocks-libev 3.3.3+ds-3 (source) into unstable (Roger Shimizu)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.3.5+ds-4

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing