Debian Package Tracker
Register | Log in
Subscribe

shadowsocks-libev

lightweight and secure socks5 proxy

Choose email to subscribe with

general
  • source: shadowsocks-libev (main)
  • version: 3.3.5+ds-4
  • maintainer: Debian Bridges Team (DMD)
  • uploaders: Boyuan Yang [DMD] – Roger Shimizu [DMD] – Max Lv [DMD]
  • arch: any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • oldstable: 2.6.3+ds-3+deb9u1
  • old-sec: 2.6.3+ds-3+deb9u1
  • old-bpo: 3.2.5+ds-1~bpo9+1
  • old-bpo-sl: 3.3.5+ds-1~bpo9+1
  • stable: 3.2.5+ds-1
  • stable-bpo: 3.3.5+ds-4~bpo10+1
  • testing: 3.3.5+ds-4
  • unstable: 3.3.5+ds-4
versioned links
  • 2.6.3+ds-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.2.5+ds-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.2.5+ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.3.5+ds-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.3.5+ds-4~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.3.5+ds-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libshadowsocks-libev-dev
  • libshadowsocks-libev2
  • shadowsocks-libev (3 bugs: 0, 3, 0, 0)
action needed
2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:
  • CVE-2019-5163: (needs triaging) An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
  • CVE-2019-5164: (needs triaging) An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-21 19:04
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-12-21 22:42
news
[rss feed]
  • [2020-12-27] Accepted shadowsocks-libev 3.3.5+ds-4~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-12-24] shadowsocks-libev 3.3.5+ds-4 MIGRATED to testing (Debian testing watch)
  • [2020-12-21] Accepted shadowsocks-libev 3.3.5+ds-4 (source) into unstable (Roger Shimizu)
  • [2020-12-20] Accepted shadowsocks-libev 3.3.5+ds-3 (source) into unstable (Roger Shimizu)
  • [2020-12-20] shadowsocks-libev 3.3.5+ds-2 MIGRATED to testing (Debian testing watch)
  • [2020-12-16] Accepted shadowsocks-libev 3.3.5+ds-2 (source) into unstable (Roger Shimizu)
  • [2020-09-22] Accepted shadowsocks-libev 3.3.5+ds-1~bpo9+1 (source i386) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
  • [2020-09-21] Accepted shadowsocks-libev 3.3.5+ds-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-09-21] shadowsocks-libev 3.3.5+ds-1 MIGRATED to testing (Debian testing watch)
  • [2020-09-19] Accepted shadowsocks-libev 3.3.5+ds-1 (source) into unstable (Roger Shimizu)
  • [2020-08-01] shadowsocks-libev 3.3.4+ds-5 MIGRATED to testing (Debian testing watch)
  • [2020-07-23] Accepted shadowsocks-libev 3.3.4+ds-5 (source) into unstable (Roger Shimizu)
  • [2020-06-04] Accepted shadowsocks-libev 3.3.4+ds-4~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
  • [2020-05-23] Accepted shadowsocks-libev 3.3.4+ds-4~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-05-23] shadowsocks-libev 3.3.4+ds-4 MIGRATED to testing (Debian testing watch)
  • [2020-05-20] Accepted shadowsocks-libev 3.3.4+ds-4 (source) into unstable (Roger Shimizu)
  • [2020-04-06] Accepted shadowsocks-libev 3.3.4+ds-3~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
  • [2020-04-02] Accepted shadowsocks-libev 3.3.4+ds-3~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-04-02] shadowsocks-libev 3.3.4+ds-3 MIGRATED to testing (Debian testing watch)
  • [2020-03-29] Accepted shadowsocks-libev 3.3.4+ds-3 (source) into unstable (Roger Shimizu)
  • [2020-02-26] shadowsocks-libev 3.3.4+ds-2 MIGRATED to testing (Debian testing watch)
  • [2020-02-23] Accepted shadowsocks-libev 3.3.4+ds-2 (source) into unstable (Boyuan Yang)
  • [2020-01-18] Accepted shadowsocks-libev 3.3.4+ds-1~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
  • [2020-01-16] Accepted shadowsocks-libev 3.3.4+ds-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-01-14] shadowsocks-libev 3.3.4+ds-1 MIGRATED to testing (Debian testing watch)
  • [2020-01-11] Accepted shadowsocks-libev 3.3.4+ds-1 (source) into unstable (Roger Shimizu)
  • [2019-12-13] Accepted shadowsocks-libev 3.3.3+ds-3~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
  • [2019-12-07] Accepted shadowsocks-libev 3.3.3+ds-3~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2019-12-07] shadowsocks-libev 3.3.3+ds-3 MIGRATED to testing (Debian testing watch)
  • [2019-12-04] Accepted shadowsocks-libev 3.3.3+ds-3 (source) into unstable (Roger Shimizu)
  • 1
  • 2
bugs [bug history graph]
  • all: 4
  • RC: 0
  • I&N: 4
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 3.3.5+ds-4

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing