Security update for shadowsocks-libev
This update for shadowsocks-libev fixes the following issues:
Security issue fixed:
- CVE-2017-15924: In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. (boo#1065619)
- Submitted by Hillwood Yang (hillwood)
Fixed bugs
bnc#1065619
VUL-0: CVE-2017-15924: In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allowscommand injection via shell metacharacters in a JSON configuration requestreceived via 127.0.0.1 UDP traffic, related to the add_server,