Debian Linux Security Advisory 4009-1 - Niklas Abel discovered that insufficient input sanitising in the the ss-manager component of shadowsocks-libev, a lightweight socks5 proxy, could result in arbitrary shell command execution.
f4946f4feea9dcb5fd5499933a28e9fbbcc14bc3fd78516883a4fa48f7f34e07