| Package | shellinabox |
|---|---|
| Version | 2.21~deb9u1 (stretch) |
| Related CVEs | CVE-2018-16789 |
Denial of service with broken multipart/form-data has been fixed in shellinabox, a web server that can export arbitrary command line tools to a web based terminal emulator.
For Debian 9 stretch, these problems have been fixed in version 2.21~deb9u1.
We recommend that you upgrade your shellinabox packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.