Boost :

Date view	Thread view	Subject view	Author view

Subject: Re: [boost] [1.53.0] Release candidates available
From: Artyom Beilis (artyomtnk_at_[hidden])
Date: 2013-02-01 05:08:31

Next message: Matus Chochlik: "Re: [boost] [mixin] Introducing a new library."
Previous message: Alex: "[boost] [asio] ssl::stream::async_handshake handler not called"
In reply to: Marshall Clow: "[boost] [1.53.0] Release candidates available"
Next in thread: Eric Niebler: "Re: [boost] [1.53.0] Release candidates available"
Reply: Eric Niebler: "Re: [boost] [1.53.0] Release candidates available"

Hello, Can you please make the security note about Boost.Locale more visible? It is an important part of release notes. See: http://thread.gmane.org/gmane.comp.lib.boost.devel/237615 I think this note should be somewhere in noticeable place: ------------------------------------------------------------------------- Note Begin ------------------------------------------------------------------------- Boost.Locale library in Boost 1.48 to 1.52 including has a security flow. boost::locale::utf::utf_traits accepted some invalid UTF-8 sequences. Applications that used these functions for UTF-8 input validation could expose themselves to security threats as invalid UTF-8 sequece would be considered as valid. This bug is fixed in upcoming Boost 1.53. For more details see: https://svn.boost.org/trac/boost/ticket/7743 Users who can't upgrade to the latest versions may apply the following patch to fix the problem. http://cppcms.com/files/locale/boost_locale_utf.patch ------------------------------------------------------------------------- Note End ------------------------------------------------------------------------- Thanks Artyom Beilis -------------- CppCMS - C++ Web Framework: http://cppcms.com/ CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ >________________________________ > From: Marshall Clow <mclow.lists_at_[hidden]> >To: Boost Developers List <boost_at_[hidden]> >Sent: Thursday, January 31, 2013 7:22 AM >Subject: [boost] [1.53.0] Release candidates available > >Release candidate files for 1.53.0 are available at >http://boost.cowic.de/rc/ > >As always, the release managers would appreciate it if you download >the candidate of your choice and give building it a try. Please report >both success and failure, and anything else that is noteworthy. > >This helps ensure the candidates build OK before we push them out to >SourceForge. > >The files (and associated md5s) are: > 57a9e2047c0f511c4dfcf00eb5eb2fbb *boost_1_53_0_rc1.tar.gz > a00d22605d5dbcfb4c9936a9b35bc4c2 *boost_1_53_0_rc1.tar.bz2 > c618e030fd4882e4dbacf54baf824544 *boost_1_53_0_rc1.zip > cc680cab53a5405ca102a10d43b92b88 *boost_1_53_0_rc1.7z > >Thanks! > >-- The release managers > >_______________________________________________ >Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost > > >

Next message: Matus Chochlik: "Re: [boost] [mixin] Introducing a new library."
Previous message: Alex: "[boost] [asio] ssl::stream::async_handshake handler not called"
In reply to: Marshall Clow: "[boost] [1.53.0] Release candidates available"
Next in thread: Eric Niebler: "Re: [boost] [1.53.0] Release candidates available"
Reply: Eric Niebler: "Re: [boost] [1.53.0] Release candidates available"

Date view	Thread view	Subject view	Author view

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk