Boost logo

Boost :

Subject: Re: [boost] [1.53.0] Release candidates available
From: Artyom Beilis (artyomtnk_at_[hidden])
Date: 2013-02-01 05:08:31

Hello, Can you please make the security note about Boost.Locale more visible? It is an important part of release notes. See: I think this note should be somewhere in noticeable place: ------------------------------------------------------------------------- Note Begin ------------------------------------------------------------------------- Boost.Locale library in Boost 1.48 to 1.52 including has a security flow. boost::locale::utf::utf_traits accepted some invalid UTF-8 sequences. Applications that used these functions for UTF-8 input validation could expose themselves to security threats as invalid UTF-8 sequece would be considered as valid. This bug is fixed in upcoming Boost 1.53. For more details see: Users who can't upgrade to the latest versions may apply the following patch to fix the problem. ------------------------------------------------------------------------- Note End ------------------------------------------------------------------------- Thanks Artyom Beilis -------------- CppCMS - C++ Web Framework: CppDB - C++ SQL Connectivity: >________________________________ > From: Marshall Clow <mclow.lists_at_[hidden]> >To: Boost Developers List <boost_at_[hidden]> >Sent: Thursday, January 31, 2013 7:22 AM >Subject: [boost] [1.53.0] Release candidates available > >Release candidate files for 1.53.0 are available at > > >As always, the release managers would appreciate it if you download >the candidate of your choice and give building it a try. Please report >both success and failure, and anything else that is noteworthy. > >This helps ensure the candidates build OK before we push them out to >SourceForge. > >The files (and associated md5s) are: >    57a9e2047c0f511c4dfcf00eb5eb2fbb    *boost_1_53_0_rc1.tar.gz >    a00d22605d5dbcfb4c9936a9b35bc4c2    *boost_1_53_0_rc1.tar.bz2 >    c618e030fd4882e4dbacf54baf824544    * >    cc680cab53a5405ca102a10d43b92b88    *boost_1_53_0_rc1.7z > >Thanks! > >-- The release managers > >_______________________________________________ >Unsubscribe & other changes: > > > 

Boost list run by bdawes at, gregod at, cpdaniel at, john at