Home  /  RSS  /  RSS Comments  /  Enter

Security bug fix release - CppCMS 1.0.3

Friday, January 4, 2013, by artyom ; one comment

CppCMS 1.0.3 was released today, it includes security bug fix.

This bug allowed CppCMS encoding validation to accept some invalid UTF-8 sequences which could potentially lead to various security problems like XSS and more.

It is strongly recommended to upgrade to latest version.

Note: for thous who used booster::locale::utf::utf_traits or functions booster::locale::conv::utf_to_utf directly rather than using built in CppCMS forms validation/XSS validation, you may need to recompile the application to get the updates.

The release is available on sourceforge and in the official repositories for Ubuntu oneiric, precise and quantal, Debian squeeze, Fedora 16 and 17, Centos 6 and Open Suse 11.4 and 12.1

Comments

Blue, at 6/23/13 2:58 PM

Great!, i am planning on using cppcms for a very large project and i just stumbled upon this; meaning cppcms is been maintained, kudios!).

Add Comment:

 
 the email would not displayed
 

You can write your messages using Markdown syntax.

You must enable JavaScript in order to post comments.

Pages

Categories