Security bug fix release - CppCMS 1.0.3

1/4/13, by artyom ; one comment

CppCMS 1.0.3 was released today, it includes security bug fix.

This bug allowed CppCMS encoding validation to accept some invalid UTF-8 sequences which could potentially lead to various security problems like XSS and more.

It is strongly recommended to upgrade to latest version.

Note: for thous who used booster::locale::utf::utf_traits or functions booster::locale::conv::utf_to_utf directly rather than using built in CppCMS forms validation/XSS validation, you may need to recompile the application to get the updates.

The release is available on sourceforge and in the official repositories for Ubuntu oneiric, precise and quantal, Debian squeeze, Fedora 16 and 17, Centos 6 and Open Suse 11.4 and 12.1

Comments

Blue, at 6/23/13, 2:58 PM: Great!, i am planning on using cppcms for a very large project and i just stumbled upon this; meaning cppcms is been maintained, kudios!).

Add Comment:

Author
E-Mail	the email would not displayed
URL

You can write your messages using Markdown syntax.

You must enable JavaScript in order to post comments.

Project

Some rights reserved, the content of this blog is available under Creative Commons Attribution License 2.5 Israel.

Creative Commons

Security bug fix release - CppCMS 1.0.3

Comments

Add Comment:

Pages

Categories

Project

Search With Google