| |||||||||||||||||||
Mageia alert MGASA-2013-0061 (boost)
MGASA-2013-0061 Date: February 21st, 2013 Affected releases: 2 Media: Core Description: Boost.Locale library in Boost 1.48 to 1.52 including has a security flaw (CVE-2013-0252): boost::locale::utf::utf_traits accepted some invalid UTF-8 sequences. Applications that used these functions for UTF-8 input validation could expose themselves to security threats as invalid UTF-8 sequece would be considered as valid. The package has been patched to fix above security flaw. Updated Packages: i586: boost-devel-doc-1.48.0-9.2.mga2.noarch.rpm boost-examples-1.48.0-9.2.mga2.noarch.rpm libboost_chrono1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_date_time1.48.0-1.48.0-9.2.mga2.i586.rpm libboost-devel-1.48.0-9.2.mga2.i586.rpm libboost_filesystem1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_graph1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_iostreams1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_locale1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_math1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_prg_exec_monitor1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_program_options1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_python1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_random1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_regex1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_serialization1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_signals1.48.0-1.48.0-9.2.mga2.i586.rpm libboost-static-devel-1.48.0-9.2.mga2.i586.rpm libboost_system1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_thread1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_timer1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_unit_test_framework1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_wave1.48.0-1.48.0-9.2.mga2.i586.rpm libboost_wserialization1.48.0-1.48.0-9.2.mga2.i586.rpm boost-debug-1.48.0-9.2.mga2.i586.rpm x86_64: boost-devel-doc-1.48.0-9.2.mga2.noarch.rpm boost-examples-1.48.0-9.2.mga2.noarch.rpm lib64boost_chrono1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_date_time1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost-devel-1.48.0-9.2.mga2.x86_64.rpm lib64boost_filesystem1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_graph1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_iostreams1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_locale1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_math1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_prg_exec_monitor1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_program_options1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_python1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_random1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_regex1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_serialization1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_signals1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost-static-devel-1.48.0-9.2.mga2.x86_64.rpm lib64boost_system1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_thread1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_timer1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_unit_test_framework1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_wave1.48.0-1.48.0-9.2.mga2.x86_64.rpm lib64boost_wserialization1.48.0-1.48.0-9.2.mga2.x86_64.rpm boost-debug-1.48.0-9.2.mga2.x86_64.rpm SRPMS: boost-1.48.0-9.2.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0252 http://www.boost.org/users/news/boost_locale_security_not... http://www.ubuntu.com/usn/usn-1727-1/ https://bugs.mageia.org/show_bug.cgi?id=9127 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||