Bug 9114

Summary: boost new security issue CVE-2013-0252
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Shlomi Fish <shlomif>
Status: RESOLVED FIXED QA Contact:
Severity: major    
Priority: Normal CC: shlomif, zen25000
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/538848/
Whiteboard: MGA2TOO
Source RPM: boost-1.52.0-3.mga3.src.rpm CVE:
Status comment:
Bug Depends on: 9127    
Bug Blocks:    

Description David Walser 2013-02-19 02:37:03 CET 
Ubuntu has issued an advisory today (February 18):
http://www.ubuntu.com/usn/usn-1727-1/

Mageia 2 is also affected.

There is also an upstream advisory:
http://www.boost.org/users/news/boost_locale_security_notice.html
David Walser 2013-02-19 02:37:19 CET

CC: (none) => shlomif

David Walser 2013-02-19 02:37:29 CET

Assignee: bugsquad => shlomif

David Walser 2013-02-19 04:06:20 CET

Whiteboard: (none) => MGA2TOO

David Walser 2013-02-20 12:34:42 CET

CC: (none) => zen25000

David Walser 2013-02-20 12:39:46 CET

Depends on: (none) => 9127

Comment 1 David Walser 2013-03-15 16:17:12 CET 
Can we get this pushed in Cauldron?

I know a couple packages don't build with it, but it's no worse than the current one in that regard.  We need to get this fixed.
Comment 2 David Walser 2013-03-24 16:46:04 CET 
Fixed by Funda in boost-1.52.0-4.mga3.

Status: NEW => RESOLVED
Resolution: (none) => FIXED