Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

Fix boost::beast vulnerability 2.2 #10980

Open
wants to merge 2 commits into
base: release/2.2.x
Choose a base branch
from
Open

Conversation

praphael
Copy link

Change Description

Boost::beast uses hardcoded zlib which was vulnerable to CVE-2016-9840. This updates unpinned builds, and build scripts to use newer version of Boost, and for pinned builds to apply patch to address the vulnerability.

Change Type

Select ONE:

  • Documentation
  • Stability bug fix
  • Other
  • Other - special case

Testing Changes

Select ANY that apply:

  • New Tests
  • Existing Tests
  • Test Framework
  • CI System
  • Other

Consensus Changes

  • Consensus Changes

API Changes

  • API Changes

Documentation Additions

  • Documentation Additions

@heifner heifner requested a review from kj4ezj January 25, 2022 20:16
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant