1
PublicDateAtUSN: 2013-02-05
2
Candidate: CVE-2013-0252
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0252
6
http://www.boost.org/users/news/boost_locale_security_notice.html
7
https://usn.ubuntu.com/usn/usn-1727-1
9
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48
10
through 1.52 does not properly detect certain invalid UTF-8 sequences,
11
which might allow remote attackers to bypass input validation protection
12
mechanisms via crafted trailing bytes.
15
jdstrand> Ubuntu 10.04 LTS and 11.10 not affected
17
https://svn.boost.org/trac/boost/ticket/7743
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649 (1.49)
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650 (1.50)
25
upstream_boost1.40: not-affected
27
lucid_boost1.40: not-affected (code-not-present)
28
oneiric_boost1.40: DNE
29
precise_boost1.40: DNE
30
precise/esm_boost1.40: DNE
31
quantal_boost1.40: DNE
37
vivid/stable-phone-overlay_boost1.40: DNE
38
vivid/ubuntu-core_boost1.40: DNE
41
yakkety_boost1.40: DNE
46
upstream_boost1.42: not-affected
49
oneiric_boost1.42: not-affected (code-not-present)
50
precise_boost1.42: DNE
51
precise/esm_boost1.42: DNE
52
quantal_boost1.42: DNE
58
vivid/stable-phone-overlay_boost1.42: DNE
59
vivid/ubuntu-core_boost1.42: DNE
62
yakkety_boost1.42: DNE
67
upstream: cppcms.com/files/locale/boost_locale_utf.patch
68
upstream_boost1.48: needs-triage
71
oneiric_boost1.48: DNE
72
precise_boost1.48: ignored (reached end-of-life)
73
precise/esm_boost1.48: DNE (precise was needed)
74
quantal_boost1.48: DNE
80
vivid/stable-phone-overlay_boost1.48: DNE
81
vivid/ubuntu-core_boost1.48: DNE
84
yakkety_boost1.48: DNE
89
upstream: cppcms.com/files/locale/boost_locale_utf.patch
90
upstream: https://svn.boost.org/trac/boost/changeset/81590
91
upstream_boost1.49: released (1.49.0-3.2)
94
oneiric_boost1.49: DNE
95
precise_boost1.49: DNE
96
precise/esm_boost1.49: DNE
97
quantal_boost1.49: released (1.49.0-3.1ubuntu1.2)
98
raring_boost1.49: released (1.49.0-3.2ubuntu1)
99
saucy_boost1.49: released (1.49.0-3.2ubuntu1)
100
trusty_boost1.49: DNE
101
utopic_boost1.49: DNE
103
vivid/stable-phone-overlay_boost1.49: DNE
104
vivid/ubuntu-core_boost1.49: DNE
106
xenial_boost1.49: DNE
107
yakkety_boost1.49: DNE
112
upstream: cppcms.com/files/locale/boost_locale_utf.patch
113
upstream_boost1.50: needs-triage
116
oneiric_boost1.50: DNE
117
precise_boost1.50: DNE
118
precise/esm_boost1.50: DNE
119
quantal_boost1.50: ignored (reached end-of-life)
120
raring_boost1.50: DNE
122
trusty_boost1.50: DNE
123
utopic_boost1.50: DNE
125
vivid/stable-phone-overlay_boost1.50: DNE
126
vivid/ubuntu-core_boost1.50: DNE
128
xenial_boost1.50: DNE
129
yakkety_boost1.50: DNE