Patch Release 1.8.0.1 Available
1.8.0.1 is a patch release for 1.8.0 that fixes a file corruption issue in the Zip library caused by a change to Poco::DeflatingStream in 1.8.0. Upgrading is strongly recommended.
1.8.0.1 is a patch release for 1.8.0 that fixes a file corruption issue in the Zip library caused by a change to Poco::DeflatingStream in 1.8.0. Upgrading is strongly recommended.
POCO C++ Libraries release 1.8.0 is available. This release brings Unix Domain Socket support in the Net library, Zip64 support in the Zip library, an XML stream parser API, the new Redis client library, support for connection string URIs in the MongoDB client library and a couple of other improvements and bugfixes. This release still […]
Release 1.7.9p2 of the POCO C++ Libraries is available. This is a minor bugfix release that fixes the Zip testsuite build for non-static builds on Windows platforms. Note that the previous release, 1.7.9p1, fixed a potential vulnerability in the Zip library.
Release 1.7.9p1 fixes a potential vulnerability in the Zip library. The checks Poco::Zip::Decompress performs on an Zip archive entry file name before extracting that file were insufficient. This would allow an attacker to craft a malicious Zip archive containing files with absolute paths, or paths relative to the current user’s home directory on Linux/Unix platforms. […]