Server Release v1.4.4
Release Notes
Introduction
The BOINC development community is pleased to announce a new server release.
These release notes provide an overview of the new features, bugs fixed and any known issues.
The new features included in this release are:
- None
Bugs Fixed
- Sanitize user URLs to prevent XSS attacks
- Don't allow special chars in user names.
- Fixed SQL injection vulnerability.
Please see the git comparison with v1.4.3 for the details.
Known issues
- None
Download
The server release can be obtained with the following commands.
git clone https://github.com/BOINC/boinc.git
cd boinc
git checkout tags/server_release/1.4/1.4.4 -b server_release/1.4.4
The code can then be built as described in the documentation.
./_autosetup
./configure --disable-client --disable-manager
make
Install
To setup a new BOINC server, please follow the guide. If you are new to BOINC please ensure to review the Technical Documentation first.
Upgrade
An existing BOINC server can be upgraded with the upgrade tool.
Change Log
#54950: Web: sanitize user URLs to prevent XSS attacks
#5846: web: don't allow special chars in user names.
#5962: fix vulnerability in yucky consent code