Re: [boost] [beast] Security

On Wed, Dec 13, 2017 at 8:21 AM, Vinnie Falco via Boost < boost@lists.boost.org> wrote:

On Tue, Dec 12, 2017 at 8:57 PM, Marshall Clow via Boost wrote:

...

I can heartily recommend the project OSS-Fuzz. https://github.com/google/oss-fuzz

Lets not bury the lede here. It is great that I have personally fuzzed Beast and written extensive tests with high coverage but the point of the report is that Beast has been investigated by an impartial third party who specializes in security reviews.

That is indeed a very good development. I wish other libraries could get such security treatment. It might be worth investigating if we can get sponsors to perform such audits on other libraries in exchange for a mention along side the audit report. -- -- Rene Rivera -- Grafik - Don't Assume Anything -- Robot Dreams - http://robot-dreams.net