[Bug 398814] Re: security: anyone can make mapserv read or write arbitrary files
Jamie Strandboge
jamie at ubuntu.com
Tue Jul 21 22:45:25 UTC 2009
Per upstream, the .map issue is CVE-2009-0842. Fixed in 5.2.2-1. See:
http://trac.osgeo.org/mapserver/ticket/2941
http://trac.osgeo.org/mapserver/changeset/8805
Per upstream, the other issue should be fixed in the 5.4 series. I've
requested a CVE and the bug reference.
** Visibility changed to: Public
** Bug watch added: trac.osgeo.org/mapserver/ #2941
http://trac.osgeo.org/mapserver/ticket/2941
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0842
--
security: anyone can make mapserv read or write arbitrary files
https://bugs.launchpad.net/bugs/398814
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list