Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in MapServer
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in MapServer
ID: FEDORA-2014-17567
Distribution: Fedora
Plattformen: Fedora 21
Datum: Fr, 20. März 2015, 00:01
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7262

Originalnachricht

Name        : mapserver
Product : Fedora 21
Version : 6.2.2
Release : 1.fc21
URL : http://www.mapserver.org
Summary : Environment for building spatially-enabled internet applications
Description :
Mapserver is an internet mapping program that converts GIS data to
map images in real time. With appropriate interface pages,
Mapserver can provide an interactive internet map based on
custom GIS data.

-------------------------------------------------------------------------------
-
Update Information:

Update to latest 6.2 release
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Dec 23 2014 Pavel Lisý <pali@fedoraproject.org> - 6.2.2-1
- Update to latest 6.2 release
- BZ 1048689 - CVE-2013-7262 mapserver: SQL injections with postgis TIME
filters
- BZ 747409 - MapServer uses internal AGG and does not depend on agg-devel
* Tue Aug 26 2014 Jitka Plesnikova <jplesnik@redhat.com> - 6.2.1-10
- Perl 5.20 rebuild
- Regenerated the wrapper to work with new Perl
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1048689 - CVE-2013-7262 mapserver: SQL injections with postgis
TIME filters [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1048689
[ 2 ] Bug #747409 - Port from ELGIS: Simplfy spec
https://bugzilla.redhat.com/show_bug.cgi?id=747409
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update mapserver' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung