Comment 18 for bug 809133

This bug was fixed in the package mapserver - 5.6.6-1.1ubuntu1

---------------
mapserver (5.6.6-1.1ubuntu1) oneiric; urgency=low

  * SECURITY UPDATE: SQL Injection and buffer overflows (LP: #809133)
    - debian/patches/wfs_sql_injection.dpatch: Fix possible WFS SQL injection
      and buffer overflows in OGC Filter Encoding support. Patch from Natty
      refreshed for Oneiric.
    - http://trac.osgeo.org/mapserver/ticket/3874
    - http://trac.osgeo.org/mapserver/ticket/3903]
    - CVE-2011-2703, CVE-2011-2704
 -- Jamie Strandboge <email address hidden> Fri, 09 Sep 2011 09:46:09 -0500