Ubuntu
mapserver package

Branches for Intrepid

Name Status Last Modified Last Commit
lp:ubuntu/intrepid/mapserver 2 Mature 2009-08-18 21:49:09 UTC
21. Turning off optimization in debian/ru...

Author: Francesco Paolo Lovergine
Revision Date: 2008-06-23 16:59:43 UTC

Turning off optimization in debian/rules due to serious breakage of mapserver
with GCC 4.3. (closes: #487679)
lp:ubuntu/intrepid-security/mapserver 2 Mature 2009-08-20 18:34:02 UTC
22. * SECURITY UPDATE: stack-based buffer...

Author: Alan Boudreault
Revision Date: 2009-07-23 08:53:05 UTC

* SECURITY UPDATE: stack-based buffer overflow (LP: #398814)
  - debian/patches/01_CVE-2009-0839.dpatch: Apply a regex pattern
    to limit an id's value.
  - CVE-2009-0839
* SECURITY UPDATE: heap-based buffer underflow (LP: #398814)
  - debian/patches/02_CVE-2009-840-CVE-2009-2281.dpatch: Add validation for
    a post request and the content-length.
  - CVE-2009-0840, CVE-2009-2281
* SECURITY UPDATE: relative file path writing (LP: #398814)
  - debian/patches/03_CVE-2009-0841.dpatch: Limit the buffer size.
  - CVE-2009-0841
* SECURITY UPDATE: file data leakage (LP: #398814)
  - debian/patches/04_CVE-2009-0842.dpatch: Set MAP/SYMBOLSET tag as mandatory.
  - CVE-2009-0842
* SECURITY UPDATE: file existence leakage (LP: #398814)
  - debian/patches/05_CVE-2009-0843.dpatch: Add regex validation for the file extension.
  - CVE-2009-0843
* SECURITY UPDATE: paths specified in url vulnerabilities.
  - debian/patches/06_urlpath.dpatch: Disable the variable overwriting from URL of a
    few variables.
  - [http://trac.osgeo.org/mapserver/ticket/1836]
lp:ubuntu/intrepid-updates/mapserver bug 2 Mature 2009-08-20 18:36:08 UTC
22. * SECURITY UPDATE: stack-based buffer...

Author: Alan Boudreault
Revision Date: 2009-07-23 08:53:05 UTC

* SECURITY UPDATE: stack-based buffer overflow (LP: #398814)
  - debian/patches/01_CVE-2009-0839.dpatch: Apply a regex pattern
    to limit an id's value.
  - CVE-2009-0839
* SECURITY UPDATE: heap-based buffer underflow (LP: #398814)
  - debian/patches/02_CVE-2009-840-CVE-2009-2281.dpatch: Add validation for
    a post request and the content-length.
  - CVE-2009-0840, CVE-2009-2281
* SECURITY UPDATE: relative file path writing (LP: #398814)
  - debian/patches/03_CVE-2009-0841.dpatch: Limit the buffer size.
  - CVE-2009-0841
* SECURITY UPDATE: file data leakage (LP: #398814)
  - debian/patches/04_CVE-2009-0842.dpatch: Set MAP/SYMBOLSET tag as mandatory.
  - CVE-2009-0842
* SECURITY UPDATE: file existence leakage (LP: #398814)
  - debian/patches/05_CVE-2009-0843.dpatch: Add regex validation for the file extension.
  - CVE-2009-0843
* SECURITY UPDATE: paths specified in url vulnerabilities.
  - debian/patches/06_urlpath.dpatch: Disable the variable overwriting from URL of a
    few variables.
  - [http://trac.osgeo.org/mapserver/ticket/1836]
13 of 3 results FirstPreviousNextLast