lp:ubuntu/hardy-updates/mapserver
- Get this branch:
- bzr branch lp:ubuntu/hardy-updates/mapserver
Branch merges
Branch information
Recent revisions
- 20. By Alan Boudreault
-
* SECURITY UPDATE: SQL Injection and buffer overflows (LP: #809133)
- debian/patches/ 09_wfs_ sql_injection. dpatch: Fix possible WFS
SQL injection and buffer overflows in OGC Filter Encoding
support. [http://trac.osgeo. org/mapserver/ ticket/ 3874]
[http://trac.osgeo. org/mapserver/ ticket/ 3903]
- CVE-2011-2703, CVE-2011-2704 - 19. By Alan Boudreault
-
* SECURITY UPDATE: Buffer overflow in msTmpFile function (LP: #603593)
- debian/patches/ 07_mstmpfile. dpatch: Fix the buffer overflow.
[http://trac.osgeo. org/mapserver/ ticket/ 3484]
* SECURITY UPDATE: Insecure CGI command-line debug args (LP: #603593)
- debian/patches/ 08_cl_debug_ args.dpatch: Disable insecure mapserv
CGI command-line debug args.
[http://trac.osgeo. org/mapserver/ ticket/ 3485] - 18. By Alan Boudreault
-
* SECURITY UPDATE: stack-based buffer overflow (LP: #398814)
- debian/patches/ 01_CVE- 2009-0839. dpatch: Apply a regex pattern
to limit an id's value.
- CVE-2009-0839
* SECURITY UPDATE: heap-based buffer underflow (LP: #398814)
- debian/patches/ 02_CVE- 2009-840- CVE-2009- 2281.dpatch: Add validation for
a post request and the content-length.
- CVE-2009-0840, CVE-2009-2281
* SECURITY UPDATE: relative file path writing (LP: #398814)
- debian/patches/ 03_CVE- 2009-0841. dpatch: Limit the buffer size.
- CVE-2009-0841
* SECURITY UPDATE: file data leakage (LP: #398814)
- debian/patches/ 04_CVE- 2009-0842. dpatch: Set MAP/SYMBOLSET tag as mandatory.
- CVE-2009-0842
* SECURITY UPDATE: file existence leakage (LP: #398814)
- debian/patches/ 05_CVE- 2009-0843. dpatch: Add regex validation for the file extension.
- CVE-2009-0843
* SECURITY UPDATE: paths specified in url vulnerabilities.
- debian/patches/ 06_urlpath. dpatch: Disable the variable overwriting from URL of a
few variables.
- [http://trac.osgeo. org/mapserver/ ticket/ 1836] - 17. By Fabio Tranchitella
-
* debian/
php5-mapscript. postinst: fixed a typo. (Closes: #446985)
* debian/patches/ 20_php_ build.dpatch: removed. (Closes: #447814)
* debian/po/gl.po: added. (Closes: #447939)
* debian/po/fr.po: added. (Closes: #448821) - 16. By Fabio Tranchitella
-
debian/rules, debian/controls: new patch for the ruby bindings, which
follows the ruby policy draft. - 15. By Andreas Putzo
-
[ Andreas Putzo ]
* New upstream release.
- Fixed XSS vulnerabilities.
[http://trac.osgeo. org/mapserver/ ticket/ 2256]
- Fixed possible buffer overflow in template processing.
[http://trac.osgeo. org/mapserver/ ticket/ 2252]
(Closes: #439346)
* Added myself to Uploaders.
* Debconf templates and debian/control reviewed by the debian-l10n-
english team as part of the Smith review project. Closes: #433710
* Debconf translation updates:
- Galician. Closes: #434326
- Tamil. Closes: #434401
- Russian. Closes: #434406
- Portuguese. Closes: #434438
- German. Closes: #434653
- Vietnamese. Closes: #434758
- French. Closes: #435933
- Czech. Closes: #436280
- Dutch. Closes: #436853 - 14. By Fabio Tranchitella
-
[ Francesco Paolo Lovergine ]
* New upstream release.
(closes: #412836)
* Fixed PHP case in long descriptions.
(closes: #425987)[ Fabio Tranchitella ]
* debian/README. Debian: added a note about PHP and FCGI support.
(Closes: #425571) - 12. By Francesco Paolo Lovergine
-
[ Francesco Paolo Lovergine ]
* debian/po/nl.po added. (closes: #415504)
* Moved to gdal 1.4.1 dependency. (closes: #424635, #423538)
* Removed php4 support (closes: #418313)
* Updated long descriptions.
* Removed Thomas Sondag among Uploaders (last contribute dated more than 2 years ago).
* Moved to libcurl4 build-deps.
* Added a debian/README.etch for notes on backporting.
* Moved to debhelper compatibility level 5.
* Removed superfluous dh_python in debian/rules.
* A new debian/control.etch file has been introduced to retain etch compatibility.
All php4 related files have been maintained for the same reason. Please, don't remove them!
* Merging other relevant patches from BSP NMU 4.10.0-6.1. Thanks Luk Claes.
- Fixed package priority to meet overrides
- Fix language in description (closes: #416449)
- Add Dutch debconf translation (closes: #415504)[ Fabio Tranchitella ]
* New upstream release. - 11. By Michael Bienia
-
* Don't build a php4 module anymore.
* debian/control: Change Maintainer/XSBC-Original- Maintainer field.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/mapserver