Bug#734829: pu: package mapserver/6.0.1-3.2+deb7u2
Bas Couwenberg
sebastic at xs4all.nl
Fri Jan 10 03:51:28 UTC 2014
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: pu
Dear Release Team,
The MapServer project has released stable updates for every major
release from 5.6.x up fixing a security issue which allows a potential
leakage of information through an SQL injection when using TIME filtering in
conjunction with PostGIS backends. More information can be found in the
dedicated upstream issue: #4834
https://github.com/mapserver/mapserver/issues/4834
I've included the patch for this minor vulnerability from MapServer 6.0.4 in
the new mapserver 6.0.1-3.2+deb7u2.
Is this acceptable for upload to wheezy-proposed-updates?
Kind Regards,
Bas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mapserver_6.0.1-3.2+deb7u1_6.0.1-3.2+deb7u2.debdiff
Type: text/x-diff
Size: 2111 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-grass-devel/attachments/20140110/8579a35a/attachment.diff>
More information about the Pkg-grass-devel
mailing list