[Git][debian-gis-team/mapserver][upstream] New upstream version 8.6.3
Bas Couwenberg (@sebastic)
gitlab at salsa.debian.org
Thu May 7 13:54:00 BST 2026
Bas Couwenberg pushed to branch upstream at Debian GIS Project / mapserver
Commits:
f98730a1 by Bas Couwenberg at 2026-05-07T14:46:16+02:00
New upstream version 8.6.3
- - - - -
7 changed files:
- CITATION.cff
- CMakeLists.txt
- HISTORY.md
- INSTALL.md
- INSTALL.CMAKE → INSTALL_CMAKE.md
- src/mapogcsld.cpp
- src/maporaclespatial.c
Changes:
=====================================
CITATION.cff
=====================================
@@ -1,8 +1,8 @@
cff-version: 1.2.0
title: MapServer
message: If you use this software, please cite it using the metadata from this file.
-version: 8.6.2
-date-released: 2026-04-19
+version: 8.6.3
+date-released: 2026-05-07
abstract: MapServer is an Open Source platform for publishing spatial data and interactive mapping applications to the web.
type: software
authors:
=====================================
CMakeLists.txt
=====================================
@@ -17,7 +17,7 @@ include(CheckCSourceCompiles)
set (MapServer_VERSION_MAJOR 8)
set (MapServer_VERSION_MINOR 6)
-set (MapServer_VERSION_REVISION 2)
+set (MapServer_VERSION_REVISION 3)
set (MapServer_VERSION_SUFFIX "")
# Set C++ version
=====================================
HISTORY.md
=====================================
@@ -13,6 +13,15 @@ https://mapserver.org/development/changelog/
The online Migration Guide can be found at https://mapserver.org/MIGRATION_GUIDE.html
+8.6.3 release (2026-05-07)
+--------------------------
+
+- security: fix out of bounds access on SLD with only a Rule with a ElseFilter but without a symbolizer (#7497)
+
+- Oracle: revert change regarding case insensitive ogc filters (#7493)
+
+- Oracle: revert change regarding adding subquery to apply sortBy before rownum paging (#7491)
+
8.6.2 release (2026-04-19)
--------------------------
=====================================
INSTALL.md
=====================================
@@ -4,7 +4,7 @@ instructions.
Unix compilation instructions
-----------------------------
-See [INSTALL.CMAKE](INSTALL.CMAKE) or the document on the MapServer website at
+See [INSTALL_CMAKE.md](INSTALL_CMAKE.md) or the document on the MapServer website at
https://mapserver.org/installation/unix.html
Win32 compilation instructions
=====================================
INSTALL.CMAKE → INSTALL_CMAKE.md
=====================================
@@ -1,43 +1,39 @@
-CMake Build Instructions
-========================
+# CMake Build Instructions
-Since version 6.4, MapServer is built with the CMake build tool instead of the
-previous autotools chain. CMake is opensource and free of charge and is usually
-included in distribution packages, or can be downloaded and compiled with no
-third party dependencies.
+Since version 6.4, MapServer must be built using the [CMake](https://cmake.org)
+build tool, instead of the previous autotools chain. CMake is Open Source,
+free of charge, and is usually included in distribution packages, or can be
+downloaded and compiled with no third party dependencies.
CMake itself does not do the actual compiling of the MapServer source code, it
mainly creates platform specific build files that can then be used by standard
-build utilities (make on unixes, visual studio on windows, xcode on osx, etc...)
+build utilities (make on Unix, Visual Studio on Windows, Xcode on OSX, etc...)
-Install CMake
--------------
+## Install CMake
-MapServer now requires at least CMake version 3.0, although the CMake process was
+MapServer requires at least CMake version 3.16, although the CMake process was
first implemented in MapServer 6.4 with CMake 2.6.0.
-Distro Packaged Version
-.......................
+### Distro Packaged Version
Linux distributions usually include the cmake package, that can be installed
with your usual package manager: apt-get, yum, yast, etc...
-Installing Your Own
-...................
+### Installing Your Own
-Head over to http://www.cmake.org/cmake/resources/software.html to download
-a source tarball (for unixes) or a binary installer (for windows).
-If you are building from source, the build process is detailed in the tarball
-readme files, and consists only in
+Head over to https://cmake.org/download/ to download
+a source tarball (for unixes) or a binary installer (for Windows).
+If you are building CMake from source, the build process is detailed in the
+tarball readme files, such as:
+```bash
$ tar xzf cmake-x.y.z.tar.gz
$ cd cmake-x.y.z
$ ./bootstrap
$ make
# make install
+```
-
-Creating the MapServer platform specific project with CMake
------------------------------------------------------------
+## Creating the MapServer platform specific project with CMake
Although you can run and build from MapServer's source directory as created
by downloading a tarball or using a git clone, it is **highly** recommended
@@ -46,29 +42,30 @@ created in a different directory than the actual MapServer sources. This allows
to have different configurations running alongside each other (e.g. release and
debug builds, cross-compiling, enabled features, etc...).
-Running CMake From the Command Line
-...................................
+### Running CMake From the Command Line
+```bash
mkdir build
cd build
cmake ..
## fix dependency issues
make
+```
-Running the GUI version of cmake
-................................
+### Running the GUI version of cmake
CMake can be run in graphical mode, in which case the list of available options
-are presented in a more user-friendly manner
+are presented in a more user-friendly manner, such as:
+```bash
mkdir build
cd build
ccmake ..
## follow instructions, fix dependency issues
make
+```
-Options and Dependencies
-........................
+### Options and Dependencies
Depending on what packages are available in the default locations of your system,
the previous "cmake .." step will most probably have failed with messages indicating
@@ -78,8 +75,10 @@ next, depending on whether the failed dependency is a feature you require in you
or not.
- Either disable the dependency by rerunning cmake with -DWITH_DEPENDENCY=0, e.g.
-
+
+ ```bash
$ cmake .. -DWITH_CAIRO=0
+ ```
- Or, if the failed dependency relates to a feature you want built in, and that cmake has
not been able to find it's installation location, there are 3 possible reasons:
@@ -89,93 +88,106 @@ or not.
with it's development headers. The development packages on linux usually end with
"-dev" or "-devel", e.g. libcairo2-devel , libpng-dev, etc...
+ ```bash
$ (sudo) apt-get install libcairo-dev
$ cmake ..
+ ```
- 2 You have installed the third party package in a non standard location, which you
- must give to cmake so it can find the required headers and libraries
+ 2 You have installed the third party package in a non-standard location, which you
+ must give to cmake so it can find the required headers and libraries:
+ ```bash
$ cmake .. -DCMAKE_PREFIX_PATH=/opt/cairo-1.18.2
+ ```
- Cmake expects these nonstandard prefixes to contain standard subdirectories, i.e.
+ CMake expects these non-standard prefixes to contain standard subdirectories, i.e.
/opt/cairo-1.18.2/include/cairo.h and /opt/cairo-1.18.2/lib/libcairo.so.
You can specify multiple prefixes on the cmake command line by separating them with
the platform specific separator (e.g. ":" on unixes), e.g.
+ ```bash
$ cmake .. -DCMAKE_PREFIX_PATH=/opt/cairo-1.18.2:/opt/freeware
+ ```
3 If you're certain that the packages development headers are installed, and/or that
you pointed to a valid installation prefix, but cmake is still failing, then there's
an issue with MapServer's cmake setup, and you can bring this up on the
mailing list or issue tracker.
-Available Options
------------------
+## Available Options
-Following is a list of option, taken from MapServer's CMakeLists.txt configuration file.
-After the description of the option, the ON/OFF flag states if the option is enabled by
-default (in which case the cmake step will fail if the dependency cannot be found). All
-of these can be enabled or disabled by passing "-DWITH_XXX=0" or "-DWITH_XXX=1" to the
-"cmake .." invocation in order to override a default selection.
+The following is a list of options, taken from MapServer's [CMakeLists.txt](https://github.com/MapServer/MapServer/blob/main/CMakeLists.txt)
+configuration file. After the description of the option, the ON/OFF flag states
+if the option is enabled by default (in which case the cmake step will fail if
+the dependency cannot be found). All of these can be enabled or disabled by
+passing `"-DWITH_XXX=0"` or `"-DWITH_XXX=1"` to the `"cmake .."` invocation
+in order to override a default selection.
This Readme file may be out of sync with the actual CMakeLists files shipped.
Refer to the CMakeLists.txt file for up-to-date options.
- - option(WITH_PROJ "Choose if reprojection support should be built in" ON)
- - option(WITH_KML "Enable native KML output support (requires libxml2 support)" OFF)
- - option(WITH_SOS "Enable SOS Server support (requires PROJ and libxml2 support)" OFF)
- - option(WITH_WMS "Enable WMS Server support (requires proj support)" ON)
- - option(WITH_FRIBIDI "Choose if FriBidi glyph reordering should be enabled (useful for right-to-left languages)(requires harfbuzz)" ON)
- - option(WITH_HARFBUZZ "Choose if Harfbuzz complex script glyph shaping support should be built in (requires fribidi)" ON)
- - option(WITH_ICONV "Choose if Iconv Internationalization support should be built in" ON)
- - option(WITH_CAIRO "Choose if CAIRO rendering support should be built in (required for SVG and PDF output)" ON)
- - option(WITH_SVGCAIRO "Choose if SVG symbology support (via libsvgcairo) should be built in (requires cairo, libsvg, libsvg-cairo. Incompatible with librsvg)" OFF)
- - option(WITH_RSVG "Choose if SVG symbology support (via librsvg) should be built in (requires cairo, librsvg. Incompatible with libsvg-cairo)" OFF)
- - option(WITH_MYSQL "Choose if MYSQL joining support should be built in" OFF)
- - option(WITH_FCGI "Choose if FastCGI support should be built in" ON)
- - option(WITH_GEOS "Choose if GEOS geometry operations support should be built in" ON)
- - option(WITH_POSTGIS "Choose if Postgis input support should be built in" ON)
- - option(WITH_GDAL "Choose if GDAL input raster support should be built in" ON)
- - option(WITH_OGR "Choose if OGR/GDAL input vector support should be built in" ON)
- - option(WITH_CURL "Enable Curl HTTP support (required for wms/wfs client, remote SLDs and pixmap symbols)" OFF)
- - option(WITH_CLIENT_WMS "Enable Client WMS Layer support (requires CURL and GDAL support)" OFF)
- - option(WITH_CLIENT_WFS "Enable Client WMS Layer support (requires CURL and OGR support)" OFF)
- - option(WITH_WFS "Enable WFS Server support (requires PROJ and OGR support)" ON)
- - option(WITH_WCS "Enable WCS Server support (requires PROJ and GDAL support)" ON)
- - option(WITH_LIBXML2 "Choose if libxml2 support should be built in (used for sos, wcs 1.1,2.0 and wfs 1.1)" ON)
- - option(WITH_THREAD_SAFETY "Choose if a thread-safe version of libmapserver should be built (only recommended for some mapscripts)" OFF)
- - option(WITH_GIF "Enable GIF support (for PIXMAP loading)" ON)
- - option(WITH_PYTHON "Enable Python mapscript support" OFF)
- - option(WITH_PHP "Enable PHP mapscript support" OFF)
- - option(WITH_PERL "Enable Perl mapscript support" OFF)
- - option(WITH_RUBY "Enable Ruby mapscript support" OFF)
- - option(WITH_JAVA "Enable Java mapscript support" OFF)
- - option(WITH_CSHARP "Enable C# mapscript support" OFF)
- - option(WITH_ORACLESPATIAL "include oracle spatial database input support" OFF)
- - option(WITH_ORACLE_PLUGIN "include oracle spatial database input support as plugin" OFF)
- - option(WITH_MSSQL2008 "include mssql 2008 database input support as plugin" OFF)
- - option(WITH_SDE_PLUGIN "include ArcSDE support as a plugin (must specify SDE_INCLUDE_DIR and SDE_LIBRARY_DIR)." OFF)
- - option(WITH_SDE "include ArcSDE support. Add -DSDE_VERSION=91 to use 9.1 arcSDE version" OFF)
- - option(WITH_EXEMPI "include xmp output metadata support" OFF)
- - option(WITH_XMLMAPFILE "include native xml mapfile support (requires libxslt/libexslt)" OFF)
- - option(WITH_V8 "include javascript v8 scripting" OFF)
-
+ - `WITH_PROTOBUFC`: Choose if protocol buffers support should be built in (required for vector tiles) `(ON)`
+ - `WITH_KML`: Enable native KML output support (requires libxml2 support) `(OFF)`
+ - `WITH_SOS`: Enable SOS Server support (requires PROJ and libxml2 support) `(OFF)`
+ - `WITH_WMS`: Enable WMS Server support (requires PROJ support) `(ON)`
+ - `WITH_FRIBIDI`: Choose if FriBidi glyph shaping support should be built in (useful for right-to-left languages) (requires HARFBUZZ) `(ON)`
+ - `WITH_HARFBUZZ`: Choose if Harfbuzz complex text layout should be included (needed for e.g. arabic and hindi) (requires FRIBIDI) `(ON)`
+ - `WITH_ICONV`: Choose if Iconv Internationalization support should be built in `(ON)`
+ - `WITH_CAIRO`: Choose if CAIRO rendering support should be built in (required for SVG and PDF output) `(ON)`
+ - `WITH_SVGCAIRO`: Choose if SVG symbology support (via libsvgcairo) should be built in (requires cairo, libsvg, libsvg-cairo. Incompatible with librsvg) `(OFF)`
+ - `WITH_RSVG`: Choose if SVG symbology support (via librsvg) should be built in (requires cairo, librsvg. Incompatible with libsvg-cairo) `(OFF)`
+ - `WITH_MYSQL`: Choose if MYSQL joining support should be built in `(OFF)`
+ - `WITH_FCGI`: Choose if FastCGI support should be built in `(ON)`
+ - `WITH_GEOS`: Choose if GEOS geometry operations support should be built in `(ON)`
+ - `WITH_POSTGIS`: Choose if Postgis input support should be built in `(ON)`
+ - `WITH_CLIENT_WMS`: Enable Client WMS Layer support (requires CURL) `(OFF)`
+ - `WITH_CLIENT_WFS`: Enable Client WMS Layer support (requires CURL) `(OFF)`
+ - `WITH_CURL`: Enable Curl HTTP support (required for wms/wfs client, and remote SLD) `(OFF)`
+ - `WITH_WFS`: Enable WFS Server support (requires PROJ and OGR support) `(ON)`
+ - `WITH_WCS`: Enable WCS Server support (requires PROJ and GDAL support) `(ON)`
+ - `WITH_OGCAPI`: Enable OGCAPI Server support (requires PROJ and OGR support) `(ON)`
+ - `WITH_LIBXML2`: Choose if libxml2 support should be built in (used for sos, wcs 1.1,2.0 and wfs 1.1) `(ON)`
+ - `WITH_THREAD_SAFETY`: Choose if a thread-safe version of libmapserver should be built (only recommended for some mapscripts) `(OFF)`
+ - `WITH_GIF`: Enable GIF support (for PIXMAP loading) `(ON)`
+ - `WITH_PYTHON`: Enable Python mapscript support `(OFF)`
+ - `WITH_PHPNG`: Enable PHPNG (SWIG) mapscript support `(OFF)`
+ - `WITH_PERL`: Enable Perl mapscript support `(OFF)`
+ - `WITH_RUBY`: Enable Ruby mapscript support `(OFF)`
+ - `WITH_JAVA`: Enable Java mapscript support `(OFF)`
+ - `WITH_CSHARP`: Enable C# mapscript support `(OFF)`
+ - `WITH_ORACLESPATIAL`: include oracle spatial database input support `(OFF)`
+ - `WITH_ORACLE_PLUGIN`: include oracle spatial database input support as plugin `(OFF)`
+ - `WITH_MSSQL2008`: include mssql 2008 database input support as plugin `(OFF)`
+ - `WITH_EXEMPI`: include xmp output metadata support `(OFF)`
+ - `WITH_XMLMAPFILE`: include native xml mapfile support (requires libxslt/libexslt) `(OFF)`
+ - `WITH_V8`: include javascript v8 scripting `(OFF)`
+ - `WITH_PIXMAN`: use (experimental) support for pixman for layer compositing operations `(OFF)`
+ - `INSTALL_HTML_BOOTSTRAP`: Whether to install HTML Bootstrap resources for OGCAPIs `(ON)`
The following options are for advanced users, i.e. you should not enable them unless
you know what you are doing:
- - option(BUILD_STATIC "Also build a static version of mapserver" OFF)
- - option(LINK_STATIC_LIBMAPSERVER "Link to static version of libmapserver (also for mapscripts)" OFF)
- - option(WITH_APACHE_MODULE "include (experimental) support for apache module" OFF)
- - option(WITH_GENERIC_NINT "generic rounding" OFF)
+ - `BUILD_STATIC`: Also build a static version of mapserver `(OFF)`
+ - `LINK_STATIC_LIBMAPSERVER`: Link to static version of libmapserver (also for mapscripts) `(OFF)`
+ - `WITH_APACHE_MODULE`: include (experimental) support for apache module `(OFF)`
+ - `WITH_GENERIC_NINT`: generic rounding `(OFF)`
+ - `WITH_PYMAPSCRIPT_ANNOTATIONS`: Add annotations to Python mapscript output `(OFF)`
+ - `FUZZER`: Build fuzzers using libFuzzer (requires Clang, will disable executable - mapserv, etc. - generation) `(OFF)`
+ - `BUILD_FUZZER_REPRODUCER`: Build fuzzer reproducer programs `(ON)`
The following are some common CMake options not specific to MapServer itself:
- - CMAKE_INSTALL_PREFIX : path where mapserver binaries and libraries should be installed. Defaults
+ - `CMAKE_INSTALL_PREFIX`: path where mapserver binaries and libraries should be installed. Defaults
to /usr/local on unix.
- - CMAKE_PREFIX_PATH : platform-specific separator separated list of prefixes where dependencies will be looked for, e.g.
- "-DCMAKE_PREFIX_PATH=/opt/freeware:/opt/jdk-1.5.6"
- - CMAKE_BUILD_TYPE : Specify the build type. Usually one of 'Debug' or 'Release', e.g.
- "-DCMAKE_BUILD_TYPE=Release" "-DCMAKE_BUILD_TYPE=Debug"
-
-You can find a more extensive list of cmake variables here: http://www.cmake.org/Wiki/CMake_Useful_Variables
+ - `CMAKE_PREFIX_PATH`: platform-specific separator separated list of prefixes where dependencies will be looked for, e.g.
+ ```bash"
+ -DCMAKE_PREFIX_PATH=/opt/freeware:/opt/jdk-1.5.6"
+ ```
+ - `CMAKE_BUILD_TYPE`: Specify the build type. Usually one of 'Debug' or 'Release', e.g.
+ ```bash
+ "-DCMAKE_BUILD_TYPE=Release"
+ or
+ "-DCMAKE_BUILD_TYPE=Debug"
+ ```
+
+You can find a more extensive list of CMake variables here: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html
=====================================
src/mapogcsld.cpp
=====================================
@@ -930,9 +930,17 @@ static void msSLDParseUserStyle(CPLXMLNode *psUserStyle, layerObj *psLayer) {
LOOP_ON_CHILD_ELEMENT(psFeatureTypeStyle, psRule, "Rule") {
CPLXMLNode *psElseFilter = CPLGetXMLNode(psRule, "ElseFilter");
if (psElseFilter) {
+ const int nNumClassesBeforeRule = psLayer->numclasses;
msSLDParseRule(psRule, psLayer, pszUserStyleName);
- _SLDApplyRuleValues(psRule, psLayer, 1);
- psLayer->_class[psLayer->numclasses - 1]->isfallback = TRUE;
+ const int nNumClassesAfterRule = psLayer->numclasses;
+ const int nNumClassesAdded =
+ nNumClassesAfterRule - nNumClassesBeforeRule;
+ if (nNumClassesAdded > 0) {
+ _SLDApplyRuleValues(psRule, psLayer, nNumClassesAdded);
+ for (int i = 0; i < nNumClassesAdded; ++i) {
+ psLayer->_class[psLayer->numclasses - 1 - i]->isfallback = TRUE;
+ }
+ }
}
}
}
=====================================
src/maporaclespatial.c
=====================================
@@ -4334,12 +4334,9 @@ int msOracleSpatialLayerTranslateFilter(layerObj *layer, expressionObj *filter,
native_string = msStringConcatenate(native_string, snippet);
if (ieq == MS_TRUE) {
native_string = msStringConcatenate(native_string, "$");
- }
- native_string = msStringConcatenate(native_string, "'");
- if (ieq == MS_TRUE) {
- native_string = msStringConcatenate(native_string, ")");
ieq = MS_FALSE;
}
+ native_string = msStringConcatenate(native_string, "'");
msFree(snippet);
break;
case MS_TOKEN_LITERAL_BOOLEAN:
View it on GitLab: https://salsa.debian.org/debian-gis-team/mapserver/-/commit/f98730a109ac4bec3c0dc2b24a3bdaa65e2e2bbd
--
View it on GitLab: https://salsa.debian.org/debian-gis-team/mapserver/-/commit/f98730a109ac4bec3c0dc2b24a3bdaa65e2e2bbd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grass-devel/attachments/20260507/013f8118/attachment-0001.htm>
More information about the Pkg-grass-devel
mailing list