Fedora 10: 5.2.2-1 Critical Update: Mapserver CGI Issues Resolved

Mapserver is an internet mapping program that converts GIS data to

map images in real time. With appropriate interface pages,

Mapserver can provide an interactive internet map based on

custom GIS data.

The releases contain fixes for issues discovered in an audit of the CGI by a 3rd

party (tickets #2939, #2941, #2942, #2943 and #2944). The issues are detailed

at: https://mapserver.org

https://mapserver.org

https://mapserver.org

https://mapserver.org

https://mapserver.org Also provided is support for

RFC-56 that addresses tightening up the control of access to mapfiles and

templates: https://mapserver.org/development/rfc/ms-rfc-56.html

* Sun Apr 5 2009 Devrim GUNDUZ - 5.2.2-1

- Update to 5.2.2 which fixes :

CVE-2009-0839, CVE-2009-0840, CVE-2009-0841, CVE-2009-0842,

CVE-2009-0843, CVE-2009-1176, CVE-2009-1177.

* Sun Dec 7 2008 Balint Cristian 5.2.1-2

- enable agg render engine

- enable fribidi renderer

- build require agg-devel fribidi-devel

* Mon Dec 1 2008 Balint Cristian 5.2.1-1

- new stable upstream

* Sat Nov 29 2008 Ignacio Vazquez-Abrams - 5.2.0-2

- Rebuild for Python 2.6

[ 1 ] Bug #493364 - mapserver: multiple security fixes in 5.2.2 and 4.10.4 (CVE-2009-0839, CVE-2009-0840, CVE-2009-0841, CVE-2009-0842, CVE-2009-0843, CVE-2009-1176, CVE-2009-1177)

https://bugzilla.redhat.com/show_bug.cgi?id=493364

su -c 'yum update mapserver' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/