Fedora 41: mapserver 8.4.1 Critical SQL Injection Fix CVE-2025-59431

fedora

October 1, 2025

Update to mapserver-8.4.1, fixes CVE-2025-59431.

Summary

Mapserver is an internet mapping program that converts GIS data to

map images in real time. With appropriate interface pages,

Mapserver can provide an interactive internet map based on

custom GIS data.

Update Information:

Update to mapserver-8.4.1, fixes CVE-2025-59431.

Topics Covered

security advisory SQL Injection fedora update critical mapserver

Change Log

* Mon Sep 22 2025 Sandro Mani - 8.4.1-1 - Update to 8.4.1 * Tue Jul 29 2025 Sandro Mani - 8.4.0-5 - Rebuild (gdal) * Thu Jul 24 2025 Fedora Release Engineering - 8.4.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jul 7 2025 Jitka Plesnikova - 8.4.0-3 - Perl 5.42 rebuild * Mon Jun 2 2025 Python Maint - 8.4.0-2 - Rebuilt for Python 3.14 * Sat Jan 25 2025 Sandro Mani - 8.4.0-1 - Update to 8.4.0 * Fri Jan 17 2025 Fedora Release Engineering - 8.2.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Jan 8 2025 Mamoru TASAKA - 8.2.2-5 - Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.4 * Sat Nov 9 2024 Sandro Mani - 8.2.2-4 - Rebuild (GDAL) * Fri Nov 8 2024 Sandro Mani - 8.2.2-3 - Rebuild (gdal) * Mon Oct 14 2024 Remi Collet - 8.2.2-2 - rebuild for https://fedoraproject.org/wiki/Changes/php84 * Tue Sep 3 2024 Neil Hanlon - 8.2.2-1 - update to 8.2.2 * Tue Aug 20 2024 Neil Hanlon - 8.2.1-1 - update to 8.2.1 - bring in patch for zero-size malloc and buffer overflow

References

[ 1 ] Bug #2397021 - CVE-2025-59431 mapserver: MapServer SQL injection [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2397021 [ 2 ] Bug #2397022 - CVE-2025-59431 mapserver: MapServer SQL injection [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397022

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2b5c69ffe6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: mapserver

Product: Fedora 41

Version: 8.4.1

Release: 1.fc41

URL: http://www.mapserver.org

Summary: Environment for building spatially-enabled internet applications

Topics Covered

security advisory SQL Injection fedora update critical mapserver

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 41: mapserver 8.4.1 Critical SQL Injection Fix CVE-2025-59431

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 41: mapserver 8.4.1 Critical SQL Injection Fix CVE-2025-59431

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!