openSUSE 16.0 mapserver Moderate Buffer Overflow Fix 20476-1
opensuse
April 9, 2026
An update that solves one vulnerability and has one bug fix can now be installed.
Description
This update for mapserver fixes the following issues:
Changes in mapserver:
- Update to release 8.6.1
* msSLDParseRasterSymbolizer: fix potential heap buffer overflow
[boo#1260869] [CVE-2026-33721]
* GetFeatureInfo with IDENTIFY CLASSAUTO: take into account
SYMBOL.ANCHORPOINT
* WCS 2.0: fix issue when input raster in a rotated pole lon/lat
CRS with lon_0> 180
* UVRaster: fix WMS-Time support on layers with TILEINDEX
pointing to a shapefile
* WMS GetCapabilities response: use group title and abstract when
using wms_layer_group instead of GROUP
- Update to release 8.6.0
* Add `CONNECTIONTYPE RASTERLABEL`
* Set `MS_LEGEND_KEYSIZE_MAX` to 1000
* Add 4 new `COMPOSITE.COMPOP` blending operations
* Allow encryption key files to use paths relative to a mapfile
* Allow `use_default_extent_for_getfeature` to be used for OGC
Features API and PostGIS
* Allow append of additional query parameters for OGCAPI
* New MapServer index page
* WMS...
Read the Full Advisory
Topics Covered
Patch
Package List
- openSUSE Leap 16.0:
libjavamapscript-8.6.1-bp160.1.1
libmapserver2-8.6.1-bp160.1.1
mapserver-8.6.1-bp160.1.1
mapserver-devel-8.6.1-bp160.1.1
perl-mapscript-8.6.1-bp160.1.1
php-mapscriptng-8.6.1-bp160.1.1
python313-mapserver-8.6.1-bp160.1.1
References
* bsc#1260869
References:
* https://www.suse.com/security/cve/CVE-2026-33721.html
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2026:20476-1
Rating: moderate
Affected Products:
openSUSE Leap 16.0
-------------------------------------------------------------
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!