pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2012Q1] pkgsrc/geography/mapserver

Module Name:    pkgsrc
Committed By:   tron
Date:           Sun Jun  3 19:25:38 UTC 2012

Modified Files:
        pkgsrc/geography/mapserver [pkgsrc-2012Q1]: Makefile distinfo

Log Message:
Pullup ticket #3816 - requested by obache
geography/mapserver: security update

Revisions pulled up:
- geography/mapserver/Makefile                                  1.34
- geography/mapserver/distinfo                                  1.7

   Module Name: pkgsrc
   Committed By:        obache
   Date:                Sat Jun  2 11:16:58 UTC 2012

   Modified Files:
        pkgsrc/geography/mapserver: Makefile distinfo

   Log Message:
   Update MapServer to 5.6.8.
   PR 46504 By Wen Heping.

   Version 5.6.8 (2012-02-08):

   - Fix security issue with quote escape in WFS GetFeature Filter (#4087)

   - Fix segfault on join with postgresql tables (#4074)

   - Define Z_BEST_COMPRESSION for newer libpng versions (#4033)

   - Fixes to support latest PROJ versions (#4008)

   Version 5.6.7 (2011-07-12):


   -  Fixes to prevent SQL injections through OGC filter encoding (in WMS, WFS
       and SOS), as well as a potential SQL injection in WMS time support.
       Your system may be vulnerable if it has MapServer with OGC protocols
       enabled, with layers connecting to an SQL RDBMS backend, either
       natively or via OGR (#3903)

   -  Fixed potentially exploitable buffer overflows in OGC Filter Encoding
       support (#3903)

   Other Fixes:

   - Fixed PHP/MapScript ms_iogetstdoutbufferbytes() always returning 0 bytes
      written (#3041)

   - OGC Filter: fix segfault when a ows_varname_type or wfs_varname_type is
      defined but not a gml_varname_type (#3902)

   - Fixed mssql2008 to return correct geometries with chart layer type (#3894)

   - Fix segfault with png-inimage exceptions and quantize_force=on (#2903)

   - Fix segfault on malformed <PropertyIsLike> filters (#3888)

   - Fixed potential crash with AVERAGE resampling and crazy reprojection 

   - Fixed segmentation fault on invalid symbol (#3849)

   - add support for gml:Box for spatial filters (#3789)

   - Fixed false computation of symbol size when used as a brush on line (#3760)

   - Fixed SQL Spatial to be able to use UniqueIdentifier field as unique key 

   - Fixed possible seg. fault when using "OGR:Label*" special attributes 

   - Fixed bug with newlines around multipart boundaries in wcs multipart 

   Version 5.6.6 (2011-01-17):

   - SLD: Fix point symbolizer issue when color is not set (#3658)

   - Fix WMS EXCEPTIONS parameter issue with fastcgi (#3525)

   - Fixed missing time in msDrawMap logging (#3651)

   - Fixed Internal error with Oracle Spatial multi point geometries (#3627)

   - Fixed double free in shp2img.c (#3497)

   - Fixed free(): invalid next size in mapfile.c (#3604)

   - Fix for the memory corruption when mapping the string data type in the
      Java bindings (3491)

   - Correct wms 1.3.0 latlong bbox error (#2578)

   - Fix ProperyIsLike not used efficiently with Oracle (#3557)

   - Fixed msOGRGetSymbolId according to the changes in gdal 1.8 (#3556)

   - Fixed crash when drawing a map using UNIQUE fid in the layer data (#3271)

   - Fixed Oracle Spatial Data gets corrupt (#3541)

   - Fixed issue with multiple styles and binding (#3538)

   - Fixed multiple include tags not supported in xml mapfiles (#3530)

   - Ensure the class is not marked BeforeFieldInit causing memory corruption
      with C#/CLR4 (#3438)

   - Fixed MSSQL2008 driver returning invalid extent (#3498)

   - Fix computation of shape bounds when the first line contains no points
      (#3119)(fixes #3383)

   - Fixed error message tiles on zero-sized map cause memory allocation errors
      in maperror.c. (#3524)

To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.33.2.1 pkgsrc/geography/mapserver/Makefile
cvs rdiff -u -r1.6 -r1.6.14.1 pkgsrc/geography/mapserver/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index