pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/46504 CVS commit: [pkgsrc-2012Q1] pkgsrc/geography/mapserver
The following reply was made to PR pkg/46504; it has been noted by GNATS.
From: "Matthias Scheler" <tron%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/46504 CVS commit: [pkgsrc-2012Q1] pkgsrc/geography/mapserver
Date: Sun, 3 Jun 2012 19:25:39 +0000
 Module Name:   pkgsrc
 Committed By:  tron
 Date:          Sun Jun  3 19:25:38 UTC 2012
 
 Modified Files:
        pkgsrc/geography/mapserver [pkgsrc-2012Q1]: Makefile distinfo
 
 Log Message:
 Pullup ticket #3816 - requested by obache
 geography/mapserver: security update
 
 Revisions pulled up:
 - geography/mapserver/Makefile                                  1.34
 - geography/mapserver/distinfo                                  1.7
 
 ---
    Module Name:        pkgsrc
    Committed By:       obache
    Date:               Sat Jun  2 11:16:58 UTC 2012
 
    Modified Files:
        pkgsrc/geography/mapserver: Makefile distinfo
 
    Log Message:
    Update MapServer to 5.6.8.
    PR 46504 By Wen Heping.
 
    Version 5.6.8 (2012-02-08):
    ---------------------------
 
    - Fix security issue with quote escape in WFS GetFeature Filter (#4087)
 
    - Fix segfault on join with postgresql tables (#4074)
 
    - Define Z_BEST_COMPRESSION for newer libpng versions (#4033)
 
    - Fixes to support latest PROJ versions (#4008)
 
    Version 5.6.7 (2011-07-12):
    ---------------------------
 
    IMPORTANT SECURITY FIXES:
 
    -  Fixes to prevent SQL injections through OGC filter encoding (in WMS, WFS
        and SOS), as well as a potential SQL injection in WMS time support.
        Your system may be vulnerable if it has MapServer with OGC protocols
        enabled, with layers connecting to an SQL RDBMS backend, either
        natively or via OGR (#3903)
 
    -  Fixed potentially exploitable buffer overflows in OGC Filter Encoding
        support (#3903)
 
    Other Fixes:
 
    - Fixed PHP/MapScript ms_iogetstdoutbufferbytes() always returning 0 bytes
       written (#3041)
 
    - OGC Filter: fix segfault when a ows_varname_type or wfs_varname_type is
       defined but not a gml_varname_type (#3902)
 
    - Fixed mssql2008 to return correct geometries with chart layer type (#3894)
 
    - Fix segfault with png-inimage exceptions and quantize_force=on (#2903)
 
    - Fix segfault on malformed <PropertyIsLike> filters (#3888)
 
    - Fixed potential crash with AVERAGE resampling and crazy reprojection 
(#3886)
 
    - Fixed segmentation fault on invalid symbol (#3849)
 
    - add support for gml:Box for spatial filters (#3789)
 
    - Fixed false computation of symbol size when used as a brush on line 
(#3760)
 
    - Fixed SQL Spatial to be able to use UniqueIdentifier field as unique key 
(#3722)
 
    - Fixed possible seg. fault when using "OGR:Label*" special attributes 
(#3667)
 
    - Fixed bug with newlines around multipart boundaries in wcs multipart 
(#3672)
 
    Version 5.6.6 (2011-01-17):
    ---------------------------
 
    - SLD: Fix point symbolizer issue when color is not set (#3658)
 
    - Fix WMS EXCEPTIONS parameter issue with fastcgi (#3525)
 
    - Fixed missing time in msDrawMap logging (#3651)
 
    - Fixed Internal error with Oracle Spatial multi point geometries (#3627)
 
    - Fixed double free in shp2img.c (#3497)
 
    - Fixed free(): invalid next size in mapfile.c (#3604)
 
    - Fix for the memory corruption when mapping the string data type in the
       Java bindings (3491)
 
    - Correct wms 1.3.0 latlong bbox error (#2578)
 
    - Fix ProperyIsLike not used efficiently with Oracle (#3557)
 
    - Fixed msOGRGetSymbolId according to the changes in gdal 1.8 (#3556)
 
    - Fixed crash when drawing a map using UNIQUE fid in the layer data (#3271)
 
    - Fixed Oracle Spatial Data gets corrupt (#3541)
 
    - Fixed issue with multiple styles and binding (#3538)
 
    - Fixed multiple include tags not supported in xml mapfiles (#3530)
 
    - Ensure the class is not marked BeforeFieldInit causing memory corruption
       with C#/CLR4 (#3438)
 
    - Fixed MSSQL2008 driver returning invalid extent (#3498)
 
    - Fix computation of shape bounds when the first line contains no points
       (#3119)(fixes #3383)
 
    - Fixed error message tiles on zero-sized map cause memory allocation errors
       in maperror.c. (#3524)
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.33 -r1.33.2.1 pkgsrc/geography/mapserver/Makefile
 cvs rdiff -u -r1.6 -r1.6.14.1 pkgsrc/geography/mapserver/distinfo
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
 
Home |
Main Index |
Thread Index |
Old Index