buffer overflow + insecure mapserv CGI command-line debug args
Bug #603593 reported by
Alan Boudreault
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mapserver (Ubuntu) |
Fix Released
|
Critical
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Karmic |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Maverick |
Fix Released
|
Critical
|
Unassigned |
Bug Description
There are two important security bugs in mapserver,
- Buffer overflow in msTmpFile(): http://
- Insecure mapserv CGI command-line debug args: http://
I'm going to create the security fixes for hardy, karmic and lucid.
tags: | added: patch |
Changed in mapserver (Ubuntu Maverick): | |
importance: | Undecided → High |
importance: | High → Critical |
To post a comment you must log in.
Alan, thanks for the heads up and your work on this! When submitting debdiffs please follow https:/ /wiki.ubuntu. com/SecurityTea m/SponsorsQueue #Notes% 20for%20Contrib utors to make sure your patches are published in a timely manner. Thanks!