Ubuntu
mapserver package

  1. Intrepid (8.10)
  2. Bug #398814
  3. Comment #5

Comment 5 for bug 398814

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Per upstream, the .map issue is CVE-2009-0842. Fixed in 5.2.2-1. See:
http://trac.osgeo.org/mapserver/ticket/2941
http://trac.osgeo.org/mapserver/changeset/8805

Per upstream, the other issue should be fixed in the 5.4 series. I've requested a CVE and the bug reference.