Possible SQL injection in WFS
Bug #809133 reported by
Alan Boudreault
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mapserver (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Maverick |
Fix Released
|
Undecided
|
Unassigned | ||
Natty |
Fix Released
|
Undecided
|
Steve Beattie | ||
Oneiric |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
MapServer developers have discovered flaws in the OGC filter support in MapServer.
All versions may be susceptible to SQL injection under certain circumstances.
Changed in mapserver (Ubuntu): | |
status: | New → Confirmed |
visibility: | private → public |
tags: | added: patch |
Changed in mapserver (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
Thanks for the debdiffs. Is this issue public now?
Does this issue have a CVE number?
The changes are extensive, what kind of testing did you perform on the debdiffs?
Thanks.