[SECURITY] [DLA 734-1] mapserver security update

Package : mapserver Version : 6.0.1-3.2+deb7u3 CVE ID : CVE-2016-9839 It was discovered that there was an information leakage vulnerability in mapserver, a CGI-based framework for Internet map services. For Debian 7 "Wheezy", this issue has been fixed in mapserver version 6.0.1-3.2+deb7u3. We...

Debian DLA-734-1 : mapserver security update

It was discovered that there was an information leakage vulnerability in mapserver, a CGI-based framework for Internet map services. For Debian 7 'Wheezy', this issue has been fixed in mapserver version 6.0.1-3.2+deb7u3. We recommend that you upgrade your mapserver packages. NOTE: Tenable Network...

DLA-734-1 mapserver - security update

Bulletin has no description...

Fedora Update for mapserver FEDORA-2014-17559

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : mapserver-6.2.2-1.fc21 (2014-17567)

Update to latest 6.2 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora Update for mapserver FEDORA-2014-17567

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : mapserver-6.2.2-1.fc20 (2014-17559)

Update to latest 6.2 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

[SECURITY] Fedora 20 Update: mapserver-6.2.2-1.fc20

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

[SECURITY] Fedora 21 Update: mapserver-6.2.2-1.fc21

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

Updated mapserver packages fix CVE-2013-7262 and packaging issues

Updated mapserver packages fix security vulnerability: SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TI...

MGASA-2015-0097 Updated mapserver packages fix CVE-2013-7262 and packaging issues

Updated mapserver packages fix security vulnerability: SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TI...

MapServer < 5.6.9 / 6.0.4 / 6.2.2 / 6.4.1 SQL Injection

The version of MapServer hosted on the remote web server may be affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input. Specifically, the mPostGISLayerSetTimeFilter function in mappostgis.c does not properly sanitize user-supplied input passed via...

MapServer PostGIS TIME Filter SQL注入漏洞

CVE ID：CVE-2013-7262 MapServer是用于创建交互式地图应用的多平台程序。 某些传递到PostGIS TIME filters的未明输入在用于SQL查询前未能正确过滤，攻击者可以通过注入任意SQL代码操纵SQL查询。 0 MapServer 6.x 厂商补丁： MapServer ----- MapServer 6.4.1版本以修复此漏洞，建议用户下载使用： http://www.mapserver.org/development/changelog/changelog-6-4.htmlchanges-from-6-4-0-to-6-4-1...

CVE-2013-7262

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...

CVE-2013-7262

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...

DEBIAN-CVE-2013-7262

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...

CVE-2013-7262

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...

Sql injection

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...

CVE-2013-7262

The vulnerability CVE-2013-7262 affects MapServer (MapServer before 6.4.1) in the msPostGISLayerSetTimeFilter function (mappostgis.c). When using a WMS-Time service, a crafted PostGIS TIME filter can lead to remote SQL command execution, exposing SQL injection risk with partial confidentiality/in...

CVE-2013-7262

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter...