[mapserver-dev] Motion: Adopt RFC-56 and release MapServer
4.10.4and 5.2.2
Kralidis,Tom [Ontario]
Tom.Kralidis at ec.gc.ca
Thu Mar 26 14:21:41 EDT 2009
+1
..Tom
> -----Original Message-----
> From: mapserver-dev-bounces at lists.osgeo.org
> [mailto:mapserver-dev-bounces at lists.osgeo.org] On Behalf Of
> Daniel Morissette
> Sent: Thursday, 26 March 2009 14:20
> To: 'MapServer Dev Mailing List'
> Subject: [mapserver-dev] Motion: Adopt RFC-56 and release
> MapServer 4.10.4and 5.2.2
>
> Some security vulnerabilities have been found and reported to
> us following an audit of MapServer's mapserv CGI. We have
> worked on this off-list with other PSC members to come up
> with a solution before making anything public.
>
> The outcome of this is five tickets (#2939, #2941, #2942,
> #2943, #2944) and corresponding fixes:
> http://trac.osgeo.org/mapserver/ticket/2939
> http://trac.osgeo.org/mapserver/ticket/2941
> http://trac.osgeo.org/mapserver/ticket/2942
> http://trac.osgeo.org/mapserver/ticket/2943
> http://trac.osgeo.org/mapserver/ticket/2944
>
> as well as a new RFC-56 about tightening up control of access
> to mapfiles and templates:
> http://mapserver.org/development/rfc/ms-rfc-56.html
>
>
> Motion:
>
> I hereby motion that we release MapServer 5.2.2 and 4.10.4 ASAP with
> fixes for tickets (#2939, #2941, #2942, #2943, #2944) and the
> implementation of RFC-56. MapServer 5.4.0 beta4 should also follow
> within a few days with the same fixes.
>
> I start with my +1
>
> Daniel
> --
> Daniel Morissette
> http://www.mapgears.com/
> _______________________________________________
> mapserver-dev mailing list
> mapserver-dev at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-dev
>
More information about the mapserver-dev
mailing list