[mapserver-commits] r10307 - branches/branch-5-6/mapserver
svn at osgeo.org
svn at osgeo.org
Thu Jul 8 16:11:08 EDT 2010
Author: dmorissette
Date: 2010-07-08 20:11:08 +0000 (Thu, 08 Jul 2010)
New Revision: 10307
Modified:
branches/branch-5-6/mapserver/HISTORY.TXT
Log:
Prepare for 5.6.4 release
Modified: branches/branch-5-6/mapserver/HISTORY.TXT
===================================================================
--- branches/branch-5-6/mapserver/HISTORY.TXT 2010-07-08 20:07:15 UTC (rev 10306)
+++ branches/branch-5-6/mapserver/HISTORY.TXT 2010-07-08 20:11:08 UTC (rev 10307)
@@ -12,9 +12,21 @@
For a complete change history, please see the Subversion log comments.
-Version 5.6.4 (????-??-??):
+Version 5.6.4 (2010-07-08):
---------------------------
+IMPORTANT SECURITY FIXES:
+
+- Disabled some insecure (and potentially exploitable) mapserv command-line
+ debug arguments (#3485). The --enable-cgi-cl-debug-args configure switch
+ can be used to re-enable them for devs who really cannot get away without
+ them and who understand the potential security risk (not recommended for
+ production servers or those who don't understand the security implications).
+
+- Fixed possible buffer overflow in msTmpFile() (#3484)
+
+Other fixes:
+
- Fixed possible race condition with connectiontype WFS layers (#3137)
- Modified mapserver units enum order to fix some problems with external
More information about the mapserver-commits
mailing list