[mapserver-commits] r11937 - branches/branch-5-4/mapserver

svn at osgeo.org svn at osgeo.org
Thu Jul 14 09:57:48 EDT 2011 

Author: dmorissette
Date: 2011-07-14 06:57:47 -0700 (Thu, 14 Jul 2011)
New Revision: 11937

Modified:
   branches/branch-5-4/mapserver/HISTORY.TXT
Log:
Fix typos and formatting

Modified: branches/branch-5-4/mapserver/HISTORY.TXT
===================================================================
--- branches/branch-5-4/mapserver/HISTORY.TXT	2011-07-14 13:53:56 UTC (rev 11936)
+++ branches/branch-5-4/mapserver/HISTORY.TXT	2011-07-14 13:57:47 UTC (rev 11937)
@@ -14,7 +14,7 @@
 Current Version:
 ----------------
 
-IMPORTANT SECURITY FIXE:
+IMPORTANT SECURITY FIXES:
 
 -  Fixes to prevent SQL injections through OGC filter encoding (in WMS, WFS 
    and SOS), as well as a potential SQL injection in WMS time support. 
@@ -22,11 +22,26 @@
    enabled, with layers connecting to an SQL RDBMS backend, either 
    natively or via OGR (#3903)
 
+-  Fixed potentially exploitable buffer overflows in OGC Filter Encoding
+   support (#3903)
+
+- Disabled some insecure (and potentially exploitable) mapserv command-line
+  debug arguments (#3485). The --enable-cgi-cl-debug-args configure switch
+  can be used to re-enable them for devs who really cannot get away without
+  them and who understand the potential security risk (not recommended for 
+  production servers or those who don't understand the security implications).
+
+- Fixed possible buffer overflow in msTmpFile() (#3484)
+
+Other Fixes:
+
 - WFS: check if map projection is properly set before using it (#3897)
 
-- Fix for the memory corruption when mapping the string data type in the Java bindings (#3491)
+- Fix for the memory corruption when mapping the string data type in the 
+  Java bindings (#3491)
 
-- Ensure the class is not marked BeforeFieldInit causing memory corruption with C#/CLR4 (#3438)
+- Ensure the class is not marked BeforeFieldInit causing memory corruption 
+  with C#/CLR4 (#3438)
 
 - Fixed MSSQL2008 driver returning invalid extent (#3498)
 
@@ -35,14 +50,6 @@
 - Fix computation of shape bounds when the first line contains no points
   (#3119)(fixes #3383)
 
-- Disabled some insecure (and potentially exploitable) mapserv command-line
-  debug arguments (#3485). The --enable-cgi-cl-debug-args configure switch
-  can be used to re-enable them for devs who really cannot get away without
-  them and who understand the potential security risk (not recommended for 
-  production servers or those who don't understand the security implications).
-
-- Fixed possible buffer overflow in msTmpFile() (#3484)
-
 - fix blending of transparent layers with AGG on MSB archs (#3471)
 
 - Fix security exception issue in C# with MSVC2010 (#3438)

More information about the mapserver-commits mailing list