[mapserver-dev] Motion: Adopt RFC-56 and release MapServer 4.10.4 and 5.2.2

Tamas Szekeres szekerest at gmail.com
Thu Mar 26 15:36:03 EDT 2009


+1

Tamas



2009/3/26 Daniel Morissette <dmorissette at mapgears.com>

> Some security vulnerabilities have been found and reported to us following
> an audit of MapServer's mapserv CGI. We have worked on this off-list with
> other PSC members to come up with a solution before making anything public.
>
> The outcome of this is five tickets (#2939, #2941, #2942, #2943, #2944) and
> corresponding fixes:
>  http://trac.osgeo.org/mapserver/ticket/2939
>  http://trac.osgeo.org/mapserver/ticket/2941
>  http://trac.osgeo.org/mapserver/ticket/2942
>  http://trac.osgeo.org/mapserver/ticket/2943
>  http://trac.osgeo.org/mapserver/ticket/2944
>
> as well as a new RFC-56 about tightening up control of access to mapfiles
> and templates:
>  http://mapserver.org/development/rfc/ms-rfc-56.html
>
>
> Motion:
>
> I hereby motion that we release MapServer 5.2.2 and 4.10.4 ASAP with fixes
> for tickets (#2939, #2941, #2942, #2943, #2944) and the implementation of
> RFC-56. MapServer 5.4.0 beta4 should also follow within a few days with the
> same fixes.
>
> I start with my +1
>
> Daniel
> --
> Daniel Morissette
> http://www.mapgears.com/
> _______________________________________________
> mapserver-dev mailing list
> mapserver-dev at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osgeo.org/pipermail/mapserver-dev/attachments/20090326/9d1596ea/attachment.html


More information about the mapserver-dev mailing list