[mapserver-users] MapCache 1.6.1 and 1.4.2 are released

Lime, Steve D (MNIT) steve.lime at state.mn.us
Mon Oct 2 14:57:08 PDT 2017


Thanks for handling Jeff and a big thanks for Even for the fix! Note this is fixing a XSS vulnerability associated with the WMS/WMTS error responses - in case you don't want track down the CVE id. --Steve

-----Original Message-----
From: mapserver-users [mailto:mapserver-users-bounces at lists.osgeo.org] On Behalf Of Jeff McKenna
Sent: Friday, September 29, 2017 7:20 PM
To: MapServer <mapserver-users at lists.osgeo.org>
Subject: [mapserver-users] MapCache 1.6.1 and 1.4.2 are released

Today the project team released versions 1.6.1 and 1.4.2 of MapCache. 
This is primarily a security release to address CVE-2017-12808. That 
issue involves a vulnerability involving WMS and WMTS error messages.

All users are encouraged to update to the latest version as soon as 
possible. Source distributions are available through 
http://mapserver.org/ and we expect binary distributions to be updated 
in the near future.

-jeff




_______________________________________________
mapserver-users mailing list
mapserver-users at lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/mapserver-users


More information about the MapServer-users mailing list