[MapServer-users] security release available: MapServer 8.6.1
Jeff McKenna
jmckenna at gatewaygeomatics.com
Mon Mar 30 08:15:08 PDT 2026
Those requiring a CVE record, see: CVE-2026-33721
https://www.cve.org/CVERecord?id=CVE-2026-33721
-jeff
On 2026-03-23 4:36 p.m., Jeff McKenna via MapServer-users wrote:
> The MapServer team announces the immediate availability of security
> release of 8.6.1
>
> This release contains a fix for a security flaw in the SLD parser. See
> the changelog for the list of changes ( https://mapserver.org/
> development/changelog/changelog-8-6.html#changelog-8-6-1 ). You may also
> review this specific Security Advisory ( https://github.com/MapServer/
> MapServer/security/advisories/GHSA-cv4m-mr84-fgjp ) as well as
> MapServer’s Security Policy ( https://github.com/MapServer/MapServer/
> blob/main/SECURITY.md ). Please note: as security support for the 7.6
> branch has ended, and branches 8.4, 8.2 & 8.0 are not supported, all
> users are strongly encouraged to upgrade to the MapServer 8.6.1 release.
>
> Here is the direct download for today's release:
>
> - tar.gz: https://download.osgeo.org/mapserver/mapserver-8.6.1.tar.gz
> - zip: https://download.osgeo.org/mapserver/mapserver-8.6.1.zip
>
> (all services on demo.mapserver.org have been upgraded as well)
>
> Thanks,
>
--
Jeff McKenna
GatewayGeo: Developers of MS4W, & offering MapServer Consulting/Dev
co-founder of FOSS4G
http://gatewaygeo.com/
More information about the MapServer-users
mailing list