[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mapserver-users
Subject:    Re: [mapserver-users] MapCache 1.6.1 and 1.4.2 are released
From:       "Lime, Steve D (MNIT)" <steve.lime () state ! mn ! us>
Date:       2017-10-02 21:57:08
Message-ID: BN6PR09MB147482F8E2808A4A899AC3C3DA7D0 () BN6PR09MB1474 ! namprd09 ! prod ! outlook ! com
[Download RAW message or body]

Thanks for handling Jeff and a big thanks for Even for the fix! Note this is fixing a XSS vulnerability associated with the WMS/WMTS error responses - in case you don't want track down the CVE id. --Steve

-----Original Message-----
From: mapserver-users [mailto:mapserver-users-bounces@lists.osgeo.org] On Behalf Of Jeff McKenna
Sent: Friday, September 29, 2017 7:20 PM
To: MapServer <mapserver-users@lists.osgeo.org>
Subject: [mapserver-users] MapCache 1.6.1 and 1.4.2 are released

Today the project team released versions 1.6.1 and 1.4.2 of MapCache. 
This is primarily a security release to address CVE-2017-12808. That 
issue involves a vulnerability involving WMS and WMTS error messages.

All users are encouraged to update to the latest version as soon as 
possible. Source distributions are available through 
http://mapserver.org/ and we expect binary distributions to be updated 
in the near future.

-jeff




_______________________________________________
mapserver-users mailing list
mapserver-users@lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/mapserver-users
_______________________________________________
mapserver-users mailing list
mapserver-users@lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/mapserver-users
[prev in list] [next in list] [prev in thread] [next in thread]