Home page logo
/

bugtraq logo Bugtraq mailing list archives

[SECURITY] [DSA 1914-1] New mapserver packages fix serveral vulnerabilities
From: Nico Golde <nion () debian org>
Date: Thu, 22 Oct 2009 20:33:58 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1914-1                    security () debian org
http://www.debian.org/security/                                 Nico Golde
October 22nd, 2009                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : mapserver
Vulnerability  : several
Problem type   : remote
Debian-specific: no
Debian bug     : #535340 #523027
CVE ID         : CVE-2009-0843 CVE-2009-0842 CVE-2009-0841 CVE-2009-0840
                 CVE-2009-0839 CVE-2009-2281

Several vulnerabilities have been discovered in mapserver, a CGI-based
web framework to publish spatial data and interactive mapping applications.
The Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-0843

  Missing input validation on a user supplied map queryfile name can be
  used by an attacker to check for the existence of a specific file by
  using the queryfile GET parameter and checking for differences in error
  messages.

CVE-2009-0842

  A lack of file type verification when parsing a map file can lead to
  partial disclosure of content from arbitrary files through parser error
  messages.

CVE-2009-0841

  Due to missing input validation when saving map files under certain
  conditions it is possible to perform directory traversal attacks and
  to create arbitrary files.
  NOTE: Unless the attacker is able to create directories in the image
  path or there is already a readable directory this doesn't affect
  installations on Linux as the fopen() syscall will fail in case a sub
  path is not readable.

CVE-2009-0839

  It was discovered that mapserver is vulnerable to a stack-based buffer
  overflow when processing certain GET parameters.  An attacker can use
  this to execute arbitrary code on the server via crafted id parameters.

CVE-2009-0840

  An integer overflow leading to a heap-based buffer overflow when
  processing the Content-Length header of an HTTP request can be used by an
  attacker to execute arbitrary code via crafted POST requests containing
  negative Content-Length values.

CVE-2009-2281

  An integer overflow when processing HTTP requests can lead to a
  heap-based buffer overflow. An attacker can use this to execute arbitrary
  code either via crafted Content-Length values or large HTTP request. This
  is partly because of an incomplete fix for CVE-2009-0840.


For the oldstable distribution (etch), this problem has been fixed in
version 4.10.0-5.1+etch4.

For the stable distribution (lenny), this problem has been fixed in
version 5.0.3-3+lenny4.

For the testing distribution (squeeze), this problem has been fixed in
version 5.4.2-1.

For the unstable distribution (sid), this problem has been fixed in
version 5.4.2-1.


We recommend that you upgrade your mapserver packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch4.dsc
    Size/MD5 checksum:     1324 da6dc400ad2809025a367588eb931523
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0.orig.tar.gz
    Size/MD5 checksum:  1782838 4668bbd017c20c251e962a5cd09c8f31
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch4.diff.gz
    Size/MD5 checksum:    85762 61bec011ac70ab92c0ebdf064bbbe3ed

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_4.10.0-5.1+etch4_all.deb
    Size/MD5 checksum:    94768 a6b8887a85643d4be20e5e1fc1c94c4d

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:   505828 d90975f9345f55213725ba30836248b3
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:  3721704 aa3689eb024673362bc1f4eba5bcf506
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:   612294 e87d84530f20dff11900357b1000c266
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:   640400 ee763dfbcd9d96af2e7d68f379ac8b6f
  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:   613754 e11196261729f9b148c78ec494ed16d9
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_alpha.deb
    Size/MD5 checksum:   776080 b4f3464ee84e5cd99221fc7f13456158

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:   524598 0f85fc0fe42f0a79d3ad6ccb424ab1f5
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:   540312 c06accd457ff567d7028c124f72e7b60
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:   660318 ce3a9044a866184881cbe798e72dc8ab
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:   435310 275339dd1b3bf757ff1c2efaa13ac5ac
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:  3166716 6e1d3953e09230dfba91e2559f652e06
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_arm.deb
    Size/MD5 checksum:   523334 ed00d5edf3b5a264ea061f34f7f22946

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:   539580 c269364509931789eb6ef47bae61a5f3
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:   443446 ea0800ac81efc45f849c7e43dcdca16c
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:   552550 98c002338bed5b2ef37146bcf379e68a
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:   538672 d6c93b0c09a6c4af02835dc192379b95
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:  3229784 6a7c29331b215039c8e444d778250077
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_i386.deb
    Size/MD5 checksum:   684270 6254390f2d12c31173c1d8dcb92d142f

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:   828736 60856f8a15e3c05b33336507c27b9b84
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:   987262 2d376547ba3042c15dfa4fea57aed858
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:   686356 80fcf125d9286bb6a23dafc6a0ba415c
  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:   790836 c11e9b1eb17ead28a428366355695275
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:  5109184 b30a07d58eab67c84285a3b92f3eeddd
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_ia64.deb
    Size/MD5 checksum:   789878 7a0c80a55e536dcd6df60be5baf22bb4

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:   555028 be6ff689cb0ea08d06393c957b4cba12
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:   565660 8cfacd3fc20884e0b6c6ac3f589010db
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:   553884 369bac7623153f8e3a54f87668895ae6
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:   486622 a03198abeeab6d71bf4ab40b29de7b0e
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:  3561220 81c5a3254387d9126bb840d5f45357d6
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_mipsel.deb
    Size/MD5 checksum:   600622 da0b19672fa100e835432a07bc2560ae

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:   561992 acbcfbb04f3db588562f2be72c1b1a9d
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:   585282 d4652893b6c25c2f21ceced832ca6205
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:  3348742 e4d99aec224d9f1289d9f02c2d3510b9
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:   458854 c8428751ba59008c4dbed9b1b362cb15
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:   715146 5f57edca2c6c18ec17480a1f33e15458
  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_powerpc.deb
    Size/MD5 checksum:   563384 034eb83b319e5cc0aa1c3a3b3c37dee4

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:   587272 2183ffa1e862ebfd7239f237612b2b5b
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:   559922 6528f0036a1555ad307298e55d1ca0af
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:  3341944 da6e735cae80a3b0b1cd80f567584c8d
  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:   561112 58614ce7d6b4f3e15d504cfbc938c48f
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:   611700 d25cc74ad733b652b53add8c6983dde6
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_s390.deb
    Size/MD5 checksum:   457848 f8c8ad80313f306f9f4df642bf7146b9

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:   547472 5e9921fe7eb781e690bb8a86725f1abb
  http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:   548778 b09f7ca97de9d1103758184b13192b71
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:   708650 3da45c28d243436b775fd0b52644c63f
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:   447924 b2eaae9234ca38a0c20eb27a97c5ddb5
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:  3256348 0d4f0358dff2591e64a79fdc00647c74
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_sparc.deb
    Size/MD5 checksum:   574136 7fa36c4bee299e6c333a5616e80bc0b3


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3.orig.tar.gz
    Size/MD5 checksum:  1806528 953a131497132baef84ca33f8432d299
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.dsc
    Size/MD5 checksum:     2033 04fead45bba690c1f1c330356671a590
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.diff.gz
    Size/MD5 checksum:  1472269 871cf7ca37e7d3f9bd91d9434f7dc2e1

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby_5.0.3-3+lenny4_all.deb
    Size/MD5 checksum:    44796 ae4a1cd5ae7d5facb4f41141ba5e045b
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_5.0.3-3+lenny4_all.deb
    Size/MD5 checksum:   168520 1f4f8fba19dec0708ab0efdffb48724b

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:   652082 5ff1023e8dba0c34aee31fbe91c0b5c6
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:  1600930 39225645f9d1003594c4f8f8fa51444d
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:   987646 8875c04bc7051d676c835195a732bcf8
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:   844564 12b690e0a65ab7350d1c381f23d522a5
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:  4836306 c2be854b94d75bd78676993331e95bf0
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:   783362 143f2b5759d631112cafb2a6afcb37d9
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_alpha.deb
    Size/MD5 checksum:   844292 5cdfb8ff6e522fa1bd6685bd340a70b7

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:   666318 202c434d413a63c68e4105a01b15b146
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:  4147952 2caa2f6bd96402938c2e9b9155831208
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:   738408 e305001d7e1071430012cc8401c464a2
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:   829300 a0f364a7496f590054229fa274e8b996
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:   738186 5e727ab69c9a3d94e664bc7a123de96e
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:   567678 96b9d51f90a125c32736f96844f803b7
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_arm.deb
    Size/MD5 checksum:  1358228 fdd6e7debc208625f4a784926931c7fa

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:  4484238 6ebf262957abd2ef478516c01e69d16e
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:   785530 cfaee32501906f1d13f9907cccd29656
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:   609520 a1eab66be442721531ee776b5a375fa4
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:   710168 e436e7606be6580b87a451807d705e91
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:   878968 2bb3ed4fef4bd8a0c8edf6741dee4d89
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:  1450614 fa192b3758695cf454b30b5dd1313e9d
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_armel.deb
    Size/MD5 checksum:   785174 854cee84208047890d9c34ff3726fc17

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:  4200908 1e7aa6fa9fd97e44bab454dd4b8885d2
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:   689968 b786f12da9328751343567514a4b080a
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:   742666 cf98bfdc6a4ba63f02d1071229be12e7
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:   742818 a0f4d369a474871ce56abdf8b0005d6b
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:   867270 c93c9f5a3c95212f749bbe45d1337b36
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:  1390226 35b0e1ccb9371d5361d1c739a5829f89
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_i386.deb
    Size/MD5 checksum:   572826 2b082c5f96aa661ad923c6a689cf8a72

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  1017178 40b12d345b65b9a81e73ccd6b974d2e5
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  6675022 98adddf9cdfd916faf4a0020acbf1d1e
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  1247906 07695fb1f4d82ecb56fb0c8fb1aa5416
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  1131092 ecbe4c220838d97aadce335fcdd80352
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:   890286 ff8bd142806cddd9c3395d000b3db5b7
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  1130862 08e8bf87a278bf783a849e38fd051fab
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_ia64.deb
    Size/MD5 checksum:  2109502 b11b361cb0f78540ef2cefeec126ae1d

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:   631184 13199f051e8b5cc7cf73b1dfbc16cad2
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:   761820 5d222a44d2a1adeafcbebeba7472bd94
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:  4666306 dd0a600d9f8530ac473a80f0161e07d8
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:   701610 d58aab786869ba4f03dcb6f56f75724d
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:   722886 97dae8dcd1a612617d268f572ad4d8ac
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:  1412214 1c863d8e5b6143aa11f0c0f17476ae89
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_mips.deb
    Size/MD5 checksum:   722590 b6c718d4736d96774b7443ea5df1994a

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:   632010 62c6e4bd0e0e70ddaf900aedb3803c09
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:  1406838 53bfd5932d0679a1c9edec67b28e9c58
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:   720686 3adf0ef1454c3e6d470c44f8a8a59161
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:   720896 13217294dc826c029a30471e4484d9f7
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:   703238 b12b26bdeff6828c415f11feab234851
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:   761242 2ba9557df2d7973a6b41e71edbc26718
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_mipsel.deb
    Size/MD5 checksum:  4672572 ef4abed3db1b5be4cdd08a0f9e98e5b9

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:   598198 1fd494a0bda3577a4293da0f500e48f1
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:   742888 11c1e63a7fef9e5a1a3ad49cb611487a
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:   802144 98e0a397ee0479f213762c900e3d2471
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:   802414 c5385417b9d28c52be4e0723ddf1b51b
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:   941542 af24159933c8e54b5203c3cd7c307f22
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:  1520850 4b81970502d05a8ae9ab09c3cc4c1d85
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_powerpc.deb
    Size/MD5 checksum:  4409858 dddcc7a6477a0148ea1cb9d1b30b2b86

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:   764904 8fe64aa2804d349adfdc7b3a6907b807
  http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:  4203198 211300cf53dba47628d1d2ec6e9e4b79
  http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:   765322 bb79004a547472c268d4a42640a3942f
  http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:  1435726 06543046c2379b0eaebc4069a926579c
  http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:   574678 82da745a969852b0d201599f58367ec8
  http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:   696576 a6171c3789c939f768ffc6eb54a28442
  http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_sparc.deb
    Size/MD5 checksum:   897036 d63071fbfbb7c248b68ba7e1ee50915a


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce () lists debian org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkrgpZYACgkQHYflSXNkfP+NGwCfe35pC3uPzUg1crtZtFqeDi4t
qH0AoLCAYB+mgBg0k3d6pT21V4s2uOVn
=XDvN
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • [SECURITY] [DSA 1914-1] New mapserver packages fix serveral vulnerabilities Nico Golde (Oct 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]