...
 
Commits (4)
mapserver (7.0.1-3ubuntu0.1) yakkety-security; urgency=medium
* Add upstream patches to fix CVE-2016-9839 & CVE-2017-5522.
(LP: #1648998)
-- Bas Couwenberg <sebastic@debian.org> Wed, 18 Jan 2017 23:41:26 +0100
mapserver (7.0.1-3build1) yakkety; urgency=medium
* Rebuild against gdal-abi-2-1-1.
-- Gianfranco Costamagna <locutusofborg@debian.org> Thu, 14 Jul 2016 16:12:05 +0200
mapserver (7.0.1-3) unstable; urgency=medium
* Disable PHP mapscript, extension doesn't support PHP 7 yet.
......
Source: mapserver
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
XSBC-Original-Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Uploaders: Francesco Paolo Lovergine <frankie@debian.org>,
Alan Boudreault <aboudreault@mapgears.com>,
Bas Couwenberg <sebastic@debian.org>
......
Description: Backport #4928 and #5356
Author: Thomas Bonfort <thomas.bonfort@gmail.com>
Origin: https://github.com/mapserver/mapserver/commit/022d24bd34196b6dca67053fb797a6980210bc54
Last-Update: 2017-01-24
Index: mapserver-7.0.1/mapogr.cpp
===================================================================
--- mapserver-7.0.1.orig/mapogr.cpp 2017-01-24 09:11:10.138507761 -0500
+++ mapserver-7.0.1/mapogr.cpp 2017-01-24 09:11:29.750720544 -0500
@@ -1166,18 +1166,15 @@
RELEASE_OGR_LOCK;
if( hDS == NULL ) {
- if( strlen(CPLGetLastErrorMsg()) == 0 )
- msSetError(MS_OGRERR,
- "Open failed for OGR connection in layer `%s'. "
- "File not found or unsupported format.",
- "msOGRFileOpen()",
- layer->name?layer->name:"(null)" );
- else
- msSetError(MS_OGRERR,
- "Open failed for OGR connection in layer `%s'.\n%s\n",
- "msOGRFileOpen()",
- layer->name?layer->name:"(null)",
- CPLGetLastErrorMsg() );
+ msSetError(MS_OGRERR,
+ "Open failed for OGR connection in layer `%s'. "
+ "Check logs.",
+ "msOGRFileOpen()",
+ layer->name?layer->name:"(null)" );
+ if( strlen(CPLGetLastErrorMsg()) != 0 )
+ msDebug("Open failed for OGR connection in layer `%s'.\n%s\n",
+ layer->name?layer->name:"(null)",
+ CPLGetLastErrorMsg() );
CPLFree( pszDSName );
CPLFree( pszLayerDef );
return NULL;
@@ -1202,10 +1199,13 @@
ACQUIRE_OGR_LOCK;
hLayer = OGR_DS_ExecuteSQL( hDS, pszLayerDef, NULL, NULL );
if( hLayer == NULL ) {
- msSetError(MS_OGRERR,
- "ExecuteSQL(%s) failed.\n%s",
- "msOGRFileOpen()",
- pszLayerDef, CPLGetLastErrorMsg() );
+ msSetError(MS_OGRERR,
+ "ExecuteSQL(%s) failed. Check logs",
+ "msOGRFileOpen()",
+ pszLayerDef);
+ msDebug(
+ "ExecuteSQL(%s) failed.\n%s",
+ pszLayerDef, CPLGetLastErrorMsg() );
RELEASE_OGR_LOCK;
msConnPoolRelease( layer, hDS );
CPLFree( pszLayerDef );
@@ -1237,9 +1237,11 @@
}
if (hLayer == NULL) {
- msSetError(MS_OGRERR, "GetLayer(%s) failed for OGR connection `%s'.",
- "msOGRFileOpen()",
- pszLayerDef, connection );
+ msSetError(MS_OGRERR, "GetLayer(%s) failed for OGR connection. Check logs.",
+ "msOGRFileOpen()",
+ pszLayerDef);
+ msDebug("GetLayer(%s) failed for OGR connection `%s'.",
+ pszLayerDef, connection );
CPLFree( pszLayerDef );
msConnPoolRelease( layer, hDS );
return NULL;
@@ -1662,7 +1664,13 @@
CPLErrorReset();
if( OGR_L_SetAttributeFilter( psInfo->hLayer, pszOGRFilter ) != OGRERR_NONE ) {
- msSetError(MS_OGRERR, "SetAttributeFilter(%s) failed on layer %s.\n%s", "msOGRFileWhichShapes()", layer->filter.string+6, layer->name?layer->name:"(null)", CPLGetLastErrorMsg() );
+ msSetError(MS_OGRERR,
+ "SetAttributeFilter(%s) failed on layer %s.",
+ "msOGRFileWhichShapes()",
+ layer->filter.string+6, layer->name?layer->name:"(null)");
+ msDebug("SetAttributeFilter(%s) failed on layer %s.\n%s",
+ layer->filter.string+6, layer->name?layer->name:"(null)",
+ CPLGetLastErrorMsg() );
RELEASE_OGR_LOCK;
msFree(pszOGRFilter);
return MS_FAILURE;
@@ -1875,8 +1883,8 @@
if( (hFeature = OGR_L_GetNextFeature( psInfo->hLayer )) == NULL ) {
psInfo->last_record_index_read = -1;
if( CPLGetLastErrorType() == CE_Failure ) {
- msSetError(MS_OGRERR, "%s", "msOGRFileNextShape()",
- CPLGetLastErrorMsg() );
+ msSetError(MS_OGRERR, "OGR error. check logs", "msOGRFileNextShape()");
+ msDebug("msOGRFileNextShape() error: %s", CPLGetLastErrorMsg() );
RELEASE_OGR_LOCK;
return MS_FAILURE;
} else {
Description: security fix (patch by EvenR)
Fixes CVE-2017-5522 (stack buffer overflow)
Author: Even Rouault <even.rouault@spatialys.com>
Origin: https://github.com/mapserver/mapserver/commit/fb00f8149898fcf9fcb490a179984e481248f066
https://github.com/mapserver/mapserver/commit/f096b132e58cdfe2714ce372e9f4f7c76d72c5ec
--- a/mapogcfilter.c
+++ b/mapogcfilter.c
@@ -2923,7 +2923,9 @@ char *FLTGetIsLikeComparisonExpression(F
pszValue = psFilterNode->psRightNode->pszValue;
nLength = strlen(pszValue);
-
+ if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
+ return NULL;
+
iTmp =0;
if (nLength > 0 && pszValue[0] != pszWild[0] &&
pszValue[0] != pszSingle[0] &&
--- a/mapogcfiltercommon.c
+++ b/mapogcfiltercommon.c
@@ -88,6 +88,8 @@ char *FLTGetIsLikeComparisonCommonExpres
pszValue = psFilterNode->psRightNode->pszValue;
nLength = strlen(pszValue);
+ if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
+ return NULL;
iTmp =0;
if (nLength > 0 && pszValue[0] != pszWild[0] && pszValue[0] != pszSingle[0] && pszValue[0] != pszEscape[0]) {
......@@ -3,3 +3,5 @@ perl-mapscript-install.patch
ruby-mapscript-install.patch
java-hardening.patch
didnt-typo.patch
CVE-2016-9839.patch
CVE-2017-5522.patch