Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted mapserver 7.6.2-1+deb11u1 (source) into oldoldstable-security
Date: Mon, 23 Mar 2026 06:10:17 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 Mar 2026 21:00:13 +0100
Source: mapserver
Architecture: source
Version: 7.6.2-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 988208
Changes:
 mapserver (7.6.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2021-32062: Security control (MS_MAP_NO_PATH and MS_MAP_PATTERN
     restrictions) bypass (closes: #988208).
   * Fix CVE-2025-59431: Boolean-based SQL injection vulnerability in directive
     PropertyName of the XML Filter Query.
   * Fix heap-buffer-overflow and double-free issues in maplexer.
Checksums-Sha1:
 c7304907f06458ef13577a2871ae56fbf21dfea9 3236 mapserver_7.6.2-1+deb11u1.dsc
 2acdae97383f8cc368141e4cb1f539943bdb36a7 2715806 mapserver_7.6.2.orig.tar.gz
 33944346921bf697070767e51ea21d49988dcd00 92576 mapserver_7.6.2-1+deb11u1.debian.tar.xz
 f2688a1bbe5135071becb1915bfd1de49c975060 10291 mapserver_7.6.2-1+deb11u1_source.buildinfo
Checksums-Sha256:
 e4b609b00356cfa764befb306285e5164f49b7059c0fffdcdb3db36c8bbfe795 3236 mapserver_7.6.2-1+deb11u1.dsc
 36768819f28024312f76a791085f3731d2cc451f7f0c9015c91c12b3929fe179 2715806 mapserver_7.6.2.orig.tar.gz
 74223681ccb53f7f1cebe01e281c1f9589f6b41930dc55d2c9bf8f533e441280 92576 mapserver_7.6.2-1+deb11u1.debian.tar.xz
 a2be0ea575b62ca70eec408b8dc71ca47ad13e4c549bfc042c4782c38d9b7c8e 10291 mapserver_7.6.2-1+deb11u1_source.buildinfo
Files:
 ca4e96886a256508e5b083fc21a1d4cf 3236 devel optional mapserver_7.6.2-1+deb11u1.dsc
 3f2287c0c61c8d75a8c7b2c61d2cabff 2715806 devel optional mapserver_7.6.2.orig.tar.gz
 2dd8dba3c55469d7089126d6d188ea0c 92576 devel optional mapserver_7.6.2-1+deb11u1.debian.tar.xz
 5ac7a13aae10570bf57b91762d5cddd2 10291 devel optional mapserver_7.6.2-1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmnAz1cACgkQ05pJnDwh
pVKe+Q/9EdZsQua9+glAwAWS7lLqz1ToqKoTYL1i1cEnhNowNfOFCpt/UxE+LoyV
I60UkcRsZPOnh6E8lgbtZPaOFtt/B2+cXyDHBXlTiVTYHeWoWaUxFtDgU3Lulvyz
jcD9807D227vzju3cF1SL1oysADo/rSlF9K7yRuJOMWuJUrZJ8clX+VTsljJdvSX
9qz9hZ2rDanGedQ0f7O3bds11Xmd1qrCqa68frqjH7HOac3vwx0scN5awSp+uTmW
C3PgSuOD01VTK+eeVmSOu586+5aYzj13ltw0q/L4+IOybH4zxaLh2k7UNF31s84j
hJ9JrLdE6VSVlKEz4Ly3LGPQmABbKDrj/heUrF13g44CdF1qsvaB5RBjy8HSTAVd
Lfvynm1u2WHOpIP9FlB7yOx6CZK5m6yS4gNOTiqLdJCtEyGkmSSMTH6pBtwov1p0
WWdRO+z2IaNF3XKTPSuAkJr4WFPlyYoH/qmhJPVHtmgZD7tate76faMiXsNUwtcc
VMr7LCBSbpYLLgE5+wH0SeEiMArj9fRkqvE6lQXvBrp2KulTQmmuA4gDekk4R8jX
9CVBPZZY8wkysV2Zht1hBAEuyU0XWWfCFo6dF3aZ4WrygjpAb3ckdDEycMGCcSsL
pfAtGjNlvoAmRg+lQU/0RxmB8IlkY/84GTHojBR3MxfqbMRHRLU=
=H23y
-----END PGP SIGNATURE-----

News for package mapserver