group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1648998] Re: Fix CVE-2016-9839 & CVE-2017-5522

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>
Date: Tue, 24 Jan 2017 16:05:33 -0000
Reply-to: Bug 1648998 <1648998@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: mapserver (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: mapserver (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: mapserver (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: mapserver (Ubuntu Zesty)
   Importance: Medium
       Status: Triaged

** Also affects: mapserver (Ubuntu Yakkety)
   Importance: Undecided
       Status: New

** Changed in: mapserver (Ubuntu Zesty)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1648998

Title:
  Fix CVE-2016-9839 & CVE-2017-5522

Status in mapserver package in Ubuntu:
  Fix Released
Status in mapserver source package in Precise:
  Fix Released
Status in mapserver source package in Trusty:
  Fix Released
Status in mapserver source package in Xenial:
  Fix Released
Status in mapserver source package in Yakkety:
  Fix Released
Status in mapserver source package in Zesty:
  Fix Released

Bug description:
  In MapServer before 7.0.3, OGR driver error messages are too verbose
  and may leak sensitive information if data connection fails.

  https://people.canonical.com/~ubuntu-
  security/cve/2016/CVE-2016-9839.html

  Packages for Debian have been updated - we should apply the same in
  Ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mapserver/+bug/1648998/+subscriptions