DSA-1914-1

Name	DSA-1914-1
Source	Debian
Description	mapserver - serveral vulnerabilities
References	CVE-2009-0839, CVE-2009-0840, CVE-2009-0841, CVE-2009-0842, CVE-2009-0843, CVE-2009-1176, CVE-2009-2281
Debian/oldstable	package mapserver is fixed in oldstable-security.
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mapserver (PTS)	etch	4.10.0-5.1+etch2	vulnerable
	etch (security)	4.10.0-5.1+etch4	fixed
	lenny, lenny (security)	5.0.3-3+lenny4	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
cgi-mapserver, libmapscript-ruby1.8, libmapscript-ruby1.9, mapserver-bin, perl-mapscript, php5-mapscript, python-mapscript	lenny, lenny (security)	5.0.3-3+lenny4	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
cgi-mapserver, mapserver-bin, perl-mapscript, php4-mapscript, php5-mapscript, python-mapscript	etch	4.10.0-5.1+etch2	vulnerable	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	etch (security)	4.10.0-5.1+etch4	fixed	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
libmapscript-ruby, mapserver-doc	lenny, lenny (security)	5.0.3-3+lenny4	fixed	all
mapserver-doc	etch	4.10.0-5.1+etch2	vulnerable	all
	etch (security)	4.10.0-5.1+etch4	fixed	all

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mapserver	source	etch	4.10.0-5.1+etch4	unknown
mapserver	source	lenny	5.0.3-3+lenny4	unknown

Home - Testing Security Team - Debian Security - Imprint