Red Hat Bugzilla – Bug 617312
CVE-2010-2539 MapServer: Buffer overflow by generating unique temporary filename(s) (Trac#3484)
Last modified: 2015-08-21 18:40:45 EDT
MapServer upstream during a security audit of MapServer v5.6 source code found a potential buffer overflow in the way MapServer generated unique temporary filenames. A local attacker could use this flaw to conduct denial of service attacks. References: [1] http://trac.osgeo.org/mapserver/ticket/3484 Upstream patch (against 5-4 SVN branch): [2] http://trac.osgeo.org/mapserver/changeset/10310 Upstream patch (against trunk): [3] http://trac.osgeo.org/mapserver/changeset/10318
This issue affects the versions of the mapserver package, as shipped with Fedora release of 12 and 13. Please fix.
Created mapserver tracking bugs for this issue Affects: fedora-all [bug 617314]