Those requiring a CVE record, see: CVE-2025-59431
https://www.cve.org/CVERecord?id=CVE-2025-59431
-jeff
On 2025-09-19 5:21 p.m., Jeff McKenna via MapServer-users wrote:
The MapServer team announces the immediate availability of security
release of 8.4.1
This release contains a fix for a security flaw for WFS filters through
OGR. See the changelog for the list of changes ( https://mapserver.org/
development/changelog/changelog-8-4.html#changelog-8-4-1 ). You may also
review MapServer’s Security Policy ( https://github.com/MapServer/
MapServer/blob/main/SECURITY.md ), as well as this specific Security
Advisory ( https://github.com/MapServer/MapServer/security/advisories/
GHSA-256m-rx4h-r55w ). Please note: as security support for the 7.6
branch has ended, and branches 8.2 & 8.0 are not supported, all users
are strongly encouraged to upgrade to the MapServer 8.4.1 release.
Here is the direct download for today's release:
- tar.gz: https://download.osgeo.org/mapserver/mapserver-8.4.1.tar.gz
- zip: https://download.osgeo.org/mapserver/mapserver-8.4.1.zip
(all services on demo.mapserver.org have been upgraded as well)
Thanks,
--
Jeff McKenna
GatewayGeo: Developers of MS4W, & offering MapServer Consulting/Dev
co-founder of FOSS4G
http://gatewaygeo.com/
_______________________________________________
MapServer-users mailing list
MapServer-users@lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/mapserver-users
