MS4W Security Policy

Reporting a Vulnerability in MS4W

Security/vulnerability reports for MS4W should not be submitted through public tickets or the public mailing list, but instead please send your report to the email address: info nospam @ gatewaygeomatics.com (remove the blanks and ‘nospam’)

Also, kindly give GatewayGeo time to review and respond to the report (as MS4W is installed thousands of times per month, there are many reports and issues to review).

Supported Versions

GatewayGeo will release security updates for the most recent release (as listed at https://ms4w.com/release/current/ ). Each final MS4W release will have all dependent libraries for MapServer and GDAL upgraded for security vulnerabilities. You are encouraged to test and provide feedback as security updates are made through MS4W release candidates (posted on https://ms4w.com/release/experimental/ ).

Note on Automated Virus Scanners

Please be aware that many false positive reports can occur through virus scanners. GatewayGeo is aware of the importance of security for MS4W operating in corporate environments, and can work closely with you to review and resolve any issues.

Securing your MS4W Installation

Follow the security steps listed at https://ms4w.com/README_INSTALL.html#securing-your-ms4w-installation

Thanks. Happy MapServ-ing.

– Jeff McKenna, GatewayGeo