GeoServer 2.6.4 Released

The GeoServer team is pleased to announce the release of GeoServer 2.6.4. Download bundles are provided (bin, war, dmg and exe) along with documentation and extensions.

GeoServer 2.6.4 is a maintenance release of GeoServer recommended for production deployment. This release contains IMPORTANT SECURITY FIXES so please upgrade.

Thanks to everyone who took part by contributing fixes, new functionality, and documentation. Notable changes:

• SECURITY: Fixed a serious vulnerability that allowed arbitrary files on the server to be read by crafting a malicious WFS request

• SECURITY: Fixed a defect that permitted WPS service to continue to respond even when disabled

• Oracle JDBC driver (ojdbc14.jar) is no longer included with the Oracle plugin; ojdbc6.jar or ojdbc7.jar must be obtained from Oracle

• Vendor parameter to specify WMS GetMap interpolation method

• Dynamic raster styling with CQL expression support for color map entries

• User-defined variables in Freemarker templates

• Check the release notes for more details

• This release is made in conjunction with GeoTools 12.4 and GeoWebCache 1.6.2

Thanks to Ben Caradoc-Davies (Transient Software Limited) for this release. Thanks also to Kevin Smith (Boundless) for releasing GeoWebCache 1.6.2 and to Jody Garnett (Boundless) for building the GeoServer 2.6.4 DMG.

About GeoServer 2.6

Articles and resources for GeoServer 2.6 series:

• GeoServer at FOSS4G

  • State of GeoServer and GeoTools 2014 (slides)

• Raster Views in GeoServer via the CoverageView concept (GeoSolutions)

• Advanced Raster Projection in GeoServer (GeoSolutions)

• Supporting Wind Barbs In GeoServer and GeoTools (GeoSolutions)

• GeoServer now supports Vector Footprints for ImageMosaic (GeoSolutions)

• 2.6.3 announcement and change log

• 2.6.2 announcement

• 2.6.1 announcement

• 2.6.0 announcement

• 2.6-RC1 announcement

• 2.6-beta announcement