GeoServer 2.23.0 release is now available with downloads (bin, war, windows), along with docs and extensions.

This is a stable release of GeoServer suitable for production systems, made in conjunction with GeoTools 29.0 and GeoWebCache 1.23.0.

Thanks to Jody Garnett (GeoCat) for making this release. Additional thanks to those volunteering to test the release candidate, your assistance is seen and appreciated: Peter Rushforth, Mark Prins, Gabriel Roldan, and Juan Luis Rodríguez.

Keeping GeoServer sustainable requires community commitment. If you are unable to contribute time, sponsorship options are available via the Open Source Geospatial Foundation.

Security Considerations

This release addresses a security vulnerability and is considered an essential upgrade for production systems.

For more information see OGC Filter Injection Vulnerability Statement. If you have already updated to a patched release that is excellent. We still advise updating to benefit from the considerable work done updating dependencies for GeoServer 2.23.0.

Java 11 Minimum

With this release GeoServer no longer supports Java 8, and it is time to upgrade to Java 11 at a minimum. Our build system tests GeoServer in with Java 11 and Java 17 which are both long-term-support OpenJDK releases.

JVM 11 Minimum

If you try starting this version of GeoServer with Java 8 it will produce the following failure:

java.lang.UnsupportedClassVersionError: org/geoserver/GeoserverInitStartupListener
has been compiled by a more recent version of the Java Runtime (class file version 55.0),
this version of the Java Runtime only recognizes class file versions up to 52.0

For more information please see our User Manual Installation (User Manual) and Java Considerations (User Manual) pages.

CSS Cleanup

The first big internal change for this release of GeoServer is a cleanup of the theme used for the GeoServer web administration application. Previously the pages had lots of little styling adjustments to try and get components to line up correctly and appear okay.

With this update all of the handmade styling changes have been removed, and everything is managed by the “geoserver.css” theme.

Thanks to Michel Gabriël (GeoCat) who started this work at the Bolsena code-sprint as a labour of love (well frustration).

Spring Upgrade

The second internal change for this release of GeoServer is an upgrade to the Spring Framework used to wire the internals of GeoServer together.

While this should not result in any change to functionality, it has resulted in quite a lot of careful quality assurance and testing to ensure everything is still connected and works as intended.

Thanks to Joseph Miller (GeoSolution) who worked on this activity.

  • GEOS-10779 Upgrade GeoServer Core Spring to 5.3.23 and Spring Security to 5.7.3

  • GEOS-10907 Update spring.version from 5.3.25 to 5.3.26

Windows installer Java 11 Update

Windows users are advised to keep the Java 11 minimum requirement in mind when upgrading existing systems.

The installer will correctly detect the OpenJDK Adoptium, users of Oracle JDK may need to use the browse button:

Adoptium JDK 17 Manual

Thanks to Juan Luis Rodríguez (GeoCat) for troubleshooting the windows installer for this release.

  • GEOS-10890 Wrong path for the license file in the Windows installer script

Feature Type Description

A welcome new feature, building on top of the ability to customize FeatureTypes is the ability to provide a description for each attribute. This information is used in WFS DescribeFeatureType to provide a human readable name or description for the attributes being published.

Attribute Descriptions

Thanks to Joseph Miller (GeoSolutions) for this improvement.

  • GEOS-10868 Add support for editable description in GeoServer customize feature type table


The traditional OGC Open Web Services have not had automated CITE tests run for a while, but a few fixes have been made to restore CITE compliance:

  • GEOS-10787 CITE WCS 1.1.1 - Throw exception on bad ‘store’ parameter

  • GEOS-10788 CITE WCS 1.1.1 - Empty InterpolationMethod should throw exception

  • GEOS-10757 CITE: WMS <Style> has elements in wrong order (DTD validation)

  • GEOS-10782 CITE WFS 1.1 - HITS mimetype is incorrect

  • GEOS-10783 CITE WFS 1.1 - Check customized feature type to determine if transform wrapper needed

  • GEOS-10784 CITE WFS 1.1 - don’t do illegal geometry conversions

  • GEOS-10785 CITE WFS 1.1 - Data Dir - allow anonymous users to modify data

Thanks to David Blasby (GeoCat) for this work on behalf of the GeoCat Live Project. David addressed several errors in the CITE testing for these services while addressing the above issues for the GeoServer community.

A number of CITE conformance issues remain open, notably the handling of acceptsVersions with a mix of older protocols (such as WFS 2.0, WFS 1.1 and WFS 1.0). If you are interested in funding or sponsoring this activity please visit our sponsorship page.

Configuration Saving and Loading

A special call out to Dieter Stuken for working on the kind of fixes that just cause frustration - trouble shooting the internal Resource Store component that allows GeoServer configuration to be saved in a disk or database.

These fixes help the GeoServer Admin Console provide better error messages when a file is unavailable. And prevent the accidental creation of “missing” files when attempting to read from locations with no content.

  • GEOS-10724 SpringResourceAdaptor should throw a FileNotFoundException instead of creating any missing file

  • GEOS-10743 ResourcePool.readStyle created empty files

  • GEOS-10723 clean up params-extractor plugin to use Resource

Documentation and Tutorials

A few section of the User manual have been updated:

Thanks to Jody Garnett (GeoCat) and all those who contributed documentation fixes for this release.

  • GEOS-10759 Welcome page unreachable with large / slow catalogue configuration

Community Updates

The following community module has been retired:

  • GEOS-10778 Retire GeoStyler community module

    The plugin is now maintained outside of the GeoServer repository at .

Security community modules

With the upgrade to Spring Security to 5.7.3 mentioned above, the community security modules have affected.

A reminder that these modules are in need of your support to be recognized as an extension (and be included in our automated testing). Contact the appropriate module maintainer (Alessio or David) to see how you can assist.

OGCAPI community module Updates

The OGCAPI community module remains under active development:

  • GEOS-10889 OGC API info section should report the spec version, not the server version

  • GEOS-10758 OGCAPI - Features - Add storageCrs property for Collections

  • GEOS-10888 OGC API styles OpenAPI document points to dangling remote resources

  • GEOS-10854 Move the OGC API OpenAPI definitions to the “openapi” resource

  • GEOS-10855 Update the new OGC APIs so that the major version number is part of the path

  • GEOS-10881 Add Content-Crs header to OGC API

  • GEOS-10885 Remove Axis Order from OGC API Header

Andrea (GeoSolutions) has been working towards CITE compliance on behalf of Geonovum.

OGC API Features

OGC API Features

As a community module GeoServer OGC API is made available to developers for collaboration, and can also be accessed as a nightly build for feedback. If you are in a position to support this activity with time, money or resources please contact Andrea.

Improvements and Fixes

New Feature:

  • GEOS-10696 Allow configuration of Output Format types allowed in GetFeature


  • GEOS-10735 Obfuscate secret key in S3 Blob Store, avoiding requiring reentry when editing and HTML source visibility

  • GEOS-10739 Contact information user interface feedback for welcome message

  • GEOS-10740 Service enabled does not respect minimal/custom service names

  • GEOS-10750 German Translation Overhaul Part 1

  • GEOS-10755 WCS 2.0 module should not use string concatenation to build XML

  • GEOS-10762 Allow enabling auto-escaping for WMS GetFeatureInfo HTML templates

  • GEOS-10814 Update jdbc config to use consistent SQL formatting

  • GEOS-10879 Dispatcher should not respond to non standard HTTP methods


  • GEOS-10006 Seeding GWC doesn’t work for layers with a dot in the name

  • GEOS-10865 Backwards incompatible change in the XML representation of user roles

  • GEOS-10905 Default CSW properties do not allow sorting by identifiers


For the complete list see 2.23.0 release notes.

About GeoServer 2.23 Series

Release notes: ( 2.23.0 | 2.23-RC1 )