The GeoServer team are happy to announce GeoServer 2.19.5 release is available for download (zip and war) along with docs and extensions.

This GeoServer 2.19.5 release was produced in conjunction with GeoTools 25.5 and GeoWebCache 1.19.2, this is a maintenance release recommended for production systems.

Thanks to everyone who contributed, and to Ian Turton (Astun Technology) for making this release.

Security Considerations

This release includes several security enhancements and is a recommended update for production systems.

This release includes two improvements limiting Server-side request forgery (SSRF) opportunities:

We would like to thank GeoCat for addressing these two issues on behalf of Fisheries and Oceans Canada. If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

Improvements and Fixes


  • GEOS-9785 Invalid argument type=null when trying to use gs:Download WPS identifier
  • GEOS-9770 Cascading WMS server sets invalid I and J when using EPSG:3006 on GetFeatureInfo calls

About GeoServer 2.19

Additional information on GeoServer 2.19 series:

Release notes ( 2.19.5 | 2.19.4 | 2.19.3 | 2.19.2| 2.19.1 | 2.19.0 | 2.19-RC )