GeoServer 2.22.6 Release
GeoServer 2.22.6 release is now available with downloads (bin, war, windows), along with docs and extensions.
This series has previously reached end-of-life, with this release issued to address a security vulnerability. Please apply this update as a mitigation measure only, and plan to upgrade to a stable or maintenance release of GeoServer. GeoServer 2.22.6 is made in conjunction with GeoTools 28.6.
Thanks to Jody Garnett (GeoCat) and Andrea Aime (GeoSolutions) for making this release.
Security Considerations
This release addresses security vulnerabilities for those operating in a Java 8 environment:
-
CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions (Critical)
For more information see the following statement.
See project security policy for more information on how security vulnerabilities are managed.
Java 8 End-of-life
This GeoServer 2.22.6 is archived and has reached end-of-life. This release uses recent GeoTools 28.6 Java 8 artifacts addressing CVE-2024-36404.
All future releases will require a minimum of Java 11.
Release notes
Improvement:
- GEOS-11102 Allow configuration of the CSV date format
- GEOS-11116 GetMap/GetFeatureInfo with groups and view params can with mismatched layers/params
- GEOS-11155 Add the X-Content-Type-Options header
- GEOS-11246 Schemaless plugin performance for WFS
Bug:
- GEOS-11138 Jetty unable to start cvc-elt.1.a / org.xml.sax.SAXParseException
Task:
- GEOS-11318 Upgrade postgresql from 42.6.0 to 42.7.2
For the complete list see 2.22.6 release notes.
Community Updates
Community module development:
- GEOS-11412 Remove reference to JDOM from JMS Cluster (as JDOM is no longer in use)
Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.
About GeoServer 2.22 Series
Additional information on GeoServer 2.22 series:
- GeoServer 2.22 User Manual
- Update Instructions
- Metadata extension
- CSW ISO Metadata extension
- State of GeoServer (FOSS4G Presentation)
- GeoServer Beginner Workshop (FOSS4G Workshop)
- Welcome page (User Guide)
Release notes: ( 2.22.6 | 2.22.5 | 2.22.4 | 2.22.3 | 2.22.2 | 2.22.1 | 2.22.0 | 2.22-RC | 2.22-M0 )
Tutorials
- GeoServer Installation and Upgrade Guide on Windows
- Mastering WFS Transactions in GeoServer
- Powerful SLD Styles & Filters in GeoServer
- Using Logical Operators in GeoServer Filters
- Exploring CQL/ECQL Filtering in GeoServer
- Using Spatial Operators in GeoServer Filters
- Using Value Comparison Operators in GeoServer Filters
- Using Binary Comparison Operators in GeoServer Filters
- Utilizing the Demo Section in Geoserver
- How to Implement Basic Security in Geoserver