GeoServer 2.22.6 release is now available with downloads (bin, war, windows), along with docs and extensions.

This series has previously reached end-of-life, with this release issued to address a security vulnerability. Please apply this update as a mitigation measure only, and plan to upgrade to a stable or maintenance release of GeoServer. GeoServer 2.22.6 is made in conjunction with GeoTools 28.6.

Thanks to Jody Garnett for making this release.

Security Considerations

This release addresses security vulnerabilities for those operating in a Java 8 environment:

  • CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions (Critical)

    For more information see the following statement.

See project security policy for more information on how security vulnerabilities are managed.

Java 8 End-of-life

This GeoServer 2.22.6 is archived and has reached end-of-life. This release uses recent GeoTools 28.6 Java 8 artifacts addressing CVE-2024-36404.

All future releases will require a minimum of Java 11.

Release notes

Improvement:

  • GEOS-11102 Allow configuration of the CSV date format
  • GEOS-11116 GetMap/GetFeatureInfo with groups and view params can with mismatched layers/params
  • GEOS-11155 Add the X-Content-Type-Options header
  • GEOS-11246 Schemaless plugin performance for WFS

Bug:

  • GEOS-11138 Jetty unable to start cvc-elt.1.a / org.xml.sax.SAXParseException

Task:

  • GEOS-11318 Upgrade postgresql from 42.6.0 to 42.7.2

For the complete list see 2.22.6 release notes.

Community Updates

Community module development:

  • GEOS-11412 Remove reference to JDOM from JMS Cluster (as JDOM is no longer in use)

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.22 Series

Additional information on GeoServer 2.22 series:

Release notes: ( 2.22.6 | 2.22.5 | 2.22.4 | 2.22.3 | 2.22.2 | 2.22.1 | 2.22.0 | 2.22-RC | 2.22-M0 )