GeoServer 2.25.7 release is now available with downloads (bin, war, windows), along with docs and extensions.

This series has previously reached end-of-life, with this release issued to address an urgent bug or security vulnerability. Please apply this update as a mitigation measure only, and plan to upgrade to a stable or maintenance release of GeoServer. GeoServer 2.25.7 is made in conjunction with GeoTools 31.7.

Thanks to Jody Garnett and Andrea Aime (GeoSolutions) for making this release.

Security Considerations

This release addresses security vulnerabilities and is considered an critical update.

Public disclosure is scheduled for Monday 2 June 2025. See project security policy for more information on how security vulnerabilities are managed.

Release notes

Improvement:

Bug:

  • GEOS-11774 Logout with OAuth plugin will give error if logged in locally

Task:

For the complete list see 2.25.7 release notes.

Community Updates

Community module development:

  • GEOS-11762 Feature Templates by feature type can not be listed via GeoServer Rest API
  • GEOS-11783 Longitudinal profile process should allow for input chaining
  • GEOS-11784 The longitudinal profile process should limit the number of points it can extract
  • GEOS-11785 The longitudinal profile process should respect cancellation
  • GEOS-11786 Longitudinal profile process: general performance improvements
  • GEOS-11811 Features templating editor is unable to update and save the template body

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.25 Series

Additional information on GeoServer 2.25 series:

Release notes: ( 2.25.7 | 2.25.6 | 2.25.5 | 2.25.4 | 2.25.3 | 2.25.2 | 2.25.1 | 2.25.0 | 2.25-RC )