Release notes
Build Update
-
GEOS-10871 about geoserver page reporting @project.version@ for WAR deploy
This tag has been redeployed due to slight difference between gs-web-core jar available for download and the one deployed to maven repository.
Vulnerabilities
- CVE-2023-25158 OGC Filter SQL Injection Vulnerabilities (GeoTools)
- CVE-2023-25157 OGC Filter SQL Injection Vulnerabilities (GeoServer)
New Feature
- GEOS-10624 Data directory and documentation update
Improvement
-
GEOS-10838 Speed up DefaultResourceAccessManager securityFilter implementation
-
GEOS-10851 GWC S3 Blobstore Parameters Get Converted back to plain text after an application restart
-
GEOS-10860 OGC API should return version including minor and patch in HTTP Response Header
Bug
-
GEOS-7506 shutdown.bat cannot run without JAVA_HOME set
-
GEOS-10689 OSHISystemInfoCollector holds non daemon threads, prevents clean shutdown of Tomcat
-
GEOS-10759 Welcome page unreachable with large / slow catalogue configuration
-
GEOS-10828 OGC API - Features - Plugin breaks core `/rest` API with JSON payloads
-
GEOS-10833 GeoServerHomePage unresponsive against large catalogs
-
GEOS-10834 Catalog.list might require a lot of time due to security filtering
-
GEOS-10836 The demo styles in "ne" workspace do not validate
-
GEOS-10842 Escape user inputs in SQL queries
-
GEOS-10846 Enable auto-escaping for REST HTML templates
-
GEOS-10847 Selecting a raster layer in home page shows incorrect services
-
GEOS-10861 Welcome blurb i18n not respecting language switch
Task
-
GEOS-10683 FileWrapperResourceTheoryTest fails on Windows since Java 11
-
GEOS-10848 Column remarks documentation should be updated to reflect that functionality is supported with JNDI