Just a reminder the GeoServer security list is not for the discussion of questions about security issues that are in the public domain. So if we have disclosed the vulnerability and you don't understand it that question should be sent to the user list for discussion not the security list.
The security list is a private list that allows the developers to discuss issues in private before the fix is released. If you think you have found a new issue then please use the responsible disclosure route to let us know. Ian
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
