Security advisory is now published, and blog posts updated: CVE-2025-30220 <https://github.com/geotools/geotools/security/advisories/GHSA-826p-4gcg-35vw> XML External Entity (XXE) Processing Vulnerability in XSD schema handling GEOT-7760 <https://osgeo-org.atlassian.net/browse/GEOT-7760> CVE-2025-30220: XXE Processing Vulnerability in XSD schema handling (9.9 Critical)
- - Jody Garnett On May 13, 2025 at 10:36:00 AM, Jody Garnett <jody.garn...@gmail.com> wrote: > Several GeoTools release are now available: > > > - GeoTools 33.1 Released > <https://geotoolsnews.blogspot.com/2025/05/geotools-331-released.html> > (release notes <https://github.com/geotools/geotools/releases/tag/33.1> > ) > - GeoTools 32.3 Released > <https://geotoolsnews.blogspot.com/2025/05/geotools-323-released.html> > (release notes <https://github.com/geotools/geotools/releases/tag/32.3> > ) > - GeoTools 31.7 Released > <https://geotoolsnews.blogspot.com/2025/05/geotools-317-released.html> > (release notes <https://github.com/geotools/geotools/releases/tag/31.7> > ) > > > Release artifacts are available source forge > <https://sourceforge.net/projects/geotools/files/> and maven repository. > > *Security considerations* > > These releases are being made concurrently to address a security advisory, > scheduled for public disclosure Monday 2 June 2025. > - - > GeoTools Project Management Committee >
_______________________________________________ GeoTools-GT2-Users mailing list GeoTools-GT2-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geotools-gt2-users
