#2420: update Geoserver
-----------------------+---------------------------
Reporter: darkblueb | Owner: osgeolive@…
Type: defect | Status: new
Priority: critical | Milestone: OSGeoLive16.0
Component: OSGeoLive | Keywords: geoserver
-----------------------+---------------------------
there has been a recent security path for geoserver
{{{
juanluisrpJuanLu:
I think it was CVE-2023-25157 OGC Filter SQL Injection Vulnerabilities.
The vulnerability applies to any database backend;
also any other software using GeoTools (depending on how they use it) can
be vulnerable.
I think the fixes were backported to some previous versions
able to run on Java 8; 2.22.2 has the patch
}}}
https://geoserver.org/vulnerability/2023/02/20/ogc-filter-injection.html
https://github.com/geoserver/geoserver/releases/tag/2.22.2
--
Ticket URL: <https://trac.osgeo.org/osgeolive/ticket/2420>
OSGeoLive <https://live.osgeo.org/>
self-contained bootable DVD, USB thumb drive or Virtual Machine based on
Lubuntu, that allows you to try a wide variety of open source geospatial
software without installing anything._______________________________________________
osgeolive mailing list
[email protected]
https://lists.osgeo.org/mailman/listinfo/osgeolive
