Re: [Geoserver-users] GeoServer 2.15 Spring vulnerability

Dominique: You have our security policy , we only mentioned a fix when all active branches are patched. And we do not discuss security vulnerabilities in public ;) You are correct that many of the libraries and frameworks used

[Geoserver-users] GeoServer 2.15 Spring vulnerability

Hello I saw that we fixed the spring vulnerability issue in GeoServer 2.17. Was GeoServer 2.15 even vulnerable to this attack? We have some environments with 2.15 and need to know if they require a patch or upgrade. https://osgeo-org.atlassian.net/browse/GEOS-9477 Dominique Bessette