Greetings from the geoserver-devel We have all manner of fun new features coming your way for GeoServer 2.8 - but we also have something we could really use a hand with.
As you may know we recently introduced a responsible disclosure policy, and as a result have been collecting additional security vulnerability reports. To that effect we have a fix for GEOS-7124 that we could use a hand testing. This change carefully checks the geoserver configuration definitions as they are being loaded from disk or the REST API. We have changed our policy from accepting anything, to only accepting objects that have been "whitelisted" for use. The real question is did we list everything that is required? Or did we miss something you use ... we won't know until you try. Please download a GeoServer nightly build ( http://geoserver.org/release/master/) give it a go, and report back if you have any problems. Problems should be very obvious (like it refuses to startup or is missing layers). If you use any libraries to configure geoserver (such as gsconfig <https://github.com/boundlessgeo/gsconfig> or geoserver-manager <https://github.com/geosolutions-it/geoserver-manager>) we especially want to hear back! -- Jody Garnett
------------------------------------------------------------------------------
_______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
