On Mon, 28 Feb 2022 at 15:59, Watermeyer, Andreas < andreas.waterme...@its-digital.de> wrote:
> Dear GeoServer community, > > > > I have security related questions: > > > > * Is there a procedure by which operators of GeoServer installations can > learn of security vulnerabilities that require updating GeoServer? > > * Is there a list of security-related bug fixes made with a release? > Not currently > > > If nothing exists: > > > > * Would it be possible to introduce something like a security-announcement > mailing list? > > * Would it be possible to list fixed security vulnerabilities per release. > For example, Tomcat has a corresponding list, which I find very helpful: > https://tomcat.apache.org/security-9.html > > Only if someone with spare time or money steps up to introduce it. Ian
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users