Andreas:
Calling out this week's announcement(s):
- 2.19.5 and 2.20.3 are being announced together with a clear "security
considerations" heading
- In this case the details of what has been fixed is included ... because
the fix is being made available on all active branches (stable and
:45
An: Watermeyer, Andreas
Cc: geoserver-users@lists.sourceforge.net
Betreff: Re: [Geoserver-users] Notifications about vulnerabilities
Actually I have an idea, searching for all announcements that have a "security
considerations" heading, and adding the vulnerability categor
Actually I have an idea, searching for all announcements that have a
"security considerations" heading, and adding the vulnerability category
gives me this:
- https://github.com/geoserver/geoserver.github.io/pull/121
Vulnerability:
GeoServer 2.19.4 Released
GeoServer 2.16.1 released
To add to Ian's answer:
As an operator of geoserver take note of the release announcements:
- We include a "Security Considerations" heading in each release where
there is a security fix
- When all active branches have the security fix the security
considerations section may contain additional
On Mon, 28 Feb 2022 at 15:59, Watermeyer, Andreas <
andreas.waterme...@its-digital.de> wrote:
> Dear GeoServer community,
>
>
>
> I have security related questions:
>
>
>
> * Is there a procedure by which operators of GeoServer installations can
> learn of security vulnerabilities that require
Dear GeoServer community,
I have security related questions:
* Is there a procedure by which operators of GeoServer installations can learn
of security vulnerabilities that require updating GeoServer?
* Is there a list of security-related bug fixes made with a release?
If nothing exists:
*