GeoServer Enterprise 2024.0 Release Notes

GeoCat is pleased to present our latest distribution of GeoServer Enterprise.

Overview

GeoServer Enterprise 2024.0 provides support for publishing geospatial data using open standards.

This distribution is made available to GeoCat customers:

  • GeoServer Enterprise Standard distribution provides a web archive (or docker image) of GeoServer bundled with popular extensions backed by GeoCat long-term support
  • GeoServer Enterprise Premium offers a custom distribution with your selection of extensions backed by GeoCat extended support.
  • GeoCat Live provides a hosted GeoServer environment

GeoServer Enterprise 2024.0 is a recommended upgrade for all our customers and is compatible with GeoCat Bridge for both ArcGIS Desktop and QGIS Desktop.

General

GeoServer Enterprise 2024.0 release notes:

  • Offers our GeoServer Enterprise Premium customers “predefined war” service with a ready to use war including your selection of supported GeoServer extensions.
  • GeoServer Enterprise 2024.0 is proudly open source with the latest GeoServer 2.25.1, GeoWebCache 1.25.1, and GeoTools 31.1 technologies.

Detailed change log:

Security considerations:

  • GeoCat respects the GeoServer coordinated vulnerability disclosure policy, contact us directly to discuss known security vulnerabilities mitigation and resolution availability.

    The above vulnerabilities are not disclosed at the time of writing.

  • The following vulnerabilities are presently disclosed:

    • CVE-2023-51444 Arbitrary file upload vulnerability in REST Coverage Store API
    • CVE-2023-41877 GeoServer log file path traversal vulnerability
    • CVE-2024-23634 Arbitrary file renaming vulnerability in REST Coverage/Data Store API
    • CVE-2024-23643 Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed Form
    • CVE-2024-23821 Stored Cross-Site Scripting (XSS) vulnerability in GWC Demos Page
    • CVE-2024-23819 Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page
    • CVE-2024-23818 Stored Cross-Site Scripting (XSS) vulnerability in WMS OpenLayers Format
    • CVE-2024-23642 Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer
    • CVE-2024-23640 Stored Cross-Site Scripting (XSS) vulnerability in Style Publisher
    • CVE-2023-51445 Stored Cross-Site Scripting (XSS) vulnerability in REST Resources API

    If you are using GeoServer Enterprise 2023.3 the disclosed vulnerabilities have already been patched.

Known issues:

GeoCat Map Standard

Upgrade notes:

  • Tile Caching / Disk Quota store changes from H2 Database has been replaced with HSQL database to track use of diskspace.

    During initial startup you will receive a log message indicating the DiskQuota has been disabled.

    Use the Disk Quota page to configure an external HSQL database or switch to in-process HSQL database.

    You may then remove the unused gwc/diskquota_page_store_h2/ databases.

New Feature:

  • Upgraded for Java 11 (Java 8 no longer supported)
  • Feature type description can now be edited when customizing feature type attribute

Improvements:

  • About page version and build details only displayed when logged in as an administrator
  • Java 17 support for GetFeature “lazy” count(*) performance optimization
  • Fast polygon intersection enabled by default
  • FreeMarker Template HTML Auto-escaping is now enabled by default.
  • Configuration option ENTITY_RESOLUTION_ALLOWLIST default changed to to ogc, w3c, and inspire required by the majority of our customers. Previously this was an optional setting.
  • Configuration option GEOSERVER_USE_STRICT_FIREWALL enabled by default.
  • Configuration option GEOSERVER_DISABLE_STATIC_WEB_FILES available to restrict use of geoserver/www folder (used to serve static web files).
  • Configuration option GEOSERVER_MODULE_SYSTEM_ENVIRONMENT_STATUS_ENABLED andGEOSERVER_MODULE_SYSTEM_PROPERTY_STATUS_ENABLED to control behaviour of Module Status information

GeoCat Map Premium

New feature:

  • Raster Attribute Table Extension now available to support GDAL format mapping pixel values to tabular data.

Improvements:

  • MapML viewer updated, changing the permalink made to any previously available maps
  • MapML Tiled CRS setting available t define the GridSet used my the MapML viewer

Technology preview:

  • JWT Headers allowing Apache to OAuth2 to pass JSON payloads to GeoServer Authorization
  • Release Notes, GeoServer
  • 0 Els usuaris han Trobat Això Útil
Ha estat útil la resposta?

Articles Relacionats

GeoServer Enterprise 2023.1 Release Notes

GeoCat is pleased to present our latest distribution of GeoServer Enterprise. Overview...

GeoServer Enterprise 2023.0 Release Notes

GeoCat is pleased to present our latest distribution of GeoServer Enterprise. Overview...

GeoServer Enterprise 2021.1 Release Notes

GeoServer Enterprise 2021.1 Release Notes GeoCat is pleased to present our latest distribution...

GeoServer Enterprise 2021.2 Release Notes

GeoServer Enterprise 2021.2 Release Notes GeoCat is pleased to present our latest distribution...

GeoServer Enterprise 2021.3 Release Notes

GeoServer Enterprise 2021.3 Release Notes GeoCat is pleased to present our latest distribution...