GeoServer 2.13.3 released

We are happy to announce the release of GeoServer 2.13.3. Downloads are available (zipwar, and exe) along with docs and extensions.

This is a maintenance release recommended for production use (for newer projects please use the 2.14.x series, as 2.13.x will cease to be supported in a few months).
This release is made in conjunction with GeoTools 19.3 and GeoWebCache 1.13.3.

Highlights of this release are featured below, for more information please see the release notes (2.13.32.13.2 | 2.13.1 | 2.13.02.13-RC1 | 2.13-beta).

Improvements and Fixes

  • Allow selection of geometry attribute in app-schema, support mapping files over HTTP connection, push spatial filters over nested geometries down into SQL when possible
  • Performance improvement when reporting dimension values in WMS capabilities, for dimensions out of raster data and presented as “interval and resolution”
  • WCS thread safety fixes when using requests with reprojection and rescaling under high load. Also, when requesting an area inside the bounds of a sparse mosaic, the result might have had less pixels than requested.
  • CSS translator fixed to support mark offset/anchors based on expressions
  • File chooser autocomplete had duplicate entries on Linux
  • REST config, it was not possible to set the default style using a layer PUT
  • GetLegendGraphic ignores the OnlineResource configured in the style for raster layers

About GeoServer 2.13 Series

Additional information on the 2.13 series:

 

GeoServer the most popular choice for Brazil SDI

Last week the Brazilian government released a list of government agencies that have already implemented their spatial data infrastructure (SDI). This list has 21 agencies, and the interesting thing is that 18 out of 21 use GeoServer in their SDI.

Portal of Brazil’s spatial data infrastructure

Brazil has a 2008 decree, which establishes the creation of spatial data infrastructure by government agencies, and since then, this process of spatial data availability has been growing in the country.

Below, the GeoServer address of some of these agencies:

A spatial data infrastructure (SDI) is a data infrastructure implementing a framework of geographic data, metadata, users and tools that are interactively connected in order to use spatial data in an efficient and flexible way (Wikipedia, 2018).

Java 2018 Code Sprint

Java 11 is released tomorrow! GeoServer has a window until January 2019 before Java 8 is no longer officially supported!

To make the transition the GeoServer team is setting up a Java 2018 Code Sprint – and we need your support to help enough participants attend!

  • October 22-26th
  • Groups gathering in North America, Europe and Oceania

With recent policy changes setting the Java platform on a six-month release cycle. We also have significant work ensuring the libraries we use either work with the “jigsaw” module system or are replaced.

Already we have identified changes needed for GeoServer to run at all:

  • Upgrade Spring: The application framework uses the reflection feature of Java to wire GeoServer together – and needs to be updated to work with the additional Java 11 restrictions.
  • Upgrade Log4J: A Java 11 compatible version of Log4J is available and provides tools for visualization and exploring log messages.
  • Repackage the application adding automatic module names

Our goal is to ensure that the next release of GeoServer can run with Java 8 or Java 11.

How to participate

Please visit the osgeo wiki page and add yourself to the list of participants. We are trying to bring as contributors together as possible and would love it if you could join us!

In addition to GeoServer representatives from GeoTools and GeoNetwork will be taking part.

How to sponsor

We have three sponsorship levels available, with contributions devoted to helping participants attend:

  • Gold: $7500 USD
  • Silver: $1500 USD
  • Bronze: $750 USD

Sponsor logos are included on the event page and blog posts in addition to being featured in the associated project release announcements. More importantly your financial support goes towards making sure GeoServer remains available on a supported Java platform.

Please see the wiki page for details on how to sponsor.

GeoServer 2.14.0 Released

We are happy to announce the release of GeoServer 2.14.0. Downloads are available (zipwar, and exe) along with docs and extensions.

This is the first stable release of the 2.14 series of GeoServer, and is recommended for all production systems. With this release, the 2.13 series moves to maintenance, and the 2.12 series moves to unsupported.

This release is made in conjunction with GeoTools 20.o and GeoWebCache 1.14.0

This release includes a number of new features and improvements:

WMS “nearest match” support for time dimension

WMS time dimension can now be configured for “nearest match”, that is, to return the nearest time to the one requested (either explicitly, or implicitly via the default time value).

In case of mismatch the actual time used will be returned along with the response as a HTTP header. It is also possible to configure a maximum tolerance, beyond that the server will throw a service exception.

Channel selection name allow expressions

GeoServer 2.14.0 allows expressions to be used in SourceChannelName SLD elements, and in their code counterpart, thus allowing dynamic channel selection. This is welcomed news for anyone building applications that display multispectral or hyperspectral data, thus avoiding the need to build many different styles for the various interesting false color combinations.

Here is an SLD example:

<RasterSymbolizer>
  <ChannelSelection>
    <RedChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B1</ogc:Literal>
             <ogc:Literal>2</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </RedChannel>
    <GreenChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B2</ogc:Literal>
             <ogc:Literal>5</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </GreenChannel>
    <BlueChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B3</ogc:Literal>
             <ogc:Literal>7</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </BlueChannel>
  </ChannelSelection>
<RasterSymbolizer>

Map algebra

This release adds support for an efficient map algebra package knows as Jiffle. Jiffle has been the work of a former GeoTools contributor, Michael Bedwards, that has been salvaged, upgraded to support Java 8, and integrated in jai-ext. From the there support has been added into the GeoTools gt-process-raster module and as a result in GeoServer WPS, to be used either directly or as a rendering transformation.

The following SLD style calls onto Jiffle to perform a NDVI calculation on top of Sentinel 2 data:

<?xml version="1.0" encoding="UTF-8"?>
<StyledLayerDescriptor xmlns="http://www.opengis.net/sld" 
   xmlns:ogc="http://www.opengis.net/ogc" xmlns:xlink="http://www.w3.org/1999/xlink" 
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.opengis.net/sld
http://schemas.opengis.net/sld/1.0.0/StyledLayerDescriptor.xsd" version="1.0.0">
  <NamedLayer>
    <Name>Sentinel2 NDVI</Name>
    <UserStyle>
      <Title>NDVI</Title>
      <FeatureTypeStyle>
        <Transformation>
          <ogc:Function name="ras:Jiffle">
            <ogc:Function name="parameter">
              <ogc:Literal>coverage</ogc:Literal>
            </ogc:Function>
            <ogc:Function name="parameter">
              <ogc:Literal>script</ogc:Literal>
              <ogc:Literal>
                nir = src[7];
                vir = src[3];
                dest = (nir - vir) / (nir + vir);
              </ogc:Literal>
            </ogc:Function>
          </ogc:Function>
        </Transformation>
        <Rule>
          <RasterSymbolizer>
            <Opacity>1.0</Opacity>
            <ColorMap>
              <ColorMapEntry color="#000000" quantity="-1"/>
              <ColorMapEntry color="#0000ff" quantity="-0.75"/>
              <ColorMapEntry color="#ff00ff" quantity="-0.25"/>
              <ColorMapEntry color="#ff0000" quantity="0"/>
              <ColorMapEntry color="#ffff00" quantity="0.5"/>
              <ColorMapEntry color="#00ff00" quantity="1"/>
            </ColorMap>
          </RasterSymbolizer>
        </Rule>
      </FeatureTypeStyle>
    </UserStyle>
  </NamedLayer>
</StyledLayerDescriptor>

The performance is good enough for interactive display, and the result looks as follows (click to enlarge):

PostGIS store improvements and measured geometries support

The PostGIS datastore has been for years the only one that could encode a few filter functions used in filters down into native SQL, but it required a datastore creation flag to be enabled.
Starting with this release it will do so by default.

The functions supported for SQL encoding by the store are:

  • String functions: strConcat, strEndsWith, strStartsWith, strEqualsIgnoreCase, strIndexOf, strLength, strToLowerCase, strToUpperCase, strReplace, strSubstring, strSubstringStart, strTrim, strTrim2
  • Math functions: abs, abs_2, abs_3, abs_4, ceil, floor
  • Date functions: dateDifference

This release adds support for “array” data type in the store, with full reading and writing support, as well as native filtering (with index support, where feasible).

Finally, it’s now possible to read geometries with measures from PostGIS and encode the results in GML. GML does not natively support measures, so the encoding is off by default and you’ll have to enable it explicitly, as well as ensure that the clients involved in WFS usage recognize this extra ordinate. The work will continue in the next few month in order to cover more formats.

 

Image mosaic improvements

The image mosaic module never sleeps, in this release we see the following improvements:

  • Support for remote images (e.g. S3 or Minio). In order to leverage this the mosaic index will have to be created up-front (manually, or with some home grown tools)
  • A new “virtual native resolution” read parameter allows the mosaic to compose outputs respecting a native resolution other than its native one (useful in case you want to give selective resolution access to different users)
  • Supporting multiple WKBs footprint for pixel precise overviews masking
  • A new read mask parameter allows to cut the image to a given geometry (again, helps in providing different selective views to different users)
  • Speed up NetCDF mosaics by allowing usage of stores coming from a repository, instead of re-creating them every time a NetCDF file is needed (to be setup in the auxiliary store config file, while the repository instance needs to be passed as a creation hint).
  • The mosaic now works against images without a proper CRS, setting them into the “CRS not found” wildcard CRS, aka “EPSG:404000”

App-schema improvements

The app-schema module got significant performance and functionality improvements since 19.x series, in particular:

  • Better delegation of spatial filters on nested properties to native database
  • Improved support for multiple nested attribute matches in filters
  • It is now possible to use Apache SOLR as a data source for app-schema
  • The configuration files can be hosted on a remote HTTP server

The MongoDB store upgrades to official extension

Wanted to use the MongoDB store but worried about its unsupported status? Worry no more, in GeoServer 2.14 the MongoDB datastore upgraded to official extension status.

Style editor improvements

The GeoServer style editor now includes a fullscreen side-by-side editing mode, to make it easier to preview your styles while editing them. Click the fullscreen button at the top-right of the screen to toggle fullscreen mode.

The toolbar also has two new additions, a color picker helping to find the right color and turn it into a HEX specification, and a file chooser that allows to pick an external graphic and build the relevant ExternalGraphic element:

 

Windows build restored

GeoServer failed to properly build on Windows for a long time. GeoServer 2.14.x is the first branch in years to successfully build on Windows, and we have added an AppVeyor build to help keep the build going in the future.

The work to make it build there has been fully done in spare time, and we are still experiencing random build failures. If you are a Java developer on Windows, we could really use your help to keep GeoServer Windows build friendly.

New community modules

The 2.14 series comes with a few new community modules, in particular:

  • OAuth2 OpenID connect module (still very much a work in progress)
  • A WFS3 implementation has been added that matches the current WFS3 specification draft, and it’s being updated to become an official compliant one.

Mind, community modules are not part of the release, but you can find them in the nightly builds instead.

JTS Upgrade

Java Topology Suite (JTS) has been upgraded to version 1.16. This marks a significant change in package naming, the library has switched from “com.vividsolutions” to “org.locationtech”  packages and all GeoServer code has been updated to follow suit.

This has some side-effects on output produced by REST featuretype and structured coverage requests, specifically the package names used for geometry types in the binding parameter of any geometry attributes.

Any REST clients which rely on this binding information should be updated to support the new names. GeoServer will still support reading the old “com.vividsolutions” names, but will only output the new”org.locationtech” names.

For more details, refer to the upgrade guide in the GeoServer documentation.

Other assorted improvements

There are many improvements to look at in the release notes (2.14.02.14-RC), cherry picking a few here:

  • The ncWMS community module has seen significant performance improvements
  • WPS has a CSV input/output supporting geometryless data, as well as geometries with WKT encoding, as well as supporting pure PNG/JPEG image for raster data
  • Time/Elevation parsers are no longer silently cutting the read data to 100 entries
  • The WMTS multidimensional GetHistogram operation is now significantly faster, and a new GetDomainValues operation allows to page through the values of a domain (time, elevation) that has too many values to be efficiently explored with DescribeDomain or GetFeature. The DescribeDomain was also improved to allow a selection of the domains that should be described.
  • The SLDService community module has now the ability to return a full SLD style (as opposed to snippets), allows for custom classification and custom color selection. Also, keep an eye on this module, as it’s about to graduate to supported status
  • The monitoring module can now log the hit/miss status of tiled requests, quite helpful to verify the benefit of caching, especially while using WMS direct integration
  • Fix “Chunk [] is not a valid entry” error for the embedded GWC reload endpoint
  • Tiled layers preview does not use Proxy Base Url
  • featuretype.xml bindings reference com.vividsolutions.jts classes

Security consideration

Please update your production instances of GeoServer to receive the latest security updates and fixes.

This release addresses several security vulnerabilities:

  • Prevent arbitrary code execution via Freemarker Template injection
  • XXE vulnerability in GeoTools XML Parser
  • XXE vulnerability in WPS Request builder
  • Various library upgrades (see above) from versions with known CVEs
  • Potential access to admin pages without being logged in

Thanks to Steve Ikeoka, Kevin Smith, Brad Hards, Nuno Oliveira and Andrea Aime for providing fixes to these issues.

If you encounter a security vulnerability in GeoServer, or any other open source software, please take care to report the issue in a responsible fashion.

About GeoServer 2.14

GeoServer 2.14-RC released

We are happy to announce the release of GeoServer 2.14-RC. Downloads are available (zipwar, and exe) along with docs and extensions.

This is a beta release of GeoServer made in conjunction with GeoTools 20-RC.

We want to encourage people to test the release thoroughly and report back any issue found. With no further delay, let’s see what’s new, that is, what is there to test!

WMS “nearest match” support for time dimension

WMS time dimension can now be configured for “nearest match”, that is, to return the nearest time to the one requested (either explicitly, or implicitly via the default time value).

In case of mismatch the actual time used will be returned along with the response as a HTTP header. It is also possible to configure a maximum tolerance, beyond that the server will throw a service exception.

Channel selection name allow expressions

GeoServer 2.14-RC allows expressions to be used in SourceChannelName SLD elements, and in their code counterpart, thus allowing dynamic channel selection. This is welcomed news for anyone building applications that display multispectral or hyperspectral data, thus avoiding the need to build many different styles for the various interesting false color combinations.

Here is an SLD example:

<RasterSymbolizer>
  <ChannelSelection>
    <RedChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B1</ogc:Literal>
             <ogc:Literal>2</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </RedChannel>
    <GreenChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B2</ogc:Literal>
             <ogc:Literal>5</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </GreenChannel>
    <BlueChannel>
      <SourceChannelName>
          <ogc:Function name="env">
             <ogc:Literal>B3</ogc:Literal>
             <ogc:Literal>7</ogc:Literal>
          </ogc:Function>
      </SourceChannelName>
    </BlueChannel>
  </ChannelSelection>
<RasterSymbolizer>

Map algebra

This release adds support for an efficient map algebra package knows as Jiffle. Jiffle has been the work of a former GeoTools contributor, Michael Bedwards, that has been salvaged, upgraded to support Java 8, and integrated in jai-ext. From the there support has been added into the GeoTools gt-process-raster module and as a result in GeoServer WPS, to be used either directly or as a rendering transformation.

The following SLD style calls onto Jiffle to perform a NDVI calculation on top of Sentinel 2 data:

<?xml version="1.0" encoding="UTF-8"?>
<StyledLayerDescriptor xmlns="http://www.opengis.net/sld" 
   xmlns:ogc="http://www.opengis.net/ogc" xmlns:xlink="http://www.w3.org/1999/xlink" 
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.opengis.net/sld
http://schemas.opengis.net/sld/1.0.0/StyledLayerDescriptor.xsd" version="1.0.0">
  <NamedLayer>
    <Name>Sentinel2 NDVI</Name>
    <UserStyle>
      <Title>NDVI</Title>
      <FeatureTypeStyle>
        <Transformation>
          <ogc:Function name="ras:Jiffle">
            <ogc:Function name="parameter">
              <ogc:Literal>coverage</ogc:Literal>
            </ogc:Function>
            <ogc:Function name="parameter">
              <ogc:Literal>script</ogc:Literal>
              <ogc:Literal>
                nir = src[7];
                vir = src[3];
                dest = (nir - vir) / (nir + vir);
              </ogc:Literal>
            </ogc:Function>
          </ogc:Function>
        </Transformation>
        <Rule>
          <RasterSymbolizer>
            <Opacity>1.0</Opacity>
            <ColorMap>
              <ColorMapEntry color="#000000" quantity="-1"/>
              <ColorMapEntry color="#0000ff" quantity="-0.75"/>
              <ColorMapEntry color="#ff00ff" quantity="-0.25"/>
              <ColorMapEntry color="#ff0000" quantity="0"/>
              <ColorMapEntry color="#ffff00" quantity="0.5"/>
              <ColorMapEntry color="#00ff00" quantity="1"/>
            </ColorMap>
          </RasterSymbolizer>
        </Rule>
      </FeatureTypeStyle>
    </UserStyle>
  </NamedLayer>
</StyledLayerDescriptor>

The performance is good enough for interactive display, and the result looks as follows (click to enlarge):

PostGIS store improvements and measured geometries support

The PostGIS datastore has been for years the only one that could encode a few filter functions used in filters down into native SQL, but it required a datastore creation flag to be enabled.
Starting with this release it will do so by default.

The functions supported for SQL encoding by the store are:

  • String functions: strConcat, strEndsWith, strStartsWith, strEqualsIgnoreCase, strIndexOf, strLength, strToLowerCase, strToUpperCase, strReplace, strSubstring, strSubstringStart, strTrim, strTrim2
  • Math functions: abs, abs_2, abs_3, abs_4, ceil, floor
  • Date functions: dateDifference

This release adds support for “array” data type in the store, with full reading and writing support, as well as native filtering (with index support, where feasible).

Finally, it’s now possible to read geometries with measures from PostGIS and encode the results in GML. GML does not natively support measures, so the encoding is off by default and you’ll have to enable it explicitly, as well as ensure that the clients involved in WFS usage recognize this extra ordinate. The work will continue in the next few month in order to cover more formats.

 

Image mosaic improvements

The image mosaic module never sleeps, in this release we see the following improvements:

  • Support for remote images (e.g. S3 or Minio). In order to leverage this the mosaic index will have to be created up-front (manually, or with some home grown tools)
  • A new “virtual native resolution” read parameter allows the mosaic to compose outputs respecting a native resolution other than its native one (useful in case you want to give selective resolution access to different users)
  • Supporting multiple WKBs footprint for pixel precise overviews masking
  • A new read mask parameter allows to cut the image to a given geometry (again, helps in providing different selective views to different users)
  • Speed up NetCDF mosaics by allowing usage of stores coming from a repository, instead of re-creating them every time a NetCDF file is needed (to be setup in the auxiliary store config file, while the repository instance needs to be passed as a creation hint).
  • The mosaic now works against images without a proper CRS, setting them into the “CRS not found” wildcard CRS, aka “EPSG:404000”

App-schema improvements

The app-schema module got significant performance and functionality improvements since 19.x series, in particular:

  • Better delegation of spatial filters on nested properties to native database
  • Improved support for multiple nested attribute matches in filters
  • It is now possible to use Apache SOLR as a data source for app-schema
  • The configuration files can be hosted on a remote HTTP server

The MongoDB store upgrades to official extension

Wanted to use the MongoDB store but worried about its unsupported status? Worry no more, in GeoServer 2.14 the MongoDB datastore upgraded to official extension status.

Style editor improvements

The GeoServer style editor now includes a fullscreen side-by-side editing mode, to make it easier to preview your styles while editing them. Click the fullscreen button at the top-right of the screen to toggle fullscreen mode.

The toolbar also has two new additions, a color picker helping to find the right color and turn it into a HEX specification, and a file chooser that allows to pick an external graphic and build the relevant ExternalGraphic element:

 

Windows build restored

GeoServer failed to properly build on Windows for a long time. GeoServer 2.14.x is the first branch in years to successfully build on Windows, and we have added an AppVeyor build to help keep the build going in the future.

The work to make it build there has been fully done in spare time, and we are still experiencing random build failures. If you are a Java developer on Windows, we could really use your help to keep GeoServer Windows build friendly.

New community modules

The 2.12 series comes with a few new community modules, in particular:

  • OAuth2 OpenID connect module (still very much a work in progress)
  • A WFS3 implementation has been added that matches the current WFS3 specification draft, and it’s being updated to become an official compliant one.

Mind, community modules are not part of the release, but you can find them in the nightly builds instead.

Other assorted improvements

There are many improvements to look at in the release notes, cherry picking a few here:

  • The ncWMS community module has seen significant performance improvements
  • WPS has a CSV input/output supporting geometryless data, as well as geometries with WKT encoding, as well as supporting pure PNG/JPEG image for raster data
  • Time/Elevation parsers are no longer silently cutting the read data to 100 entries
  • The WMTS multidimensional GetHistogram operation is now significantly faster, and a new GetDomainValues operation allows to page through the values of a domain (time, elevation) that has too many values to be efficiently explored with DescribeDomain or GetFeature. The DescribeDomain was also improved to allow a selection of the domains that should be described.
  • The SLDService community module has now the ability to return a full SLD style (as opposed to snippets), allows for custom classification and custom color selection. Also, keep an eye on this module, as it’s about to graduate to supported status
  • The monitoring modul can now log the hit/miss status of tiled requests, quite helpful to verify the benefit of caching, especially while using WMS direct integration

Security consideration

Please update your production instances of GeoServer to receive the latest security updates and fixes.

This release addresses several security vulnerabilities:

  • Prevent arbitrary code execution via Freemarker Template injection
  • XXE vulnerability in GeoTools XML Parser
  • XXE vulnerability in WPS Request builder
  • Various library upgrades (see above) from versions with known CVEs
  • Potential access to admin pages without being logged in

Thanks to Steve Ikeoka, Kevin Smith, Brad Hards, Nuno Oliveira and Andrea Aime for providing fixes to these issues.

If you encounter a security vulnerability in GeoServer, or any other open source software, please take care to report the issue in a responsible fashion.

Test, test, test!

Now that you know about all the goodies, please go, download and test your favourite ones. Let us know how it went!

About GeoServer 2.14

GeoServer 2.14 is scheduled for September 2018 release.

FOSS4G 2018 GeoServer Developers Workshop

Thanks to everyone who attended today’s foss4g developer workshop, here are the slides and resources used:

 

GeoServer 2.12.5 released

We are happy to announce the release of GeoServer 2.12.5. Downloads are available (zipwar, and exe) along with docs and extensions.

This is the last maintenance release for the 2.12.x series, so we recommend users to plan an upgrade to 2.13.x or to the upcoming 2.14.x series. This release is made in conjunction with GeoTools 18.5.

Highlights of this release are featured below, for more information please see the release notes (2.12.52.12.42.12.3,2.12.22.12.12.12.0 | 2.12-RC1 | 2.12-beta).

Improvements

  • ImageMosaic should work when the images have no CRS information
  • Upgrade Apache POI dependencies
  • Upgrade jasypt dependency
  • Upgrade json-lib dependency to 2.4
  • Upgrade bouncycastle provider to 1.60

Bug Fixes

  •  NullPointerException during WMS request of layer group when caching is enabled
  • GeorectifyCoverage fails to handle paths with spaces
  •  CSS translator does not support mark offset/anchors based on expressions (but SLD does)
  • GeoServerSecuredPage might not redirect to login page in some obscure cases after Wicket upgrade

Security updates

Please update your production instances of GeoServer to receive the latest security updates and fixes.

This release addresses several security vulnerabilities:

  • Prevent arbitrary code execution via Freemarker Template injection
  • XXE vulnerability in GeoTools XML Parser
  • XXE vulnerability in WPS Request builder
  • Various library upgrades (see above) from versions with known CVEs

Thanks to Steve Ikeoka, Kevin Smith, Brad Hards and Nuno Oliveira for providing fixes to these issues.

These fixes are also included in the 2.13.2 release.

If you encounter a security vulnerability in GeoServer, or any other open source software, please take care to report the issue in a responsible fashion.

About GeoServer 2.12 Series

Additional information on the 2.12 series:

GeoServer 2.13.2 released

We are happy to announce the release of GeoServer 2.13.2. Downloads are available (zipwar, and exe) along with docs and extensions.

This is a stable release recommended for production use. This release is made in conjunction with GeoTools 19.2 and GeoWebCache 1.13.2.

Highlights of this release are featured below, for more information please see the release notes (2.13.2 | 2.13.1 | 2.13.02.13-RC1 | 2.13-beta).

Improvements and Fixes

  • style editor map legend always includes legend
  • performance improvement for multi-band coverage time series
  • WMS 1.3.0 performance improvement for north/east axis order
  • Fix support of external graphics over http

Security updates

Please update your production instances of GeoServer to receive the latest security updates and fixes.

This release addresses several security vulnerabilities:

  • Prevent arbitrary code execution via Freemarker Template injection
  • XXE vulnerability in GeoTools XML Parser
  • XXE vulnerability in WPS Request builder
  • Various library upgrades (see above) from versions with known CVEs

Thanks to Steve Ikeoka, Kevin Smith, Brad Hards and Nuno Oliveira for providing fixes to these issues.

If you encounter a security vulnerability in GeoServer, or any other open source software, please take care to report the issue in a responsible fashion.

About GeoServer 2.13 Series

Additional information on the 2.13 series:

 

GeoServer 2.12.4 Release

We are happy to announce the release of GeoServer 2.12.4. Downloads are available (zipwar, and exe) along with docs and extensions.

This is a maintenance release and a recommend update production systems. This release is made in conjunction with GeoTools 18.4.

Highlights of this release are featured below, for more information please see the release notes (2.12.42.12.3,2.12.2, 2.12.12.12.0 | 2.12-RC1 | 2.12-beta).

Improvements

  • Add forceLabels=on in the style editor map legend to help users,
  • Remove language warnings during Windows setup compilation and remove ‘work’ folder when uninstalling on Windows
  • Move MongoDB community module to supported status

Bug Fixes

  • Response time of WMS 1.3.0 significantly higher than vs WMS 1.x.x on systems whose axis in north/east order
  • Exception with NULL values with AggregateProcess
  • Style with Interpolate function causes NullPointerException on GetLegendGraphic
  • WFS with startIndex doesn’t return some results
  • Vector identifying feature info uses an undocumented system variable to set the default search area
  • Removing extensions with own configuration bits may cause GeoServer not to start up anymore
  • Windows Installation issue – upgrading GeoServer results in corrupt data_dir
  • Class java.util.Map$Entry is not whitelisted for XML parsing.
  • Add WMS GetMap and GetFeatureInfo tests for App-Schema MongoDB integration
  • CatalogRepository cannot find a store by name, if the store has just been added
  • WCS 1.0.0 generates wrong links in GetCapabilities
  • CatalogRepository should return a null on store not found, instead it throws a RuntimeException
  • Layer page will only show up to 25 bands, regardless of the actual set of bands available
  • Undocumented GDAL 2.3.0 CSV output geometry column name change breaks WPSOgrTest

Security Updates

Please update your production instances of GeoServer to receive the latest security updates and fixes.

If you encounter a security vulnerability in GeoServer, or any other open source software, please take care to report the issue in a responsible fashion.

About GeoServer 2.12 Series

Additional information on the 2.12 series:

GeoServer 2.13.1 Released

We are happy to announce the release of GeoServer 2.13.1. Downloads are available (zipwar, and exe) along with docs and extensions.

This is a stable release recommended for production use. This release is made in conjunction with GeoTools 19.1 and GeoWebCache 1.13.1.

Highlights of this release are featured below, for more information please see the release notes (2.13.1 | 2.13.02.13-RC1 | 2.13-beta):

New Features and Improvements

  • MongoDB community module moved to extension
  • Support PNG/JPEG WPS Downloads
  • Allow self joining GetFeature without aliases
  • Add support for priority in control-flow bounded queues
  • Hibernate Monitoring extension moved to a community module

Bug Fixes

  • WCS 1.0.0 generates wrong links in GetCapabilities
  • WFS 2.0 capabilities report transaction support even if the service level is not configured as such
  • WPSResourceManager cleanup is not deleting temporary subfolders (only files)
  • GeoServer in CITE compliance mode fails to validate an empty LockFeature request
  • WMS 1.3 GetMap request significantly slower than WMS 1.1.0 since GeoServer 2.11.4
  • Import objects cannot be deleted when in COMPLETE state
  • Style with Interpolate function causes NullPointerException on GetLegendGraphic
  • Windows Installation issue – upgrading GeoServer results in corrupt data_dir
  • Windows Installer: Remove ‘work’ folder when uninstalling

 

Download GeoServer