GeoServer 2.9.3 Released

The GeoServer team is pleased to announce the release of GeoServer 2.9.3. Download bundles are provided (binwardmg and exe) along with documentation and extensions.

This is a maintenance release of GeoServer suitable for production systems. Maintenance releases are focused on bug fixes and stability, rather than new features.

The team has been working hard, resulting in a wide range of bug fixes:

  • Windows installer fixed allowing port to set for standalone or service use
  • KML Output managed a date-month swap when used in a non-POSIX locale.
  • Improved documentation for the demo pages, including the WCS Request builder.
  • CSS stroke-offset now supports expressions
  • WMS GetCapabilities fix for inadvertently show layer group contents multiple times.
  • Style generation fix for raster data layers
  • Coverage view improvements include preservation of origional band names, and alpha band if available.
  • WFS correctly handles disabled stores
  • REST API
    • Correctly represent empty true/false values for html output
    • Representation of an empty styles list in JSON fixed
    • Cascade delete fixed to correctly handle nested layer groups
  • JMS Clustering has received a number of fixes: correctly handles virtual service configuration, propagation of workspace and service settings.
  • Lots of bug fixes (check the release notes for details)

For more information about GeoServer 2.9.3 refer to release notes (2.9.3|2.9.2 | 2.9.1 | 2.9.0 | RC1 | beta2 | beta | M0 ).

Community Modules

Community module updates:

  • A community module is now available allowing GeoServer to authenticate against the OAuth2 protocol (including Google OAuth2).

Security Considerations

This release addresses three security vulnerabilities:

  • Additional restrictions have been placed on the demo request page
  • Addressed an XML injection vulnerability identified in an automatic scan.
  • GeoServer now changes sessions during login, this addresses a class of vulnerablities known as “session fixation”.

Thanks again to Nick Muerdter for reporting these in a responsible manner (and Andrea and Jody for addressing these during the November bug stomp.)

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

About GeoServer 2.9

Articles, docs, blog posts and presentations:

The new and improved GeoServer Style Editor

Over the course of the past few months, I have been working on improving GeoServer style editor page based on the “CSS Styles” page. These changes are now available in the newly released GeoServer 2.10.0.

The original GeoServer Improvement Proposal for these changes (GSIP-149) can be found on the github page for the GeoServer project.

From a development perspective, working on these improvements was quite the experience, and turned out to not be as simple a port as I had expected. By the end of it, I wound up learning a lot about wicket (The UI Framework used by GeoServer), and the various ways in which we have gotten it to do things it was never designed to do.

Thanks to Andrea Aime for help with some of the technical aspects of Wicket and the previous Style Page, and to Jody Garnett for guiding me through the creation of my first GSIP. This work greatly benefited from review and feedback during the 2.10 release candidate and from the those attending the FOSS4G Styling workshop.

screen-shot-2016-11-14-at-10-44-21-am

Intro to the New Style Editor

The new style editor is far more functional, in addition to managing the style you can now directly update which layers use the style, interactively preview your map at different zoom levels, and review layer attributes.

The new “apply” button works very well with the map preview, allowing you to save your work and review the change visually without leaving the style editor.

Refer to the User Guide for more details about each tab.

Data Tab

All the functionality of the old style editor is available on the first tab. This consists of modifying style data (name, workspace, format), style content (style generation and upload functions), and the legend graphic.

screen-shot-2016-11-14-at-9-16-24-am

For example to generate a new point style:

  1. Under Generate a default style select Point.
  2. Click Generate, a random color will be used when generating the new style.
    screen-shot-2016-11-14-at-9-54-09-am
  3. The Style editor is filled in with the generated style.
  4. Press Apply to save this style while remaining on the style editor page.
  5. Click Preview Legend to view a preview of the style iconography.
    screen-shot-2016-11-14-at-10-24-17-am

Publishing Tab

The “Publishing” tab visualizes which layers the current style is associated with, and lets you modify these associations for all layers.

For instance, we can set our new style to be the default style for the “buildings” layer:

screen-shot-2016-11-14-at-10-05-29-am

To use our new point style we can configure several layers:

  1. Make our style the default for buildings, click the checkbox under the Default column.
    screen-shot-2016-11-14-at-10-05-43-am
  2. To allow our style to be used as an alternative style for firestations and hospitals click the checkbox under the Associated column.
    screen-shot-2016-11-14-at-10-06-55-am
  3. These changes are made immediately.

Layer Preview Tab

One of the most valuable elements of the earlier CSS Style page was the ability to preview the current style on an existing layer. This ability to edit current layer, while showing a layer preview, is the key workflow improvement of the improved Style Editor.

The preview tab allows you to view the current style on any layer while editing:

  1. The layer used for the preview can be changed by clicking the layer name at the top of the page.
    screen-shot-2016-11-14-at-9-17-59-am

  2. The style editor remains at the bottom of the page when switching tabs, so we can go ahead and modify our style:
    screen-shot-2016-11-14-at-9-18-26-am

  3. After modifying the style, we can click the new “Apply” button to save the style and remain on the page. The Layer Preview will be updated with the new styling:
    screen-shot-2016-11-14-at-9-18-50-am

Layer Attributes Tab

Similar to the Layer Preview, the Layer Attributes tab allows you to preview the attributes associated with the preview layer.

This can be useful for determining what attribute to use for labeling, or how best to configure scale-dependant rules.

  1. The layer used for the preview can be changed by clicking the layer name at the top of the page.
    screen-shot-2016-11-14-at-9-19-09-am
  2. The Min/Max statistics can be calculated using the “Compute” link. Let’s take a look at the range of elevations:screen-shot-2016-11-14-at-10-08-49-am
  3. We can use this information to set the colour of the points based on their elevation, using the Interpolate function:
    screen-shot-2016-11-14-at-10-18-15-am
  4. Clicking the “Apply” button and returning to the preview tab, we can see the results of these changes in the in the layer preview:
    screen-shot-2016-11-14-at-10-18-06-am

And there you have it! The new style page presents a much more streamlined workflow for writing new styles for your layers.


If you are using the new style editor and encounter an error, please file a bug report.

Nov 18th Bug Stomp

Save the Date: The next GeoServer “Bug Stomp” is scheduled for Nov 18th!

If you would like to take part, but are new to open source development, please join the GeoServer-Devel email list and introduce yourself. We would like to ensure everyone shows up with a working test/development environment – and access to the “gitter” chat. Getting setup before the event gives everyone a chance to work as a team.

Please join us on Friday November 18th,  all skill levels welcome. Open source is not a spectator sport.

bug-stomp

About GeoServer Bug Stomp

GeoServer is hosting monthly “Bug Stomps”, giving the developer community a chance to focus on the health of the project, tackle difficult problems and introduce new developers to the team.

In October we have 117 issues closed – with 17 of those marked as fixed.

bugstomp

Highlights include:

The community modules also got some love:

We understand that it can be very difficult to balance customers deadlines and open source responsibilities. We would like to thank GeoSolutions, Boundless and Transient for their monthly commitment. If your organization is interested in taking part, and being recognized in these blog posts, contact a PSC member for details.

GeoServer 2.10.0 released

The GeoServer team is happy to announce the release of GeoServer 2.10.0. Downloads are available (zipwardmg and exe) along with docs and extensions.

This is the latest stable release of GeoServer intended for production systems. Please note that GeoServer 2.10.0 and GeoServer 2.9.2 include important security updates and we advise all users of GeoServer to upgrade at this time.

This release is made by Ian Turton with the help of the entire GeoServer team. It is built in collaboration with GeoTools 16.0 and GeoWebCache 1.10.0. We would like to thank everyone who provided feedback on the release candidate, ideally we would like more participation.

For more information on this release check the release notes (2.10.02.10-RC1 | 2.10-beta | 2.10-M0 ).

Packaging and Installation

  • The macOS DMG is now signed by the Open Source Geospatial Foundation which is required for the latest macOS. If you are having trouble please check System Preferences Security & Privacy and ensure that apps are allowed from “App Store and identified developers”.

    geoserver-macos-10-12

    macOS 10.12 System Preferences for Security and Privacy

  • The windows installer is now signed by the Open Source Geospatial Foundation. Unfortunately it takes a few days for “Windows SmartScreen” to trust that the application is okay (it is marked as “not commonly downloaded” since we just created it). You will need to click “More Options” to see the option to run the application.

    SmartScreen warning on Windows 7

    SmartScreen warning on Windows 7

  • For those just starting out the default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account by default, it’s up to the administrator to change that if they wish).selezione_118

Thanks to Michael Smith and the OSGeo for purchasing a digital certificate – this helps our open source software reach a wider audience. We would also like to extend our thanks to Larry Shaffer for digging in on the macOS and Windows requirements. The signed windows installer has been “built by hand” and we ask for your feedback so Larry can put together an automated system.

Security Considerations

Aaron Waddell reported an XXE vulnerability in the GeoTools library which has now been fixed.

We ask all our users to treat security vulnerabilities with respect and make plans to upgrade to GeoServer 2.10.0 or GeoServer 2.9.2 at this time.

New Style Editor

This release includes the new Styled Editor featured at the FOSS4G 2016 workshop. The editor mixes in the CSS editor preview and layer association abilities for more productive style development (if you are a CSS user you can go straight to the standard CSS editor now, the specific one got retired).

Here are a few screenshots. The main tab is reminiscent of the existing style editor page:

selezione_113

The publishing tab allows to link the style to layers as primary, or as associated/secondary style:

selezione_112

 

The preview tab is where we expect most of the work to be done, editing the style, and clicking on “Apply” to view how the changes affect the map:

selezione_111

Finally, the layer attributes tab shows the available attributes, their type, a sample value and allows to compute statistics on them:

selezione_114

We would like to thank those who attended the FOSS4G 2016 styling workshop for trying out an early milestone release. Special thanks to Andrea for extensive testing/feedback and to Torben for all the hard work during the release candidate.

Improved QGIS style compatibility

At the FOSS4G 2016 code sprint some work was done to increase the compatibility between QGIS and GeoServer styling. While most of the work was performed on the QGIS SLD export correctness, some work was also done on the GeoTools/GeoServer side.

First, we taught GeoServer how to handle SE/SLD 1.1 external marks, and implemented support for TTF symbols as external marks (this is how QGIS exports TTF based symbols). Here is an example of the syntax (remember, this is SE, symbology encoding, not SLD 1.0):

 <se:Mark>
   <se:OnlineResource xlink:type="simple" xlink:href="ttf://DNR%20Recreation%20Symbols"/>
   <se:Format>ttf</se:Format>
   <se:MarkIndex>64</se:MarkIndex>
   <se:Fill>
     <se:SvgParameter name="fill">#000000</se:SvgParameter>
   </se:Fill>
 </se:Mark>

The result is the extraction of the symbol from the true type font, and its usage in the map as a scalable vector symbol.  Here is a sample from our test suite, with lines overlaying the symbols to easily identify the point locations:

externalmark

 

QGIS ships with a set of SVG symbols which are “interesting”, in that they do not contain a fixed fill or stroke color, but parameters that need to be filled by the caller. QGIS then allows the user to specify such values, and fills them in before rendering, thus allowing to treat a SVG in a similar way to a built-in mark (with just a bit less control over the output compared to a mark). Looking at a SVG source we see:

<polygon fill="param(fill)" fill-opacity="param(fill-opacity)"
  stroke="param(outline)" stroke-opacity="param(outline-opacity)"
  stroke-width="param(outline-width)"
  points="290.565,67.281 35.067,509.815 33.98,511.7 545.209,512.093 547.389,512.095 "/>

GeoServer just learned to support these parameters, which are supposed to be added in the SVG URL reference, accoding to the SVG Parameters 1.0 spec “URL parameters” approach:

 <PointSymbolizer>
   <Graphic>
     <ExternalGraphic>
       <OnlineResource xlink:type="simple" xlink:href="firestation.svg?fill=#FF0000" />
      <Format>image/svg</Format>
     </ExternalGraphic>
     <size>128</size>
   </Graphic>
 </PointSymbolizer>

Which will result in something like:

firestationonlyfill

There is more work to be done – the team looked at including some of the custom QGIS “well-known” marks in GeoServer, but this work was not completed for the 2.10.0 release. If you are interested in helping out on this or other activities please contact us as a volunteer or professionally.

We would like to thank Andrea for his cross project leadership on this issue, and to the participants of the FOSS4G code sprint for helping out.

CSS Styling Improvements

The CSS Extension now sports nested rules, allowing for even more compact styles, for example:

[@scale < 3000] {
   mark: symbol(circle);
   :mark {
      fill: gray;
      size: 5
   };
   [type = 'important'] {
      mark: symbol(triangle);
      :mark {
        fill: red;
        stroke: yellow
      }
   }
}

Rendering transformation support has also been added, for example, it’s possible to extract contour lines from a raster using the following style:

/* @title Levels */
* {
  transform: ras:Contour(levels: 1100 1200 1300 1400 1500 1600 1700);
  z-index: 0;
  stroke: gray;
  label: [numberFormat('#', value)];
  font-size: 12;
  font-fill: black;
  font-weight: bold;
  halo-color: white;
  halo-radius: 2;
  -gt-label-follow-line: true;
  -gt-label-repeat: 200;
  -gt-label-max-angle-delta: 45;
  -gt-label-priority: 2000;
}

WMTS improvements

The WMTS service has now its own service configuration page, and if the INSPIRE extension is installed, proper INSPIRE extensions. The WMTS service is also now usable on per-workspace services (aka virtual services).

selezione_115

“JPEG or PNG” output format for WMS and WMTS

The relase includes support for the “JPEG or PNG” format, which allows the server to dynamically decide if JPEG or PNG is to be returned, based on pixel transparency. This should solve the classic scattered aerial/satellite overlay imagery dilemma, where the imagery is best compressed JPEG, except at the borders of the images, where transparency is needed.

selezione_119

GetFeatureInfo improvements for coverages

GetFeatureInfo against raster layers now ensures valid XML names are given to attributes, for valid GML outputs, and supports continous map wrapping for geographic projections, as well as working properly for rasters whose coordinate span beyond the 180 degrees East:

selezione_116

We would like to thank Ben Caradoc-Davies for working on this.

New projections support

GeoTools is now providing support for the Azimuthal equidistant projection:

 

Support for the rotated pole projections was also added:

selezione_117

Rotated pole support for GRIB2/NetCDF and GeoServer integration by Ben Caradoc-Davies (Transient), with the GeoTools rotated pole projection implementation by Maciej Filocha (ICM), based on code provided by Jürgen Seib (Deutscher Wetterdienst).

Image mosaic and image pyramid improvements

Both the image mosaic and image pyramid can now be configured to serve multiple coverages no matter what the data source (previously this was possible only if the sources were NetCDF or Grib files).

At the same time the image mosaic now allows more heterogeneous sources, adding to the previous ability of mixing different color models, a newfound ability to support heterogeneous input projections:

tutorial_reproj_artifact

Thanks to Devon Tucker for working on the heterogeneous input projections. For more information please check out the documentation examples.

LDAP User Group Service

The LDAP integration was previously limited to “authentication provider” status, e.g. it allowed GeoServer to validate a username/password combo by trying to connect to a LDAP service. GeoServer 2.10 ships with a LDAP based “user group service” instead, meaning, the list of users can be directly fetched from the LDAP, in alternative to the existing XML and JDBC providers.

selezione_120

Community Modules

The GeoServer community has been very active producing a wide range of exciting capabilities. These modules are not part of a release, and are not officially supported, but most of them can be downloaded as part of our nightly builds or built locally. If you are interested in seeing these reviewed and included in future releases of GeoServer please reach out to and ask how you can help.

YSLD community module

A new styling language, YSLD, has been added. YSLD is a YAML based language which closely matches the stucture of SLD using a text only representation: indentation is used to represent document structure rather than XML tags; filters are represented using ECQL, and all GeoServer vendor options are supported (with a “x-” prefix).

YSLD allows you to cut down your style for the common case where a style has a single rule inside a single feature style – for example:

- polygon:
  stroke-color: 'blue'
  stroke-width: 1
  fill-color: '#7EB5D3'
- text:
  label: ${name}
  fill-color: 'black'
  anchor: [0.5, 0.5]
  x-maxDisplacement: 40
  x-autoWrap: 70

As a “YAML based” format common blocks of code can be defined up front, and reused multiple times.

define: &stroke
 stroke-color: 'gray'
 stroke-width: 0.5
rules:
 - filter: ${region = '1'}
   symbolizers:
   - polygon:
     <<: *stroke
     fill-color: '#8DD3C7'
 - filter: ${region = '2'}
   symbolizers:
   - polygon:
     <<: *stroke
     fill-color: '#FFFFB3'

One feature offered that is not included in SLD is integration with GeoWebCache zoom levels – this allows rules to be enabled for specific zoom levels (avoiding the need to calculate the correct scale denominators by hand).

rules:
- zoom: [min,5]
  filter: ${type = 'small'}
  symbolizers:
  - ...
- zoom: [5,max]
  filter: ${type = 'small'}
  symbolizers:
  - ...
- zoom: [min,5]
  else: true
  symbolizers:
  - ...
- zoom: [5,max]
  else: true
  symbolizers:
  - ...

One interesting ability of the YSLD module that can be used to help get you started is the ability to take an existing SLD style and translate it 1-1 to YSLD using the REST API:

  • Access as SLD: http://localhost:8080/geoserver/rest/styles/states.sld?pretty=true
  • Access as YSLD: http://localhost:8080/geoserver/rest/styles/states.yaml
name: states
title: Population in the United States
abstract: |-
  A sample filter that filters the United States into three
          categories of population, drawn in different colors
feature-styles:
- name: name
  rules:
  - name: Population < 2M
    title: Population < 2M
    filter: ${PERSONS < '2000000'}
    scale: [min, max]
    symbolizers:
    - polygon:
        fill-color: '#A6CEE3'
        fill-opacity: 0.7
  ...

For more information this release includes an extensive YSLD Reference (complete with diagrams and examples).

ysld-docs

WMTS-ND discovery community module

The module adds WMTS operations helping a client to drill into the domain of a dataset with multiple dimensions, helping in particular with scattered datasets, or ones with related dimensions (e.g., forecasts having two related times, execution time and predicted time). The extra operations are:

  • DescribeDomains, providing a compact description of the available dimension values, and allowing to filter on a range of values for a particular dimension (space included), and see how the domain of the related dimensions change
  • GetHistogram, showing how the available data is distributed along a given dimension
  • GetFeature, to get footprint and dimension values of single features/rasters once a particular domain of interest has been established

The full specification is available online.

ncWMS community module

The ncWMS community module adds some extra operations and style support specially geared towards multidimensional raster data (including, but not limited to, NetCDF). The operations are a subset of the WMS extension provided by ncWMS, a NetCDF-CF specific WMS server.
First, a palette oriented styling language is added that only requires to provide a list of color values, which will be applied to the declared data min/max range automatically:

redblue-editor

The palette is then going to be applied to the range of values declared in the layer bands configuration, along with a number of vendor parameter in the request to control the actual range of values to be displayed, color for out of range values, linear vs logarithic palette:

redblue-default

The request can also include a “animate” parameter that, coupled with the GIF output format and a dimension range, e.g., a time range, will generate an animation in output:

countries_flexpart

Finally, a GetTimeSeries request parallels GetFeatureInfo and charts/extract the evolution of the phenomenon at a given point against time (also available as a CSV dump):

test-flexpart

More details and information about the module are available in the official documentation.

Backup and restore community module

The backup/restore community module provides a UI and a set of REST service to backup and restore the GeoServer configuration without forcing a full application restart. Each operation is asynchronous, and restores can be subject to dry run, to verify if the restore will complete without errors before actually applying it.

usagegui006

More information about the module can be found in the user documentation.

About GeoServer 2.10

Articles, docs, blog posts and presentations:

Community modules

  • A new community module to backup/restore and restore GeoServer configuration
  • A resource browser is available allowing remote management of styles, icons and fonts (needs building from sources).
  • A new WMTS multidimensional domain discovery community module for discovering patches of data in scattered data sets
  • The YSLD community module has been updated with extensive documentation

GeoServer 2.10-RC1 released

The GeoServer team is happy to announce the release of GeoServer 2.10-RC1. Downloads are available (zipwardmg and exe) along with docs and extensions.

While this release candidate is not intended for production we would like to ask everyone to download, try it out in your environment, try it out with your data, and report back success/glitches/failures to the email list.

We would like to thank everyone who This is a release candidate beta release of GeoServer made in conjunction with GeoTools 16-RC1.

Testing Priorities

Here is our priorities for testing:

New Features and Highlights

  • The macOS DMG is now signed by the Open Source Geospatial Foundation.
  • Aaron Waddell reported an XXE vulnerability in the GeoTools library which has been resolved (and is used by GeoServer).
  • GeoWebCache can now use MBTiles, including vector tiles.
  • The default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account).
  • Several fix/improvements in coverage view support for multiband sources and associated SLD band selection optimizations
  • Work continues on the WMTS multidimensional extension (some fixes for GetHistogram and DescribeDomains)

For more information about the what is included in the GeoServer 2.10 refer to release notes (2.10-RC1 | 2.10-beta | 2.10-M0 ).

About GeoServer 2.10

Articles, docs, blog posts and presentations:

Community modules

GeoServer 2.9.2 Released

The GeoServer team is pleased to announce the release of GeoServer 2.9.2. Download bundles are provided (binwardmg and exe) along with documentation and extensions.

This is a stable release of GeoServer suitable for production systems. This release is made in conjunction with GeoTools 15.2 and GeoWebCache 1.9.2. We extend our thanks to all contributors for making this release possible.

Highlights of this release include:

  • The macOS DMG is now signed by the Open Source Geospatial Foundation. This work done by Larry Shaffer and the system admin committee improves the Mac install experience.
    For macOS 10.12 Apple has asked that all applications to be from the App Store (sigh) or signed by identified developers. Using the OSGeo certificate to sign our application geoserver-macos-10-12
  • Style icons can now be referenced by URL in both the global styles folder and workspace styles folders.
  • WMTS improved with both a web admin page and “virtual service” support providing a WMTS for each workspace.
  • The INSPIRE extension now supports WMTS capabilities document. Upon installation of the INSPIRE extension the INSPIRE WMTS grid is now available.
  • Embedded GeoWebCache now supports mbtiles based tile storage.
  • Improvements to image mosaic documentation with more examples.
  • Support for “JPEG or PNG “output format, dynamically choosing the best format based on image transparency
  • Lots of bug fixes (check the release notes for details)

For more information about GeoServer 2.9.2 refer to release notes (2.9.2 | 2.9.1 | 2.9.0 | RC1 | beta2 | beta | M0 ).

Security Considerations

This release addresses two security vulnerabilities:

  • The default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account). This has the effect of making the service read-only by default, while still advertising we are a compliant WFS-T implementation. If you have an existing GeoServer deployment which you wish to be read-only your can configure security settings as described, or set the WFS service level to “basic”.
    geoserver-read-only
  • Aaron Waddell reported an XXE vulnerability in the GeoTools library which has been resolved (and is used by GeoServer). We encourage all users to upgrade to GeoServer 2.9.2 at this time. Please note that there are no additional releases of GeoServer 2.8 scheduled – now is the time to upgrade.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

About GeoServer 2.9

Articles, docs, blog posts and presentations:

GeoServer 2.10-beta released

We are happy to announce the release of GeoServer 2.10-beta. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

This is a beta release of GeoServer made in conjunction with GeoTools 16-beta.

Beta Testing

The GeoServer Team has been hard at work to bring you this beta release.

Here is our priorities for testing:

We one crititcal known issues to keep in mind when testing:

  • GEOS-7750 – The WMS and LegendSample beans used in GeoServerTileLayer may provoke a cyclic dependency when Spring beans are loaded. As a consequence tiled layers may not be loaded and are deleted by GWC integration. Please back up your data and configuration before testing the GeoServer 2.10-beta with data you care about.

Highlights from the release notes:

  • Add CSS nested rule support
  • Add CSS rendering transform support
  • Add WMTS multi dimensional community module
  • Add WCS 2.0 Demo Requests
  • OL3 Preview in tiled mode supports map wrapping
  • Make JDBCStore compatible with HazelCast Clustering
  • Changes to WMS GetFeatureInfo for coverages:
    • Band names now presented in responses as NCNames for all info_formats (spaces and leading digits replaced with underscores)
    • Support for continuous map wrapping for latitude/longitude projections
    • Support for coverages with native latitude/longitude coordinates and longitudes > 180 degrees East

Also, looking at the GeoTools 16-M0 release notes, we have:

  • Support Azimuthal Equidistant projection
  • Implement Vladimir’s Polygon label point algorithim
  • GeoPackage can write to boolean fields

For more information about the what is included in the GeoServer 2.10 release, also refer to the GeoServer 2.10-M0 release anouncement.

About GeoServer 2.10

GeoServer 2.10 is scheduled for October release.

GeoServer 2.10-M0 Released

We are happy to announce the release of GeoServer 2.10-M0. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

This is a milestone release of GeoServer made in conjunction with GeoTools 16-M0.

We have both new features and a number of key “under the hood” changes to GeoServer. This technology preview is made available for your evaluation and feedback and is not intended for production.

Highlights from the release notes:

  • Resource Browser (ResourceStore GUI)
  • LDAP UserGroupService
  • Add WMTS web admin page
  • Allow WMTS service requests per workspace (virtual service)
  • Allow the Wicket UI to show a Server Busy page when updating the configuration instead of locking the server
  • Control over execution time separate to total queuing and execution time
  • Fix Windows exe installer failure to start GeoServer
  • Can’t delete Default Cached Gridsets
  • Add support for dynamically choosing jpeg or png compression based on output contents

Also, looking at the GeoTools 16-M0 release notes, we have:

  • Upgrade to NetCDF-Java 4.6.6, including support for NetCDF rotated pole projection
  • Allows ImagePyramid supporting multiple Coverages
  • The old wfs module has now been replaced with the wfs-ng module

Security Considerations

This release includes several security enhancements (which are also included in the recent GeoServer 2.8.5 and 2.9.1 releases

  • Although we have not been able to reproduce from GeoServer, a remote execution vulnerability has been reported against both the Restlet  and the Apache Commons BeanUtils libraries we use. We have patched our use of these libraries as a preventative measure. We would like to thank Kevin Smith for doing the bulk of the work, and Andrea Aime for providing a patched BeanUtils library addressing these vulnerabilities.
  • Layer security restrictions in CHALLENGE mode were not being correctly applied by embedded GeoWebCache. Thanks to Nick Muerdter for his responsible report of this vulnerability and for submitting a fix (that included a unit test!)
  • Carl Schroedl reported a vulnerability at application startup when working with a data directory on a network file system, a new configuration option has been provided to check that the directory exists.  Thanks to Carl for following our responsible disclosure procedure, and to Ben Caradoc-Davies for implementing the new parameter.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

Style Page

The GeoServer Style page has been upgraded to include several features from the CSS Styles page (part of the CSS extension). The new GeoServer style page includes:

  • Updated Style Page layout
  • Style – Layer Association editor
  • Layer Preview
  • Layer Attribute Preview

About GeoServer 2.10

GeoServer 2.10 is scheduled for October release.

GeoServer 2.8.5 Released

The GeoServer team is pleased to announce the release of GeoServer 2.8.5. Download bundles are provided (binwardmg and exe) along with documentation and extensions.

GeoServer 2.8.5 is the final maintenance release of the 2.8.x series. This release is made by Ben Caradoc-Davies (Transient) in conjunction with GeoTools 14.5 and GeoWebCache 1.8.3. We thank the many contributors who have made this release possible.

The GeoServer 2.8.5 release notes detail the changes in this release. These include:

  • Fixes for WFS editing failing for geometries in full 3D CRS
  • ColorMap variable substitution now working correctly for multiple layers in a GetMap request
  • Fixed a missing JNA jar in the netcdf-out plugin
  • KML placemarks now being set correctly when KMSCORE=0
  • Support for multivalued xlink:href ClientProperty in app-schema mappings, even without feature chaining
  • Support requiring files to exist for GeoServer startup, to protect against insecure fallback when a data directory on a network share is unavailable

Security Considerations

This release includes several security enhancements and is a recommended upgrade for production systems:

  • Although we have not been able to reproduce from GeoServer, a remote execution vulnerability has been reported against both the Restlet  and the Apache Commons BeanUtils libraries we use. We have patched our use of these libraries as a preventative measure. We would like to thank Kevin Smith for doing the bulk of the work, and Andrea Aime for providing a patched BeanUtils library addressing these vulnerabilities.
  • Layer security restrictions in CHALLENGE mode were not being correctly applied by embedded GeoWebCache. Thanks to Nick Muerdter for his responsible report of this vulnerability and for submitting a fix (that included a unit test!)
  • Carl Schroedl reported a vulnerability at application startup when working with a data directory on a network file system, a new configuration option has been provided to check that the directory exists.  Thanks to Carl for following our responsible disclosure procedure, and to Ben Caradoc-Davies for implementing the new parameter.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

About GeoServer 2.8

GeoServer 2.9.1 Released

The GeoServer team is pleased to announce the release of GeoServer 2.9.1. Download bundles are provided (binwardmg and exe) along with documentation and extensions.

GeoServer 2.9.1 is the latest stable release of GeoServer and is recommended for production deployment. This release is made in conjunction with GeoTools 15.1 and GeoWebCache 1.9.1. Thanks to all contributors. Fixes and new functionality include:

  • Fixes for WFS editing failing for geometries in full 3D CRS
  • ColorMap variable substitution now working correctly for multiple layers in a GetMap request
  • PDF printing fixed to properly render SLD “shape://horline” symbol, prevent invalid polygon generation, out of memory errors, and large file generation.
  • Integrated GeoFence DB path is now set correctly in Windows.
  • KML placemarks now being set correctly when KMSCORE=0
  • Support for rotated pole projection NetCDF and GRIB2 files, including the native GRIB2 file format used by the NOAA Rapid Refresh (RAPv3) weather forecast model
  • Support for multivalued xlink:href ClientProperty in app-schema mappings
  • Support requiring files to exist for GeoServer startup, to protect against insecure fallback when a data directory on a network share is unavailable
  • And much more, see all the tickets resolved in the release notes

This release has been made by Devon Tucker (Boundless) with help and encouragement from the GeoServer community.

Security Considerations

This release includes several security enhancements and is a recommended upgrade for production systems:

  • Although we have not been able to reproduce from GeoServer, a remote execution vulnerability has been reported against both the Restlet  and the Apache Commons BeanUtils libraries we use. We have patched our use of these libraries as a preventative measure. We would like to thank Kevin Smith for doing the bulk of the work, and Andrea Aime for providing a patched BeanUtils library addressing these vulnerabilities.
  • Layer security restrictions in CHALLENGE mode were not being correctly applied by embedded GeoWebCache. Thanks to Nick Muerdter for his responsible report of this vulnerability and for submitting a fix (that included a unit test!)
  • Carl Schroedl reported a vulnerability at application startup when working with a data directory on a network file system, a new configuration option has been provided to check that the directory exists.  Thanks to Carl for following our responsible disclosure procedure, and to Ben Caradoc-Davies for implementing the new parameter.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

About GeoServer 2.9

Articles, docs, blog posts and presentations:

Download GeoServer