Following the announcement on February 20 of a vulnerability in GeoServer, 5 versions of GeoServer have been released, each incorporating a patch to address this vulnerability.

The geOrchestra community worked immediately to update GeoServer in the 2 stable branches of geOrchestra and make them available under all distribution methods.

The 20.1.8 and geOrchestra 22.0.6 versions are shipped with an up-to-date GeoServer 2.18.7.

To benefit from these updates, several solutions are available to you:

For geOrchestra instances that would be on older branches (<=2.17) it will be advisable to migrate to more recent versions, older versions of GeoServer no longer receiving security updates.

In case of difficulties, the mailing list or the IRC channel are the best places to find help.