Following the announcement on February 20 of a vulnerability in GeoServer, 5 versions of GeoServer have been released, each incorporating a patch to address this vulnerability.
The geOrchestra community worked immediately to update GeoServer in the 2 stable branches of geOrchestra and make them available under all distribution methods.
To benefit from these updates, several solutions are available to you:
using the Debian packages provided by the community continuous integration on https://packages.georchestra.org.
using the war provided by the community continuous integration on https://packages.georchestra.org/bot/wars/
using the official Docker images on https://hub.docker.com/u/georchestra.
for those using ‘vanilla’ GeoServer it is advisable to update to the latest minor version of the branch used
For geOrchestra instances that would be on older branches (<=2.17) it will be advisable to migrate to more recent versions, older versions of GeoServer no longer receiving security updates.