Headline
CVE-2021-40822: Releases · geoserver/geoserver
GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.
Release notes****Bug
GEOS-10308 GeoServer with OGCAPI fails to deploy
GEOS-10307 Remove the importer-bdb community module
GEOS-10306 Remove the community QOS module
GEOS-10305 Remove the community NSG module
GEOS-10304 Remove the WFS3 community module
GEOS-10301 Conflicting woodstox parser from ogcapi prevented editing sld styles
GEOS-10282 GeoServer translations files incorrectly decoded assuming UTF-8 causing translation files like GeoServerApplication_de.properties leading characters represented as question marks
GEOS-10279 Upgrade to Jetty 9.4.44
GEOS-10278 Compatibility issues between FeaturesTemplating and Geofence REST
GEOS-10273 GeofenceAccesManager throws index out of bound when requesting nested layerGroups
GEOS-10266 Features Templating makes getfeatureinfo fail for raster data
GEOS-10264 Address startup warning File option not set for appender [geoserverlogfile]
GEOS-10263 WPSRequestBuilderTest assumes that JTS:area is the first process in the list
GEOS-10254 Features templating JSON-LD output should not encode all attributes as string
GEOS-10249 GWC produce NPE when it comes to race condition
GEOS-10245 jdbcconfig: prefixedName filter field not updated
GEOS-10235 Prevent double-quote to be specified as CSV separator
GEOS-10226 ResourcePool leaves empty files on failure
GEOS-10146 App-schema: support for multiple geometries with different CRS
Improvement
GEOS-10285 Add Google cloud support to the COG community module
GEOS-10265 WFS-T Bulk Transaction optimization
GEOS-10251 Refactor MapML vocabulary to map- custom elements HTML namespace
GEOS-10246 jdbcconfig: performance slow-down from unnecessary transactions
GEOS-10230 MarkFactory WMS rendering performance optimization
New Feature
GEOS-10287 Extend GeoServer freemarker templates support to read properties from a JSON file
GEOS-10274 Geofence follow up LayerGroup Style addition
GEOS-10252 Add Styles support to LayerGroup
GEOS-10228 Wrap the category text values of a legend
GEOS-10223 Support MBTiles in OGC Tiles API
Task
GEOS-10297 Remove unnecessary warning suppressions
GEOS-10296 Upgrade to ErrorProne 2.10.0
GEOS-10293 Upgrade to ErrorProne 2.9.0
GEOS-10269 Overriding JSON Object while Merging Feature Templates
GEOS-10268 Null Support in Features Templating
GEOS-10238 Test logging WARNING: Extension lookup, but ApplicationContext is unset