GeoServer 2.27.1 Released

jive · May 14, 2025, 4:54am

The GeoServer team is pleased to announce the release of GeoServer 2.27.1.

This stable release was delayed to address a security vulnerability, the details of which will be shared on Monday 2 June.

We are following our security process to release stable and maintenance releases concurrently providing everyone an opportunity to update. Please take this as strong encouragement to update your production system promptly. Our experience last year indicates you should update prior to the June 2 public disclosure date above.

This release features a new ability to “Define Coverage views using Jiffle expressions”. Thanks to Andrea Aime (GeoSolutions) for this new capability.

For more information please see release announcement and release notes.

Thanks to Jody Garnett (GeoCat) and Andrea Aimie (GeoSolutions) for making this release.
--
GeoServer Project Steering Committee

jive · May 14, 2025, 10:10pm

For anyone following along at home please update ahead of the Monday 2 June public disclosure “deadline”.

Our experience last year indicates that updating prior to public disclosure is warranted. With this in mind we made time to ensure those on end-of-life 2.25.x branch have an opportunity to patch in time (while planning their upgrade to a supported version).

jive · June 10, 2025, 2:48pm

June 2025 CVE report update: June 2025 Vulnerability Disclosures

The concurrent 2.27.1 and 2.26.3 release was intended to address a critical vulnerability, however last week the report was downgraded to high severity.

Still a good opportunity to update!