[GeoNode-devel] GeoServer Patches 2.24
Giovanni Allegri
giovanni.allegri at geosolutionsgroup.com
Mon Jan 26 08:02:30 PST 2026
Sorry for the very late reply Henning.
Geoserver for GeoNode is safe thanks to Geofence, which doesn't allow those
requests.
The block is at the source code level, so it's ssfe whatever the Geofence
configuration.
Giovanni
==
GeoServer Professional Services from the experts!
Visit http://bit.ly/gs-services-us for more information.
==
Dott. Giovanni Allegri
Technical Lead / Project Manager
GeoSolutions Group
phone: +39 0584 962313
cell: +39 345 2815774
fax: +39 0584 1660272
https://www.geosolutionsgroup.com/
http://twitter.com/geosolutions_it
-------------------------------------------------------
Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE
2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
precisa che ogni circostanza inerente alla presente email (il suo
contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
This email is intended only for the person or entity to which it is
addressed and may contain information that is privileged, confidential or
otherwise protected from disclosure. We remind that - as provided by
European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
e-mail or the information herein by anyone other than the intended
recipient is prohibited. If you have received this email by mistake, please
notify us immediately by telephone or e-mail.
Il ven 19 dic 2025, 17:19 Bredel, Henning via geonode-devel <
geonode-devel at lists.osgeo.org> ha scritto:
> Hey,
>
> GeoServer [disclosed a CVE](
> https://github.com/geoserver/geoserver/security) some weeks ago:
>
> - [CVE-2025-58360](
> https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525
> )
>
> Is it safe to use 2.24.4 referenced by the geonode-project [0]. I am not
> aware of any fixes/patches in geonode-docker or elsewhere. Did I miss
> something?
>
> Best
>
> Henning
>
>
> [0]
> https://github.com/GeoNode/geonode-project/blob/f5824531e3cb23d7899d6446bac3530bbfb69b58/.env.sample#L13
>
>
> --
>
> <https://www.google.com/maps/search/Klaus-Bungert-Stra%C3%9Fe+5+%0D%0A+%0D%0A40468+D%C3%BCsseldorf?entry=gmail&source=g>Henning
> Bredel
> adesso SE
> Klaus-Bungert-Straße 5
> <https://www.google.com/maps/search/Klaus-Bungert-Stra%C3%9Fe+5+%0D%0A+%0D%0A40468+D%C3%BCsseldorf?entry=gmail&source=g>
> 40468 Düsseldorf
> <https://www.google.com/maps/search/Klaus-Bungert-Stra%C3%9Fe+5+%0D%0A+%0D%0A40468+D%C3%BCsseldorf?entry=gmail&source=g>
>
> T +49 211 740759-00
> M +49 151 56463626
> E henning.bredel at adesso.de
> www.adesso.de
> blog.adesso.de
> -------------------------------------------------------
> >>> business. people. technology. <<<
> -------------------------------------------------------
>
> adesso SE mit Sitz in Dortmund
> Vorstand: Mark Lohweber (Vors.), Benedikt Bonnmann, Kristina Gerwert,
> Michael Knopp,
> Andreas Prenneis
> Vorsitzender des Aufsichtsrates: Prof. Dr. Volker Gruhn
> Amtsgericht Dortmund HRB 20663
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20260126/2202effb/attachment-0001.htm>
More information about the geonode-devel
mailing list