[postgis-users] 2.1.7 / 2.0.7 Bug Fix Release

Paul Ramsey pramsey at cleverelephant.ca
Mon Apr 6 15:56:28 PDT 2015

Due to a critical bug in GeoJSON ingestion we have made an early release of versions 2.0.7 and 2.1.7. If you are running an earlier version on a public site and accepting incoming GeoJSON, we recommend you update as soon as possible.

The resolved issue would cause the back-end to crash when certain malformed GeoJSON is fed to it. This could be used to effectively run a denial-of-service attack on a public-facing web service.

Sorry to release a new patch soon soon after 2.1.6, but the nature of issue warranted it.


Team PostGIS

More information about the postgis-users mailing list