Re: [Geoserver-users] Experimental/External plugin page

Hey Jody, The plugin is not mine! So I can't reply to your question on why it is not in community module (but the author mentions they will candidate). Alexandre Le jeu. 4 juil. 2024 à 09:24, Ian Turton a écrit : > In an ideal world the module would live inside the GeoServer source tree > so i

Re: [Geoserver-users] Experimental/External plugin page

In an ideal world the module would live inside the GeoServer source tree so it would automatically be published on the main extension pages (either community or supported) - this would also give other developers (and you) a heads up if something was about to break. Ian On Thu, 4 Jul 2024 at 06:32

Re: [Geoserver-users] Query regarding the reproduction steps of vulnerability CVE-2023-5786

I think if we have disclosed the CVE then all further discussion should be in public, rather than on the security list. Ian On Wed, 3 Jul 2024 at 19:20, Jody Garnett wrote: > So Ian what is the right thing to do here? > > Should I not of replied to this message - to limit discussion of security

Re: [Geoserver-users] Experimental/External plugin page

Hey I saw your slides online and was keen to see it in action 🙂 As for sharing external modules, ... we did kind of try that initially. It mostly worked, but we got a bit burnt out helping folks build functionality that never contributed value back into the codebase. The ease to apply for a commu

[Geoserver-users] Experimental/External plugin page

Hi, After the short presentation of the GeoServer Monitor PostgreSQL Plugin during FOSS4G EU, I wonder if there shouldn't be a place somewhere (on github? on website?) that provides a list of plugins which are not part of the stable or commu

Re: [Geoserver-users] Query regarding the reproduction steps of vulnerability CVE-2023-5786

Jody, Sorry, to avoid further confusion a short update. Ik see some reference to other CVE’s then I was referring to. Maybe caused by me. But my prime question was that I found a reference stating that for NCSC-2024-0274 there where fixes released for 2.25, 2.24, 2.23, 2.21. Version 2.22 was m

Re: [Geoserver-users] Set aside time for a GeoServer update this Tuesday

Pieter asks: Sorry, to avoid further confusion a short update. Ik see some reference to > other CVE’s then I was referring to. Maybe caused by me. > > > > But my prime question was that I found a reference stating that for > NCSC-2024-0274 there where fixes released for 2.25, 2.24, 2.23, 2.21. > V

Re: [Geoserver-users] Query regarding the reproduction steps of vulnerability CVE-2023-5786

Hey Peter, I will answer you on the other discussion thread so we do not get too confusing. -- Jody Garnett On Jul 3, 2024 at 9:41:49 AM, Pieter van der Gijp < pieter.vanderg...@bij12.nl> wrote: > Jody, > > > > Sorry, to avoid further confusion a short update. Ik see some reference to > other C

Re: [Geoserver-users] Query regarding the reproduction steps of vulnerability CVE-2023-5786

So Ian what is the right thing to do here? Should I not of replied to this message - to limit discussion of security vulnerabilities (reproducing and verification and so on) to the geoserver-security list? It is a little confusing with your message about not contacting geoserver-security voluntee

Re: [Geoserver-users] Docker for 2.25.2 and https

On 2024-07-03 15:33, Nils Bühner wrote: Hope this helps to understand what is happening here. I don't know, meanwhile I used nginx to manage https connections. As I already wrote the startup.sh file is different from the startup.sh file inside the container. The following part of the code

[Geoserver-users] Security questions

Just a reminder the GeoServer security list is not for the discussion of questions about security issues that are in the public domain. So if we have disclosed the vulnerability and you don't understand it that question should be sent to the user list for discussion not the security list. The secu

Re: [Geoserver-users] Docker for 2.25.2 and https

Hi, I don't think the documentation is wrong. startup.sh is using the HTTPS_ENABLED and HTTPS_KEYSTORE_FILE environment variables. The other two environment variables are used in this file: https://github.com/geoserver/docker/blob/master/config/server-https.xml#L96-L99 As you can see in the

Re: [Geoserver-users] GeoServer questions

Jody, We have tried successfully to publish a shapefile and convert to WFS and WMS formats. I will reread the GeoServer user manual to find the direct connection and OGC web services information. Thanks for your assistance. Jim From: Jody Garnett Sent: Tuesday, July 2, 2024 5:39 PM To: Jim

Re: [Geoserver-users] Docker for 2.25.2 and https

HI, I use ngix like proxy and re-direct to http geoserver. Kiko El 2/7/24 a las 12:54, emmexx escribió: I lost half a day trying to understand why the docker container didn't work when trying to use https. I found out that the docs and the startup.sh script don't match. The documentation at