GeoTools

OSGeo

Sunday, June 16, 2024

GeoTools 30.4 released

GeoTools 30.4 released

The GeoTools team is pleased to announce the release of the latest maintenance version of GeoTools 30.4:

This release is also available from the OSGeo Maven Repository and is made in conjunction with GeoServer 2.24.4 and GeoWebCache 1.24.4.

We are grateful to Peter Smythe (AfriGIS) for carrying out the release.

Security considerations

This update is considered essential to address the following:

  • CVE-2024-36404 Remote Code Execution (RCE) vulnerability in evaluating XPath expressions (Critical 9.8)

Summary of changes

See Release Notes from 30.4

Release notes

Bug

GEOT-7537 GeoPackage TIMESTAMP must be DATETIME according to the GeoPackage spec

GEOT-7568 GraphicLegendBuilder do not handle the symbols

GEOT-7570 Small features that cross the dateline may be interpreted as preflipped

GEOT-7580 Fix missing builder clear writing FlatGeobuf data

GEOT-7587 Improve handling of XPath expressions

Improvement

GEOT-7557 Provide the ability for downstream applications (e.g. GeoServer) to append additional querystring parameters e.g. AuthKey to every request made by the HTTPClient

GEOT-7558 GeoPackage extension output contains field types that are not supported by GDAL

GEOT-7586 GeoPackage output contains invalid field types when publishing content from other JDBCDataStore

Task

GEOT-7566 Upgrade commons-io from 2.12.0 to 2.16.1

GEOT-7567 Upgrade guava from 32.0.0 to 33.2.0

GEOT-7573 Upgrade PostgreSQL driver from 42.7.2 to 42.7.3

GEOT-7574 Upgrade commons-text from 1.10.0 to 1.12.0

GEOT-7577 Upgrade jackson from 2.15.2 to 2.17.1

GEOT-7578 Upgrade snakeyaml from 2.0 to 2.2

GEOT-7588 Maven javadoc build fix for Java 11.0.22 and newer aggregate build