Release of JMap 7 Kathmandu Fix 2

Created by Jean-Robert Desbiens-Haddad
Last updated: Dec 16, 2021
1 min read

JMap 7 Kathmandu Fix 2 is now available on our site web and on Docker Hub.

IMPORTANT : If you use GeoWebCache, you must install GeoWebCache version 4.0.1 to ensure compatibility and security with this version.

IMPORTANT: When upgrading, JMap 7 Kathmandu Fix 2 can only be installed on previous release of JMap 7 Kathmandu or on JMap 7 Jakarta Fix 5 or more recent. See the following migration guide for more information.

https://k2geospatial.atlassian.net/l/c/aTc6gidc

 

Please consult the guides before starting.

https://k2geospatial.atlassian.net/l/c/musW1ugR

https://k2geospatial.atlassian.net/wiki/spaces/KBDCB/pages/2092073347

 

This version contains bug fixes for CVE-2021-44228 and CVE-2021-45046 caused by the Log4j library by Apache.

7.0 Kathmandu Fix 2 (build 190 - 2021-12-15)

Fixed issues

  • [TFIFT-10513] JMap Server : Upgrade log4j to 2.16.0

  • [TFIFT-10514] JMap Server : Unable to deploy GeoWebCache inside JMap Server using the latest log4j V2

  • [TFIFT-10506] JMap Server : Apache Log4j CVE-2021-44228 and CVE-2021-45046 vulnerabilities