[Fixes #279]: "Task: GeoServer CVE-2025-58360"

[mwallschlaeger]

Description

Fixing CVE-2025-58360" for geonode 4.4.3

Type of Change

Please select the relevant option:

• Bug fix
• New feature
• Documentation update
• Refactoring
• Security

Related Issue

If there is an existing issue related to this pull request, please reference it here.

closes #279

Checklist

Please ensure that your pull request meets the following requirements:

• The pull request is limited to one type (docs, feature, bug fix, etc.)
• The pull request is as small as possible. Consider opening multiple pull requests instead of one large one.
• The feature or bug fix has been discussed and documented in an issue beforehand.

Additional Notes

Any additional information or context regarding the pull request can be provided here.

Thank you for creating this pull request

[gemini-code-assist]

Summary of Changes

Hello @mwallschlaeger, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enhancing the security posture of the GeoNode deployment by resolving the identified CVE-2025-58360 vulnerability. This is achieved through a direct upgrade of the GeoServer Docker image within the Helm chart, ensuring that the system leverages the latest security patches and improvements. The changes also include updating the associated documentation to reflect this version bump.

Highlights

• Security Vulnerability Fix: Addressed CVE-2025-58360 by upgrading the GeoServer Docker image to a more secure version.
• GeoServer Version Update: Updated the GeoServer image tag within the Helm chart configuration from "2.24.4-latest" to "2.27.3-latest".
• Documentation Alignment: Synchronized the README.md file to reflect the new GeoServer image tag, ensuring documentation matches the deployed version.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly updates the GeoServer image version to 2.27.3-latest in values.yaml and README.md to address a CVE. This is a good security improvement. However, I've noticed a few related items that were missed. I've left specific comments on the changed files pointing out inconsistencies. Additionally, the chart description in charts/geonode/Chart.yaml still references the old GeoServer version (Geoserver: 2.24.4-latest) and should be updated to reflect the new version.

[mwallschlaeger]

after upgrading to 2.27.3. I will also try to run an fresh instance with geonode 4.4.3 and 2.27.3

[mwallschlaeger]

Also tested with geonode 4.4.3 and geoserver 2.27.3 from scratch.