Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.

« Previous page of month (Aug 2024) | Main | Next month (Sep 2024) »

XSS Vulnerability for TDS <= 5.5

13 August 2024

An XSS vulnerability has been brought to our attention and fixed. This vulnerability only affects the DAP4 service for versions <= 5.5. We strongly recommend that you either:

  1. Disable DAP4 services
  2. or upgrade to the latest 5.6-SNAPSHOT version. This can be downloaded here. Please note that this newest snapshot now requires JDK 17. Additional JVM arguments are needed, which are in the CHRONICLE_CACHE variable here.

If you have any questions or concerns, please contact support-thredds@unidata.ucar.edu.

Best, The THREDDS development team.

Posted by Tara Drwenski
Filed under:

NSF Unidata Update: July 2024

01 August 2024

In case you missed it — here's a recap of news from the NSF Unidata Program Center for the month of July, 2024.

[Read More]
Posted by Unidata News
Filed under:
News@Unidata
News and information from the Unidata Program Center
News@Unidata
News and information from the Unidata Program Center

Welcome

FAQs

Developers’ blog

Recent Entries:
Take a poll!

What if we had an ongoing user poll in here?

Browse By Topic
Browse by Topic
« August 2024 »
SunMonTueWedThuFriSat
    
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
       
Today
« Previous page of month (Aug 2024) | Main | Next month (Sep 2024) »