Spatialists
Security test of QGIS Server and QGIS Web Client: Switzerland’s National #Cyber Security Centre (#NCSC) and the National Test Institute for Cybersecurity (#NTC) have completed a pilot test assessing the #security of #QGISServer and the #QGIS Web Client. The test identified six vulnerabilities —...
https://spatialists.ch/posts/2025/10/14-security-test-of-qgis-server-and-qgis-web-client/ #GIS #GISchat #geospatial #SwissGIS
Security test of QGIS Server and QGIS Web Client – Spatialists – geospatial news

Switzerland’s National #Cyber Security Centre (#NCSC) and the National Test Institute for Cybersecurity (#NTC) have completed a pilot test assessing the #security of #QGISServer and the #QGIS Web Client. The test identified six vulnerabilities — all of which have been fixed by developers within the allocated time window.

Spatialists – geospatial news
Oct 14, 2025 at 5:30pmWeb
Show threadGeoJulienOct 14, 2025
@spatialists cc @oslandia @vpicavet
Show threadGeoJulienOct 14, 2025
@spatialists It could fit with the Security Project for QGIS: https://oslandia.com/en/security-project-for-qgis/
Security Project for QGis

Oslandia, with other partners and backed by clients and end-users, launches the “Security project for QGIS” : we will work on key topics where security improvements can be achieved. We now call for QGIS users to contribute to this funding effort !

Oslandia
Show threadOlivier LeroyOct 15, 2025

@geojulien @spatialists

The bing token was funny all vulnerabilities come with way to solve/reduce them. This is cool!

Show threadGeoJulienOct 15, 2025
@defuneste @spatialists in the meanwhile https://www.linkedin.com/posts/jkillick_arcgis-or-arghhgis-oh-dear-a-chinese-activity-7384266617381330946-e98H?utm_source=share&utm_medium=member_android&rcm=ACoAAAZT1hcBMfekyw2tgnzxI7z_8CQLbS4VWic
ArcGIS or “ArghhGIS” … oh dear … a Chinese state-backed cybergang known as Flax Typhoon spent more than a year burrowing inside an ArcGIS server, quietly turning the trusted mapping software into a… | James Killick | 13 comments

ArcGIS or “ArghhGIS” … oh dear … a Chinese state-backed cybergang known as Flax Typhoon spent more than a year burrowing inside an ArcGIS server, quietly turning the trusted mapping software into a covert backdoor. Full report in the The Register: https://lnkd.in/gkYSeEwe | 13 comments on LinkedIn

Show threadOlivier LeroyOct 15, 2025
@geojulien @spatialists yes saw that this morning. I guess if you are a spy ESRI is in a lot of Fed workers...