[Backport branch-8-6] update for 8.6.3 release [build_translations] (#1079)

github-actions[bot] · jmckenna · web-flow · commit db06a9df23fc · 2026-05-07T10:56:20.000-03:00
---------

Co-authored-by: Jeff McKenna &lt;jmckenna@gatewaygeomatics.com&gt;
diff --git a/conf.py b/conf.py
@@ -94,7 +94,7 @@ def __getattr__(cls, name):
 # The short X.Y version.
 version = '8.6'
 # The full version, including alpha/beta/rc tags.
-release = '8.6.2'
+release = '8.6.3'
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
 #language = None
diff --git a/en/MIGRATION_GUIDE.txt b/en/MIGRATION_GUIDE.txt
@@ -6,7 +6,7 @@
 MapServer Migration Guide
 *****************************************************************************
 
-:Last Updated: 2026-05-01
+:Last Updated: 2026-05-07
 
 .. contents:: Table of Contents
     :depth: 2
@@ -22,10 +22,29 @@ MapServer Migration Guide
 MapServer 8.4 to 8.6 Migration
 ==============================
 
-- The 8.6.2 release includes a fix for a security flaw in the OpenLayers viewer 
+- The 8.6.3 release includes a fix for a vulnerability in the SLD parser  
+  (see MapServer's `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4h8g-378q-r75m>`__)
+  
+  Reminder: you can also disable external SLD access for your WMS services 
+  by setting the following in your mapfile:
+  
+  .. code-block:: mapfile
+  
+    MAP
+      ...
+      WEB
+        METADATA
+          "wms_sld_enabled" "false"
+          ...
+        END #metadata
+      END #web
+      ...
+  
+
+- The 8.6.2 release includes a fix for a vulnerability in the OpenLayers viewer 
   (see MapServer's `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x>`__)
 
-- The 8.6.1 release includes a fix for a security flaw in the SLD parser 
+- The 8.6.1 release includes a fix for a vulnerability in the SLD parser 
   (see CVE record: `CVE-2026-33721 <https://www.cve.org/CVERecord?id=CVE-2026-33721>`__,
   or see MapServer's `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-cv4m-mr84-fgjp>`__)
 
@@ -151,7 +170,7 @@ MapServer 8.4 to 8.6 Migration
 MapServer 8.2 to 8.4 Migration
 ==============================
 
-- The 8.4.1 release includes a fix for a security flaw for WFS filter requests to
+- The 8.4.1 release includes a fix for a vulnerability for WFS filter requests to
   an OGR backend connection (see CVE record: `CVE-2025-59431 <https://www.cve.org/CVERecord?id=CVE-2025-59431>`__, 
   or MapServer's `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-256m-rx4h-r55w>`__)
 
diff --git a/en/announcements/announcements_archive.txt b/en/announcements/announcements_archive.txt
@@ -4,6 +4,22 @@
  MapServer Announcement Archives
 *****************************************************************************
 
+**2026-05-07 - MapServer 8.6.3 is released**
+
+.. important::  
+   Security release available
+
+The security release of MapServer 8.6.3 has been issued in order to fix
+a vulnerability in the SLD parser. See the :ref:`changelog <changelog-8-6-3>` 
+for the list of changes. 
+You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4h8g-378q-r75m>`__,  
+as well as MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__.
+As security for the 7.6 branch has ended, and branches 8.4, 8.2 & 8.0 are not supported, 
+all users are strongly encouraged to upgrade to the MapServer 8.6.3 release (see the 
+:ref:`Migration Guide <migration>`).
+
+Head to :ref:`download` to obtain a copy.
+
 **2026-04-20 - MapCache 1.16.0 is released**
 
 The major version MapCache 1.16.0 has been released. 
@@ -17,8 +33,8 @@ Head to :ref:`download` to obtain a copy.
 .. important::  
    Security release available
 
-The maintenance release of MapServer 8.6.2 has been issued in order to fix
-a security flaw in the OpenLayers viewer (with WMS 1.3.0 requests).
+The security release of MapServer 8.6.2 has been issued in order to fix
+a vulnerability in the OpenLayers viewer (with WMS 1.3.0 requests).
 See the :ref:`changelog <changelog-8-6-2>` for the list of changes. 
 You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x>`__,  
 as well as MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__.
@@ -33,8 +49,8 @@ Head to :ref:`download` to obtain a copy.
 .. important::  
    Security release available
 
-The maintenance release of MapServer 8.6.1 has been issued in order to fix
-a security flaw in the SLD parser.
+The security release of MapServer 8.6.1 has been issued in order to fix
+a vulnerability in the SLD parser.
 See the :ref:`changelog <changelog-8-6-1>` for the list of changes. 
 You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-cv4m-mr84-fgjp>`__, 
 the CVE record: `CVE-2026-33721 <https://www.cve.org/CVERecord?id=CVE-2026-33721>`__, 
@@ -73,8 +89,11 @@ for the full list of changes and head to :ref:`download` to obtain a copy.
 
 **2025-09-19 - MapServer 8.4.1 is released**
 
-The maintenance release of MapServer 8.4.1 has been issued in order to fix
-a security flaw for WFS filters through OGR.
+.. important::  
+   Security release available
+
+The security release of MapServer 8.4.1 has been issued in order to fix
+a vulnerability for WFS filters through OGR.
 See the :ref:`changelog <changelog-8-4-1>` for the list of changes. 
 You may also review MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__, 
 the CVE record: `CVE-2025-59431 <https://www.cve.org/CVERecord?id=CVE-2025-59431>`__,
diff --git a/en/development/changelog/changelog-8-6.txt b/en/development/changelog/changelog-8-6.txt
@@ -7,6 +7,16 @@
 The summary of major changes for this release can be found in the `HISTORY.md <https://github.com/MapServer/MapServer/blob/branch-8-6/HISTORY.md>`__
 file from the source directory.
 
+.. _changelog-8-6-3:
+
+Changes from 8.6.2 to 8.6.3
+===========================
+
+* SLD parser: fix out of bounds access on SLD with only a Rule with a ElseFilter but without a symbolizer ( `#7497 <https://github.com/MapServer/MapServer/issues/7497>`__ ) (Even Rouault) : `0f05c57 <https://github.com/MapServer/MapServer/commit/0f05c578ce31ab1bc11a12c8a828163fc07b9320>`__
+* Oracle: revert change regarding case insensitive ogc filters ( `#7493 <https://github.com/MapServer/MapServer/issues/7493>`__ ) (Pierre-Étienne Lord) : `ce02b66 <https://github.com/MapServer/MapServer/commit/ce02b664e1c6c2457bb717097a3504d8a9dde71b>`__
+* update CMake install README ( `#7488 <https://github.com/MapServer/MapServer/issues/7488>`__ ) (Jeff McKenna) : `dcdfcda <https://github.com/MapServer/MapServer/commit/dcdfcda6bcb8100c55b1a0f78bf120a9c56c5aff>`__
+* Oracle: revert change regarding adding subquery to apply sortBy before rownum paging ( `#7491 <https://github.com/MapServer/MapServer/issues/7491>`__ ) (Jeff McKenna) : `448c69f <https://github.com/MapServer/MapServer/commit/448c69f55bd36df98d55e631c2fbcbebcd007552>`__
+
 .. _changelog-8-6-2:
 
 Changes from 8.6.1 to 8.6.2
diff --git a/en/download.txt b/en/download.txt
@@ -18,7 +18,7 @@ Current Release(s)
 
 * MapServer
 
-  * **2026-04-19** MapServer-8.6.2 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.6.2.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.6.2.zip>`__ | :ref:`Changelog <changelog-8-6>`
+  * **2026-05-07** MapServer-8.6.3 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.6.3.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.6.3.zip>`__ | :ref:`Changelog <changelog-8-6>`
   * **2025-09-19** MapServer-8.4.1 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.4.1.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.4.1.zip>`__ | :ref:`Changelog <changelog-8-4>`
   * **2024-09-02** MapServer-8.2.2 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.2.2.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.2.2.zip>`__ | :ref:`Changelog <changelog-8-2>`
   * **2024-06-11** MapServer-8.0.2 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.0.2.tar.gz>`__ | :ref:`Changelog <changelog-8-0>`
diff --git a/en/download_archives.txt b/en/download_archives.txt
@@ -15,6 +15,8 @@
 Past Releases
 ..............................................................................
 
+* **2026-05-07** MapServer-8.6.3 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.6.3.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.6.3.zip>`__ | :ref:`Changelog <changelog-8-6>`
+
 * **2026-04-20** MapCache-1.16.0 `tar.gz <https://download.osgeo.org/mapserver/mapcache-1.16.0.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapcache-1.16.0.zip>`__ | :ref:`Changelog <changelog-mapcache-1-16>`
 
 * **2026-04-19** MapServer-8.6.2 `tar.gz <https://download.osgeo.org/mapserver/mapserver-8.6.2.tar.gz>`__ | `.zip <https://download.osgeo.org/mapserver/mapserver-8.6.2.zip>`__ | :ref:`Changelog <changelog-8-6>`
diff --git a/en/include/announcements.inc b/en/include/announcements.inc
@@ -1,3 +1,19 @@
+**2026-05-07 - MapServer 8.6.3 is released**
+
+.. important::  
+   Security release available
+
+The security release of MapServer 8.6.3 has been issued in order to fix
+a vulnerability in the SLD parser. See the :ref:`changelog <changelog-8-6-3>` 
+for the list of changes. 
+You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4h8g-378q-r75m>`__,  
+as well as MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__.
+As security for the 7.6 branch has ended, and branches 8.4, 8.2 & 8.0 are not supported, 
+all users are strongly encouraged to upgrade to the MapServer 8.6.3 release (see the 
+:ref:`Migration Guide <migration>`).
+
+Head to :ref:`download` to obtain a copy.
+
 **2026-04-20 - MapCache 1.16.0 is released**
 
 The major version MapCache 1.16.0 has been released. 
@@ -11,8 +27,8 @@ Head to :ref:`download` to obtain a copy.
 .. important::  
    Security release available
 
-The maintenance release of MapServer 8.6.2 has been issued in order to fix
-a security flaw in the OpenLayers viewer (with WMS 1.3.0 requests).
+The security release of MapServer 8.6.2 has been issued in order to fix
+a vulnerability in the OpenLayers viewer (with WMS 1.3.0 requests).
 See the :ref:`changelog <changelog-8-6-2>` for the list of changes. 
 You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x>`__,  
 as well as MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__.
@@ -27,8 +43,8 @@ Head to :ref:`download` to obtain a copy.
 .. important::  
    Security release available
 
-The maintenance release of MapServer 8.6.1 has been issued in order to fix
-a security flaw in the SLD parser.
+The security release of MapServer 8.6.1 has been issued in order to fix
+a vulnerability in the SLD parser.
 See the :ref:`changelog <changelog-8-6-1>` for the list of changes. 
 You may also review this `Security Advisory <https://github.com/MapServer/MapServer/security/advisories/GHSA-cv4m-mr84-fgjp>`__, 
 the CVE record: `CVE-2026-33721 <https://www.cve.org/CVERecord?id=CVE-2026-33721>`__, 
@@ -51,8 +67,8 @@ for the full list of changes and head to :ref:`download` to obtain a copy.
 .. important::  
    Security release available
 
-The maintenance release of MapServer 8.4.1 has been issued in order to fix
-a security flaw for WFS filters through OGR.
+The security release of MapServer 8.4.1 has been issued in order to fix
+a vulnerability for WFS filters through OGR.
 See the :ref:`changelog <changelog-8-4-1>` for the list of changes. 
 You may also review MapServer's `Security Policy <https://github.com/MapServer/MapServer/blob/main/SECURITY.md>`__, 
 the CVE record: `CVE-2025-59431 <https://www.cve.org/CVERecord?id=CVE-2025-59431>`__,
diff --git a/en/mapscript/index.txt b/en/mapscript/index.txt
@@ -10,7 +10,7 @@
 
     Since the MapServer 8.0.0 release PHP support is only available through
     MapServer's :ref:`SWIG API <swig>`. Supported versions are PHP 8.5 and 
-    PHP 8.4 with MapServer 8.6.1
+    PHP 8.4 with MapServer 8.6.3
 
 .. toctree::
    :maxdepth: 2
diff --git a/en/mapscript/mapscript-api/index.rst b/en/mapscript/mapscript-api/index.rst
@@ -47,7 +47,7 @@ meaningless, and even dangerous attributes might be exposed by objects.
 
     Since the MapServer 8.0.0 release PHP support is only available through
     MapServer's :ref:`SWIG API <swig>`. Supported versions are PHP 8.5 and 
-    PHP 8.4 with MapServer 8.6.1
+    PHP 8.4 with MapServer 8.6.3
 
 =============================================================================
  Appendices
