Nominatim v3.2.1

« Changelog History

Nominatim v3.2.1 Release Notes

• 🛠 This is a bugfix release which fixes an important security vulnerability in the website code.

  ⚡️ The /details endpoint fails to properly sanitize user input and uses it as is in an SQL query. This allows an attacker to inject arbitrary SQL code including querying and updating the database.

  🚀 All installations still running a 3.2.0 release should update to this new version. No changes to the database are necessary. Simply download and build the new version, copy over your settings/local.php file and point your webserver to the new version.

• All Versions
• Previous v3.2.0
• Next v3.3.0
• Latest Version