Apache OpenMeetings

Friday August 12, 2016

OpenMeetings 3.1.2 released

Release v3.1.2 contains 55 enhancements and fixes and 1 patch for a security vulnerability.
Security Fix: CVE-2016-3089 - Apache OpenMeetings XSS in SWF panel

Other security relevant updates:

  • XSS in Chat window leading to DOS
  • MD5 should not be used for password encryption
  • OpenMeetings is vulnerable to session fixation
  • Private recording files were available to all users

Additionally a signed Screen-Sharing application with a valid certificate from the Apache Foundation is available since this release. Please update to this release from any previous OpenMeetings release. A detailed documentation on how to migration from older versions is available on the project website see: http://openmeetings.apache.org/Upgrade.html.

Other fixes in admin, localisation, installer, invitations, room etc.

For a complete list of changes, see: https://www.apache.org/dist/openmeetings/3.1.2/CHANGELOG

Downloads and documentation is available from our project website:
http://openmeetings.apache.org/downloads.html

Update (15/08/2015)
OpenMeetings modules are now also available individually as Maven dependencies, see: https://repository.apache.org/#nexus-search;quick~openmeetings

For example:
<dependency>
<groupId>org.apache.openmeetings</groupId>
<artifactId>openmeetings-db</artifactId>
<version>3.1.2</version>
</dependency>

The sync to http://repo1.maven.org/maven2/org/apache/ should be available within the next 24hours.

Comments:

Upgrated Android

Posted by Azimbek on August 17, 2016 at 12:58 PM UTC #

Post a Comment:
  • HTML Syntax: NOT allowed

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation