You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2020/09/22 09:49:48 UTC
[openmeetings] branch master updated: Release preparation:
documentation is updated
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new 493444d Release preparation: documentation is updated
493444d is described below
commit 493444d44a8c2d7f70f4efab6fd2e3d327c21455
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Sat Sep 19 11:45:46 2020 +0700
Release preparation: documentation is updated
---
CHANGELOG.md | 33 ++++++++++
README.md | 43 ++++++++++--
openmeetings-server/src/site/xdoc/NewsArchive.xml | 70 ++++++++++++++++++++
openmeetings-server/src/site/xdoc/ReleaseGuide.xml | 58 ++++++++---------
openmeetings-server/src/site/xdoc/downloads.xml | 76 +++++-----------------
openmeetings-server/src/site/xdoc/index.xml | 63 ++++--------------
openmeetings-server/src/site/xdoc/security.xml | 11 ++++
7 files changed, 209 insertions(+), 145 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f7e4676..b291f99 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,39 @@ See https://issues.apache.org/jira/browse/OPENMEETINGS-* (where * is the number
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-* (where * is the number of CVE below)
+Release Notes - Openmeetings - Version 5.0.1
+================================================================================================================
+
+* Vulnerability
+ * CVE-2020-13951 - Apache Openmeetings: DoS via public web service
+
+* Bug
+ * [OPENMEETINGS-2402] - Server Lost Connection
+ * [OPENMEETINGS-2421] - NPE can happen during calendar panel unload
+ * [OPENMEETINGS-2423] - Group files are being restored to wrong group
+ * [OPENMEETINGS-2424] - Issues with "wait for moderator" room
+ * [OPENMEETINGS-2425] - Translation to Arabic need to be improved
+ * [OPENMEETINGS-2426] - Multiple UI issues
+ * [OPENMEETINGS-2428] - User profile looks wrong in RTL language
+ * [OPENMEETINGS-2429] - (My rooms) label in the dashboard
+ * [OPENMEETINGS-2433] - Settings->SearchUsers show some users more than once
+ * [OPENMEETINGS-2438] - Buttons in "Activities and actions" not really visible
+ * [OPENMEETINGS-2442] - volume slider very "small"
+
+* Improvement
+ * [OPENMEETINGS-2297] - It should be possible to create room hash by externalId/type
+ * [OPENMEETINGS-2422] - It should be possible to share KMS server between multiple OM instances
+ * [OPENMEETINGS-2432] - Rate limit should be checked for network test web service
+ * [OPENMEETINGS-2434] - minor improvement DATA_DIR
+ * [OPENMEETINGS-2444] - Screen-sharing is disabled in some browsers
+
+* Task
+ * [OPENMEETINGS-2418] - (5.0.1) Label contributions from https://poeditor.com should be merged back
+ * [OPENMEETINGS-2419] - Library versions need to be updated (5.0.1)
+ * [OPENMEETINGS-2427] - Sonar issues need to be addressed (5.0.1)
+ * [OPENMEETINGS-2443] - Easing password for Arabic users
+
+
Release Notes - Openmeetings - Version 5.0.0
================================================================================================================
diff --git a/README.md b/README.md
index de902a8..4fcfdc1 100644
--- a/README.md
+++ b/README.md
@@ -56,9 +56,30 @@ Release Notes
see [CHANGELOG.md](/CHANGELOG.md) file for detailed log
+5.0.1
+-----
+[Release 5.0.1](https://www.apache.org/dyn/closer.lua/openmeetings/5.0.1), provides following improvements:
+
+This release provides WebRTC audio/video/screen-sharing in the Room
+
+Security:
+* Rate limit is checked for network test web service
+* Libraries are updated to latest versions
+* Password complexity can be fine-tuned
+
+Backup/Restore:
+* Group files/recordings might be restored to wrong group
+
+UI:
+* Translations and support of RTL languages are improved
+* Dashboard widgets and personal room are always displayed in current user language
+
+Some other fixes and improvements, 21 issues were addressed
+
+
5.0.0
-----
-[Release 5.0.0](https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0), provides following improvements:
+[Release 5.0.0](https://archive.apache.org/dist/openmeetings/5.0.0), provides following improvements:
This release provides WebRTC audio/video/screen-sharing in the Room
@@ -88,9 +109,21 @@ Audio/Video:
Some other fixes and improvements, 74 issues were addressed
+4.0.11
+-----
+[Release 4.0.11](https://archive.apache.org/dist/openmeetings/4.0.11), provides following improvements:
+
+Security:
+* 3rd-party libraries are updated to latest versions
+* Email sending via SSL is added
+* User email addresses are hidden
+
+Other fixes and improvements, 11 issues were addressed
+
+
5.0.0-M4
-----
-[Release 5.0.0-M4](https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0-M4), provides following improvements:
+[Release 5.0.0-M4](https://archive.apache.org/dist/openmeetings/5.0.0-M4), provides following improvements:
This release provides WebRTC audio/video/screen-sharing in the Room
@@ -127,7 +160,7 @@ Some other fixes and improvements, 56 issues were addressed
5.0.0-M3
-----
-[Release 5.0.0-M3](https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0-M3), provides following improvements:
+[Release 5.0.0-M3](https://archive.apache.org/dist/openmeetings/5.0.0-M3), provides following improvements:
This release provides WebRTC audio/video/screen-sharing in the Room
@@ -158,7 +191,7 @@ Some other fixes and improvements, 36 issues were addressed
5.0.0-M2
-----
-[Release 5.0.0-M2](https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0-M2), provides following improvements:
+[Release 5.0.0-M2](https://archive.apache.org/dist/openmeetings/5.0.0-M2), provides following improvements:
This release provides WebRTC audio/video/screen-sharing in the Room
@@ -186,7 +219,7 @@ Some other fixes and improvements, 18 issues were addressed
4.0.9
-----
-[Release 4.0.9](https://www.apache.org/dyn/closer.lua/openmeetings/4.0.9), provides following improvements:
+[Release 4.0.9](https://archive.apache.org/dist/openmeetings/4.0.9), provides following improvements:
Backup/Restore:
* Recordings of deleted users were restored as public
diff --git a/openmeetings-server/src/site/xdoc/NewsArchive.xml b/openmeetings-server/src/site/xdoc/NewsArchive.xml
index 98ac552..5cd26cc 100644
--- a/openmeetings-server/src/site/xdoc/NewsArchive.xml
+++ b/openmeetings-server/src/site/xdoc/NewsArchive.xml
@@ -20,6 +20,76 @@
</properties>
<body>
+ <section name="Release 5.0.0">
+ <div class="bd-callout bd-callout-info">
+ <h4>Version 5.0.0 released!</h4>
+ <div>Release 5.0.0, provides following improvements:<br/>
+ This release provides WebRTC audio/video/screen-sharing in the Room
+ <div class="bd-callout bd-callout-info">Flash plugin is no longer required in the browser<br/>
+ <br/>
+ IMPORTANT: Java 11 is required
+ </div>
+ Security:
+ <ul>
+ <li>Libraries are updated to latest versions</li>
+ <li>More strict CSP is implemented</li>
+ <li>User accounts are hidden for regular users</li>
+ <li>User email addresses are hidden</li>
+ </ul>
+ UI:
+ <ul>
+ <li>Support for touch events is added (mobiles, tablets)</li>
+ <li>Better support for new MS Edge browser</li>
+ <li>Direct link for entering the room with room name (not ID)</li>
+ <li>Front camera is used by default</li>
+ <li>User avatar is editable at Admin->Users</li>
+ </ul>
+ Audio/Video:
+ <ul>
+ <li>Stability is improved</li>
+ <li>Connection to KMS is auto-recovering</li>
+ <li>Camera resolution changes take effect immediately</li>
+ <li>Multiple client-side JS errors are fixed</li>
+ </ul>
+ <br/>
+ Other fixes and improvements
+ </div>
+ <br/>
+
+ <span>
+ 74 issues are fixed please check <br/>
+ <a href="https://www.apache.org/dist/openmeetings/5.0.0/CHANGELOG.md">CHANGELOG</a> and
+ <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12348040">Detailed list</a>
+ </span>
+ <span> See <a href="https://archive.apache.org/dist/openmeetings/5.0.0">Archived download</a>.</span>
+ <span class="date">(2020-08-21)</span>
+ </div>
+ </section>
+ <section name="Release 4.0.11">
+ <div class="bd-callout bd-callout-info">
+ <h4>Version 4.0.11 released!</h4>
+ <div>Release 4.0.11, provides following improvements:<br/>
+ Security:
+ <ul>
+ <li>3rd-party libraries are updated to latest versions</li>
+ <li>Email sending via SSL is added</li>
+ <li>User email addresses are hidden</li>
+ </ul>
+ <br/>
+ Other fixes and improvements
+ <div class="bd-callout bd-callout-info">Please update to this release from any previous OpenMeetings release</div>
+ </div>
+ <br/>
+
+ <span>
+ 11 issues are fixed please check <br/>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.11/CHANGELOG.md">CHANGELOG</a> and
+ <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12346607">Detailed list</a>
+ </span>
+ <span> See <a href="https://archive.apache.org/dist/openmeetings/4.0.11">Archived download</a>.</span>
+ <span class="date">(2020-09-02)</span>
+ </div>
+ </section>
<section name="Release 5.0.0-M4">
<div class="bd-callout bd-callout-info">
<h4>Version 5.0.0-M4 released!</h4>
diff --git a/openmeetings-server/src/site/xdoc/ReleaseGuide.xml b/openmeetings-server/src/site/xdoc/ReleaseGuide.xml
index 86a1eed..62b117e 100644
--- a/openmeetings-server/src/site/xdoc/ReleaseGuide.xml
+++ b/openmeetings-server/src/site/xdoc/ReleaseGuide.xml
@@ -105,7 +105,7 @@
</li>
<li>
Ensure All contributed translations are imported to our codebase<br/>
- (More info and examples <a href="https://github.com/solomax/om-poeditor">is here</a>))
+ (More info and examples <a href="https://github.com/solomax/om-poeditor">are here</a>))
</li>
<li>
Update following files in OM documentation:<br/>
@@ -113,32 +113,32 @@
<tt>openmeetings-server/src/site/xdoc/NewsArchive.xml</tt><br/>
<tt>openmeetings-server/src/site/xdoc/downloads.xml</tt><br/>
<div class="bd-callout bd-callout-danger">
- <div class="h4">Download links in NewsArchive.xml should be updated</div>
+ <div class="h4">Download links in NewsArchive.xml and README.md should be updated</div>
</div>
</li>
<li>Switch to the necessary branch:
- <source>git checkout 4.0.x</source>
+ <source>git checkout master</source>
</li>
<li>Create temporary local branch
- <source>git checkout -b release-4.0.0-RC1</source>
+ <source>git checkout -b release-5.0.1</source>
</li>
<li>Update versions of all modules
- <source>mvn versions:set -DgenerateBackupPoms=false -DnewVersion=4.0.0</source>
+ <source>mvn versions:set -DgenerateBackupPoms=false -DnewVersion=5.0.1</source>
</li>
<li>Update final SCM URL located at <tt>pom.xml</tt> and <tt>openmeetings-server/pom.xml</tt>
<source><![CDATA[
<scm>
<url>https://github.com/apache/openmeetings.git</url>
- SET https://github.com/apache/openmeetings/tree/4.0.0
+ SET https://github.com/apache/openmeetings/tree/5.0.1
]]></source>
</li>
<li>
Create a TAG and commit it to the Git<br/>
<source>
-git commit -a -m "4.0.0 Release Candidate 1"
-git tag -s 4.0.0-RC1 -m "4.0.0 Release Candidate 1 tag"
-git push origin 4.0.0-RC1
+git commit -a -m "5.0.1 Release Candidate 1"
+git tag -s 5.0.1-RC1 -m "5.0.1 Release Candidate 1 tag"
+git push origin 5.0.1-RC1
</source>
</li>
<li>
@@ -157,26 +157,26 @@ git push origin 4.0.0-RC1
<p>
Commit artifacts you have created with KEYS file to the
<tt>https://dist.apache.org/repos/dist/dev/openmeetings/</tt>
- Proposed file structure for "Release Candidate 1" of 4.0.0 will be:
+ Proposed file structure for "Release Candidate 1" of 5.0.1 will be:
</p>
<source>
-4.0.0
-4.0.0/rc1
-4.0.0/rc1/src
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.zip
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.tar.gz
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.zip.sha
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.zip.asc
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.tar.gz.sha
-4.0.0/rc1/src/apache-openmeetings-4.0.0-src.tar.gz.asc
-4.0.0/rc1/bin
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.zip
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.tar.gz
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.zip.sha
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.zip.asc
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.tar.gz.sha
-4.0.0/rc1/bin/apache-openmeetings-4.0.0.tar.gz.asc
-4.0.0/rc1/CHANGELOG
+5.0.1
+5.0.1/rc1
+5.0.1/rc1/src
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.sha
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.asc
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.sha
+5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.asc
+5.0.1/rc1/bin
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.sha
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.asc
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.sha
+5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.asc
+5.0.1/rc1/CHANGELOG
</source>
<p><b>NOTE</b> KEYS file is located at https://www.apache.org/dist/openmeetings/KEYS and should be just updated</p>
</li>
@@ -222,8 +222,8 @@ mvn clean install -Prc,release
<li>Go to <a href="https://securesigning.pki.digicert.com/csportal">https://securesigning.pki.digicert.com/csportal</a></li>
<li>Select "Signing Sets"</li>
<li>Select "Add signing set"</li>
- <li>Enter "Signing set name" (must include "Apache OpenMeetings" and version) for ex. "Apache OpenMeetings 4.0.0-RELEASE"</li>
- <li>Enter "Version" for ex. "4.0.0-RELEASE"</li>
+ <li>Enter "Signing set name" (must include "Apache OpenMeetings" and version) for ex. "Apache OpenMeetings 5.0.1-RELEASE"</li>
+ <li>Enter "Version" for ex. "5.0.1-RELEASE"</li>
<li>Select "Java Signing Sha256" as "Signing service"</li>
<li>Select "Upload files" and add all <b>jar</b> files from <tt>target/jnlp</tt></li>
<li>Select "Sign now"</li>
diff --git a/openmeetings-server/src/site/xdoc/downloads.xml b/openmeetings-server/src/site/xdoc/downloads.xml
index 1006a8a..e04e9fc 100644
--- a/openmeetings-server/src/site/xdoc/downloads.xml
+++ b/openmeetings-server/src/site/xdoc/downloads.xml
@@ -32,21 +32,21 @@
</p>
<subsection name="Latest Official WebRTC Release">
<p>
- Apache OpenMeetings 5.0.0
+ Apache OpenMeetings 5.0.1
</p>
<ul>
<li>
Binaries:
<ul>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.zip">apache-openmeetings-5.0.0.zip</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.zip.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.zip.sha512">[SHA512]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.zip">apache-openmeetings-5.0.1.zip</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.zip.asc">[SIG]</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.zip.sha512">[SHA512]</a>
</li>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.tar.gz">apache-openmeetings-5.0.0.tar.gz</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.tar.gz.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/bin/apache-openmeetings-5.0.0.tar.gz.sha512">[SHA512]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.tar.gz">apache-openmeetings-5.0.1.tar.gz</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.tar.gz.asc">[SIG]</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/bin/apache-openmeetings-5.0.1.tar.gz.sha512">[SHA512]</a>
</li>
</ul>
</li>
@@ -54,68 +54,22 @@
Sources:
<ul>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.zip">apache-openmeetings-5.0.0-src.zip</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.zip.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.zip.sha512">[SHA512]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.zip">apache-openmeetings-5.0.1-src.zip</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.zip.asc">[SIG]</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.zip.sha512">[SHA512]</a>
</li>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.tar.gz">apache-openmeetings-5.0.0-src.tar.gz</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.tar.gz.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/5.0.0/src/apache-openmeetings-5.0.0-src.tar.gz.sha512">[SHA512]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.tar.gz">apache-openmeetings-5.0.1-src.tar.gz</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.tar.gz.asc">[SIG]</a>
+ <a href="https://downloads.apache.org/openmeetings/5.0.1/src/apache-openmeetings-5.0.1-src.tar.gz.sha512">[SHA512]</a>
</li>
</ul>
</li>
<li>
- Changes: <a href="https://downloads.apache.org/openmeetings/5.0.0/CHANGELOG.md">CHANGELOG.md</a>.
+ Changes: <a href="https://downloads.apache.org/openmeetings/5.0.1/CHANGELOG.md">CHANGELOG.md</a>.
</li>
<li>
- Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/5.0.0">https://github.com/openmeetings/openmeetings-docker/tree/5.0.0</a>
- </li>
- <li>
- <a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Live+iso+OpenMeetings+on+Ubuntu">Live OM iso images by Alvaro</a>
- </li>
- </ul>
- </subsection>
- <subsection name="Latest Official Release">
- <p>
- Apache OpenMeetings 4.0.11
- </p>
- <ul>
- <li>
- Binaries:
- <ul>
- <li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.zip">apache-openmeetings-4.0.11.zip</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.zip.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.zip.sha512">[SHA512]</a>
- </li>
- <li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.tar.gz">apache-openmeetings-4.0.11.tar.gz</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.tar.gz.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/bin/apache-openmeetings-4.0.11.tar.gz.sha512">[SHA512]</a>
- </li>
- </ul>
- </li>
- <li>
- Sources:
- <ul>
- <li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.zip">apache-openmeetings-4.0.11-src.zip</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.zip.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.zip.sha512">[SHA512]</a>
- </li>
- <li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.tar.gz">apache-openmeetings-4.0.11-src.tar.gz</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.tar.gz.asc">[SIG]</a>
- <a href="https://downloads.apache.org/openmeetings/4.0.11/src/apache-openmeetings-4.0.11-src.tar.gz.sha512">[SHA512]</a>
- </li>
- </ul>
- </li>
- <li>
- Changes: <a href="https://downloads.apache.org/openmeetings/4.0.11/CHANGELOG.md">CHANGELOG.md</a>.
- </li>
- <li>
- Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/4.0.11">https://github.com/openmeetings/openmeetings-docker/tree/4.0.11</a>
+ Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/5.0.1">https://github.com/openmeetings/openmeetings-docker/tree/5.0.1</a>
</li>
<li>
<a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Live+iso+OpenMeetings+on+Ubuntu">Live OM iso images by Alvaro</a>
diff --git a/openmeetings-server/src/site/xdoc/index.xml b/openmeetings-server/src/site/xdoc/index.xml
index cda2d6d..ba342fe 100644
--- a/openmeetings-server/src/site/xdoc/index.xml
+++ b/openmeetings-server/src/site/xdoc/index.xml
@@ -69,73 +69,36 @@
</section>
<section name="News">
<div class="bd-callout bd-callout-danger">
- <h4>Version 5.0.0 released!</h4>
- <div>Release 5.0.0, provides following improvements:<br/>
+ <h4>Version 5.0.1 released!</h4>
+ <div>Release 5.0.1, provides following improvements:<br/>
This release provides WebRTC audio/video/screen-sharing in the Room
- <div class="bd-callout bd-callout-info">Flash plugin is no longer required in the browser<br/>
- <br/>
- IMPORTANT: Java 11 is required
- </div>
Security:
<ul>
+ <li>Rate limit is checked for network test web service</li>
<li>Libraries are updated to latest versions</li>
- <li>More strict CSP is implemented</li>
- <li>User accounts are hidden for regular users</li>
- <li>User email addresses are hidden</li>
+ <li>Password complexity can be fine-tuned</li>
</ul>
- UI:
+ Backup/Restore:
<ul>
- <li>Support for touch events is added (mobiles, tablets)</li>
- <li>Better support for new MS Edge browser</li>
- <li>Direct link for entering the room with room name (not ID)</li>
- <li>Front camera is used by default</li>
- <li>User avatar is editable at Admin->Users</li>
+ <li>Group files/recordings might be restored to wrong group</li>
</ul>
- Audio/Video:
- <ul>
- <li>Stability is improved</li>
- <li>Connection to KMS is auto-recovering</li>
- <li>Camera resolution changes take effect immediately</li>
- <li>Multiple client-side JS errors are fixed</li>
- </ul>
- <br/>
- Other fixes and improvements
- </div>
- <br/>
-
- <span>
- 74 issues are fixed please check <br/>
- <a href="https://www.apache.org/dist/openmeetings/5.0.0/CHANGELOG.md">CHANGELOG</a> and
- <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12348040">Detailed list</a>
- </span>
- <span> See <a href="downloads.html">Downloads page</a>.</span>
- <span class="date">(2020-08-21)</span>
- </div>
- <div class="bd-callout bd-callout-danger">
- <h4>Version 4.0.11 released!</h4>
- <div>Release 4.0.11, provides following improvements:<br/>
- Security:
+ UI:
<ul>
- <li>3rd-party libraries are updated to latest versions</li>
- <li>Email sending via SSL is added</li>
- <li>User email addresses are hidden</li>
+ <li>Translations and support of RTL languages are improved</li>
+ <li>Dashboard widgets and personal room are always displayed in current user language</li>
</ul>
<br/>
Other fixes and improvements
- <div class="bd-callout bd-callout-info">Please update to this release from any previous OpenMeetings release</div>
</div>
<br/>
<span>
- 11 issues are fixed please check <br/>
- <a href="https://www.apache.org/dist/openmeetings/4.0.11/CHANGELOG.md">CHANGELOG</a> and
- <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12346607">Detailed list</a>
+ 21 issues are fixed please check <br/>
+ <a href="https://www.apache.org/dist/openmeetings/5.0.1/CHANGELOG.md">CHANGELOG</a> and
+ <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12348725">Detailed list</a>
</span>
<span> See <a href="downloads.html">Downloads page</a>.</span>
- <span class="date">(2020-09-02)</span>
- </div>
- <div class="bd-callout bd-callout-info">
- <span class="date"><a href="NewsArchive.html">You can find older news here</a></span>
+ <span class="date">(2020-09-23)</span>
</div>
<div class="bd-callout bd-callout-info">
<span class="date"><a href="NewsArchive.html">You can find older news here</a></span>
diff --git a/openmeetings-server/src/site/xdoc/security.xml b/openmeetings-server/src/site/xdoc/security.xml
index 7abdc27..2fc406f 100644
--- a/openmeetings-server/src/site/xdoc/security.xml
+++ b/openmeetings-server/src/site/xdoc/security.xml
@@ -45,6 +45,17 @@
Please NOTE: only security issues should be reported to this list.
</p>
</section>
+ <section name="CVE-2020-13951 - Apache Openmeetings: DoS via public web service">
+ <p>Severity: High</p>
+ <p>Vendor: The Apache Software Foundation</p>
+ <p>Versions Affected: 4.0.0 - 5.0.0</p>
+ <p>Description: NetTest web service can be used to perform Denial of Service attack<br/>
+ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13951">CVE-2020-13951</a>
+ </p>
+ <p>The issue was fixed in 5.0.1<br/>
+ All users are recommended to upgrade to Apache OpenMeetings 5.0.1</p>
+ <p>Credit: This issue was identified by Trung Le, Chi Tran, Ngo Van Thien</p>
+ </section>
<section name="CVE-2018-1325 - Wicket jQuery UI: XSS while displaying value in WYSIWYG editor">
<p>Severity: High</p>
<p>Vendor: wicket-jquery-ui</p>