You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2018/04/16 15:36:00 UTC
[openmeetings] branch master updated: Release preparation:
documentation update
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new 6bdba02 Release preparation: documentation update
6bdba02 is described below
commit 6bdba02c5d7142a6588b90eeaa308de6282bc734
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Tue Apr 10 22:37:42 2018 +0700
Release preparation: documentation update
---
CHANGELOG | 26 ++++++++++++++++
README | 17 ++++++++++
openmeetings-server/src/site/xdoc/NewsArchive.xml | 38 +++++++++++++++++++++++
openmeetings-server/src/site/xdoc/downloads.xml | 36 ++++++++++-----------
openmeetings-server/src/site/xdoc/index.xml | 35 +++++++--------------
openmeetings-server/src/site/xdoc/security.xml | 11 +++++++
6 files changed, 122 insertions(+), 41 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 7229be5..ca5f9fe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,32 @@ Apache OpenMeetings Change Log
See http://issues.apache.org/jira/browse/OPENMEETINGS-* (where * is the number of the issue below)
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-* (where * is the number of CVE below)
+Release Notes - Openmeetings - Version 4.0.3
+================================================================================================================
+
+** Vulnerability
+ * CVE-2018-1325 - Wicket Jquery UI: XSS while displaying value in WYSIWYG editor
+
+** Bug
+ * [OPENMEETINGS-1836] - Performance degradation
+ * [OPENMEETINGS-1837] - Audio isn't recording but the video is ok
+ * [OPENMEETINGS-1840] - Add Group in Room
+ * [OPENMEETINGS-1841] - List Of All Groups and Group is not Deleted
+ * [OPENMEETINGS-1849] - WhiteBoard tab needed to broadcast cam/audio
+ * [OPENMEETINGS-1852] - Impossible to set/change password of privileged user
+ * [OPENMEETINGS-1853] - Closed Room redirect link causes error
+ * [OPENMEETINGS-1857] - RoomWebService hash method is broken
+
+** Improvement
+ * [OPENMEETINGS-1791] - Quick response within a session
+ * [OPENMEETINGS-1863] - Red5sip Log-files - add a command to VoIP tutorial (chown nobody)
+
+** Task
+ * [OPENMEETINGS-1848] - Library versions need to be updated (4.0.3)
+ * [OPENMEETINGS-1862] - Apache mailing list RSS is not loaded
+ * [OPENMEETINGS-1866] - Entity enums should be annotated with different namespaces
+
+
Release Notes - OpenMeetings - Version 4.0.2
================================================================================================================
diff --git a/README b/README
index 40299ca..8af64ea 100644
--- a/README
+++ b/README
@@ -8,6 +8,23 @@ Apache OpenMeetings provides video conferencing, instant messaging, white board,
collaborative document editing and other groupware tools using API functions of
the Red5 Streaming Server for Remoting and Streaming.
+Release Notes 4.0.3
+=============
+see CHANGELOG file for detailed log
+
+Release 4.0.3, provides following improvements:
+
+Security fix in Calendar
+
+Room:
+* Performance was improved
+* Issues with audio/video were fixed
+* Quick poll was added
+
+Multiple improvements in web services
+
+Other fixes and improvements, 13 issues were fixed
+
Release Notes 4.0.2
=============
see CHANGELOG file for detailed log
diff --git a/openmeetings-server/src/site/xdoc/NewsArchive.xml b/openmeetings-server/src/site/xdoc/NewsArchive.xml
index 8ca31db..b0ab7aa 100644
--- a/openmeetings-server/src/site/xdoc/NewsArchive.xml
+++ b/openmeetings-server/src/site/xdoc/NewsArchive.xml
@@ -22,6 +22,44 @@
<body>
<section name="News">
<div class="bs-callout bs-callout-info">
+ <b>Version 4.0.2 released!</b>
+ <div>Release 4.0.2, provides following improvements:<br/>
+ <div class="bs-callout bs-callout-danger">Security fixes in Chat</div>
+ <br/>
+ Chat:<br/>
+ <ul>
+ <li>Send on Enter/Ctrl+Enter</li>
+ <li>Invited guest's name displayed as expected</li>
+ <li>Turned OFF global chat is not displayed</li>
+ <li>Link works as expected</li>
+ <li>Smiles works as expected</li>
+ <li>Hover removed from chat</li>
+ </ul>
+ <br/>
+ Room:<br/>
+ <ul>
+ <li>Download as PDF</li>
+ <li>Download/screen-sharing application in IE</li>
+ <li>No duplicated users</li>
+ <li>Activities&Actions improved</li>
+ <li>Number of users is displayed in the room</li>
+ <li>Mathematical formulas on WB</li>
+ </ul>
+ <br/>
+ Other fixes and improvements
+ <div class="bs-callout bs-callout-info">Please update to this release from any previous OpenMeetings release</div>
+ </div>
+ <br/>
+
+ <span>
+ 32 issues are fixed please check <br/>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG">CHANGELOG</a> and
+ <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12342276">Detailed list</a>
+ </span>
+ <span> See <a href="downloads.html">Downloads page</a>.</span>
+ <span class="date">(2018-02-24)</span>
+ </div>
+ <div class="bs-callout bs-callout-info">
<b>Version 4.0.1 released!</b>
<div>Release 4.0.1, provides following improvements:<br/>
<ul>
diff --git a/openmeetings-server/src/site/xdoc/downloads.xml b/openmeetings-server/src/site/xdoc/downloads.xml
index e54174a..5a22178 100644
--- a/openmeetings-server/src/site/xdoc/downloads.xml
+++ b/openmeetings-server/src/site/xdoc/downloads.xml
@@ -24,31 +24,31 @@
<section name="Downloads">
<p>
All downloads should be verified using the Apache OpenMeetings code
- signing <a href="https://www.apache.org/dist/openmeetings/4.0.2/KEYS">KEYS</a>, <br/>
+ signing <a href="https://www.apache.org/dist/openmeetings/4.0.3/KEYS">KEYS</a>, <br/>
Here are <a href="https://www.apache.org/dyn/closer.cgi#verify">the instructions</a><br/>
<br/>
- changes: <a href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG">CHANGELOG</a>.
+ changes: <a href="https://www.apache.org/dist/openmeetings/4.0.3/CHANGELOG">CHANGELOG</a>.
</p>
<p>
All versions are available for download as source and binary.
</p>
<subsection name="Latest Official Release">
<p>
- Apache OpenMeetings 4.0.2
+ Apache OpenMeetings 4.0.3
</p>
<ul>
<li>
Binaries:
<ul>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip">apache-openmeetings-4.0.2.zip</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip.asc">[SIG]</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip.sha256">[SHA256]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip">apache-openmeetings-4.0.3.zip</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip.asc">[SIG]</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip.sha256">[SHA256]</a>
</li>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz">apache-openmeetings-4.0.2.tar.gz</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz.asc">[SIG]</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz.sha256">[SHA256]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz">apache-openmeetings-4.0.3.tar.gz</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz.asc">[SIG]</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz.sha256">[SHA256]</a>
</li>
</ul>
</li>
@@ -56,22 +56,22 @@
Sources:
<ul>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip">apache-openmeetings-4.0.2-src.zip</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip.asc">[SIG]</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip.sha256">[SHA256]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip">apache-openmeetings-4.0.3-src.zip</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip.asc">[SIG]</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip.sha256">[SHA256]</a>
</li>
<li>
- <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz">apache-openmeetings-4.0.2-src.tar.gz</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz.asc">[SIG]</a>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz.sha256">[SHA256]</a>
+ <a href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz">apache-openmeetings-4.0.3-src.tar.gz</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz.asc">[SIG]</a>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz.sha256">[SHA256]</a>
</li>
</ul>
</li>
<li>
- Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/4.0.2">https://github.com/openmeetings/openmeetings-docker/tree/4.0.2</a>
+ Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/4.0.3">https://github.com/openmeetings/openmeetings-docker/tree/4.0.3</a>
</li>
<li>
- ISO: <a href="https://om.alteametasoft.com/om_4.0.2.qcow2">https://om.alteametasoft.com/om_4.0.2.qcow2</a> (QEMU qcow2 format)
+ ISO: <a href="https://om.alteametasoft.com/om_4.0.3.qcow2">https://om.alteametasoft.com/om_4.0.3.qcow2</a> (QEMU qcow2 format)
<source>
<![CDATA[
####### PLEASE CHANGE ALL PASSWORDS !!
@@ -85,7 +85,7 @@ OM: om_admin/1Q2w3e4r5t^y
# run
# memory ==: "-m 2G"
# number of cores ==: "-smp 1"
-qemu-system-x86_64 -boot d -smp 1 -m 2G -drive format=qcow2,file=om_4.0.2.qcow2 -net user,hostfwd=tcp::10022-:22,hostfwd=tcp::15080-:5080 -net nic
+qemu-system-x86_64 -boot d -smp 1 -m 2G -drive format=qcow2,file=om_4.0.3.qcow2 -net user,hostfwd=tcp::10022-:22,hostfwd=tcp::15080-:5080 -net nic
# connect
ssh om_admin@localhost -p10022
diff --git a/openmeetings-server/src/site/xdoc/index.xml b/openmeetings-server/src/site/xdoc/index.xml
index 9ccbe11..39f464a 100644
--- a/openmeetings-server/src/site/xdoc/index.xml
+++ b/openmeetings-server/src/site/xdoc/index.xml
@@ -69,42 +69,31 @@
</section>
<section name="News">
<div class="bs-callout bs-callout-danger">
- <b>Version 4.0.2 released!</b>
- <div>Release 4.0.2, provides following improvements:<br/>
- <div class="bs-callout bs-callout-danger">Security fixes in Chat</div>
- <br/>
- Chat:<br/>
- <ul>
- <li>Send on Enter/Ctrl+Enter</li>
- <li>Invited guest's name displayed as expected</li>
- <li>Turned OFF global chat is not displayed</li>
- <li>Link works as expected</li>
- <li>Smiles works as expected</li>
- <li>Hover removed from chat</li>
- </ul>
+ <b>Version 4.0.3 released!</b>
+ <div>Release 4.0.3, provides following improvements:<br/>
+ <div class="bs-callout bs-callout-danger">Security fix in Calendar</div>
<br/>
Room:<br/>
<ul>
- <li>Download as PDF</li>
- <li>Download/screen-sharing application in IE</li>
- <li>No duplicated users</li>
- <li>Activities&Actions improved</li>
- <li>Number of users is displayed in the room</li>
- <li>Mathematical formulas on WB</li>
+ <li>Performance was improved</li>
+ <li>Issues with audio/video were fixed</li>
+ <li>Quick poll was added</li>
</ul>
<br/>
+ Multiple improvements in web services
+ <br/>
Other fixes and improvements
<div class="bs-callout bs-callout-info">Please update to this release from any previous OpenMeetings release</div>
</div>
<br/>
<span>
- 32 issues are fixed please check <br/>
- <a href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG">CHANGELOG</a> and
- <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12342276">Detailed list</a>
+ 13 issues are fixed please check <br/>
+ <a href="https://www.apache.org/dist/openmeetings/4.0.3/CHANGELOG">CHANGELOG</a> and
+ <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12342829">Detailed list</a>
</span>
<span> See <a href="downloads.html">Downloads page</a>.</span>
- <span class="date">(2017-02-24)</span>
+ <span class="date">(2018-04-13)</span>
</div>
<div class="bs-callout bs-callout-info">
<span class="date"><a href="NewsArchive.html">You can find older news here</a></span>
diff --git a/openmeetings-server/src/site/xdoc/security.xml b/openmeetings-server/src/site/xdoc/security.xml
index 5749072..afdbb76 100644
--- a/openmeetings-server/src/site/xdoc/security.xml
+++ b/openmeetings-server/src/site/xdoc/security.xml
@@ -45,6 +45,17 @@
Please NOTE: only security issues should be reported to this list.
</p>
</section>
+ <section name="CVE-2018-1325 - Wicket Jquery UI: XSS while displaying value in WYSIWYG editor">
+ <p>Severity: High</p>
+ <p>Vendor: wicket-jquery-ui</p>
+ <p>Versions Affected: <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1</p>
+ <p>Description: JS code created in WYSIWYG editor will be executed on display<br/>
+ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1325">CVE-2018-1325</a>
+ </p>
+ <p>The issue was fixed in 6.29.1, 7.10.2, 8.0.0-M9.2<br/>
+ All users are recommended to upgrade to Apache OpenMeetings 4.0.2</p>
+ <p>Credit: This issue was identified by Kamil Sevi</p>
+ </section>
<section name="CVE-2017-15719 - Wicket jQuery UI: XSS in WYSIWYG editor">
<p>Severity: High</p>
<p>Vendor: wicket-jquery-ui</p>
--
To stop receiving notification emails like this one, please contact
solomax@apache.org.