The Apache Openmeetings project is pleased to announce the release of Apache Openmeetings 3.1.2. The release is available for download from http://openmeetings.apache.org/downloads.html
Openmeetings provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming. Service release 2 for 3.1.0, provides security fixes: * CVE-2016-3089 - Apache OpenMeetings XSS in SWF panel * XSS in Chat window leading to DOS * MD5 should not be used for password encryption * OpenMeetings is vulnerable to session fixation * Private recording files were available to all users Additionally signed Screen-Sharing application is available since this release Please update to this release from any previous OpenMeetings release Other fixes in admin, localization, installer, invitations, room etc. 8 issues are fixed please check https://www.apache.org/dist/openmeetings/3.1.2/CHANGELOG and Detailed list: https://issues.apache.org/jira/secure/ReleaseNote.jspa? projectId=12312720&version=12335347 All users are recommended to upgrade to Apache OpenMeetings 3.1.2 For more information on Apache Openmeeting please visit project home page: http://openmeetings.apache.org Apache OpenMeetings Team