The Apache OpenMeetings project is pleased to announce the release of Apache OpenMeetings 9.0.0. The release is available for download from https://openmeetings.apache.org/downloads.html
OpenMeetings provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools. It uses API functions of Kurento Media Server for Remoting and Streaming. Release 9.0.0, provides following improvements: IMPORTANT: Java 21 and KMS 7.3.0+ are required Security: * Weak hash functions are dropped * 'Remember Me' is more secure * All libraries are updated to most recent versions UI: * fabric.js is updated to most recent version * Dark theme is added * File deletion via trash button click is fixed Vulnerabilities * CVE-2026-33005: Insufficient checks in FileWebService * CVE-2026-33266: Hardcoded Remember-Me Cookie Encryption Key and Salt * CVE-2026-34020: Login Credentials Passed via GET Query Parameters All users should upgrade to OM 9.0.0 ASAP! Some other fixes and improvements, 15 issues were addressed Readme: https://github.com/apache/openmeetings/blob/9.0.0/README.md Changelog: https://github.com/apache/openmeetings/blob/9.0.0/CHANGELOG.md List of fixed issues: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12356267 For more information on Apache OpenMeetings please visit project home page: https://openmeetings.apache.org Apache OpenMeetings Team
