This is an automated email from the ASF dual-hosted git repository. solomax pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/openmeetings.git
commit c1bb418043a0802b4d9e931225c298b02c231fad Author: Maxim Solodovnik <solomax...@gmail.com> AuthorDate: Fri Mar 5 13:58:58 2021 +0700 Release preparation: documentation update --- CHANGELOG.md | 59 +++++++++++++++++++++++ README.md | 26 +++++++++- openmeetings-server/src/site/xdoc/NewsArchive.xml | 34 +++++++++++++ openmeetings-server/src/site/xdoc/downloads.xml | 30 ++++++------ openmeetings-server/src/site/xdoc/index.xml | 36 ++++++++------ openmeetings-server/src/site/xdoc/security.xml | 11 +++++ 6 files changed, 164 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c597ae0..c2f3279 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,65 @@ See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-* (where * is the number +Release Notes - Openmeetings - Version 6.0.0 +================================================================================================================ + +* Vulnerability + * CVE-2021-27576 - Apache OpenMeetings: bandwidth can be overloaded with public web service + +* Bug + * [OPENMEETINGS-2533] - Create New Group From Moderator + * [OPENMEETINGS-2534] - RSS widget can break menu + * [OPENMEETINGS-2535] - New chat notifications are too annoying + * [OPENMEETINGS-2539] - Voice Indicator disappears + * [OPENMEETINGS-2542] - Notifications are not working in FF + * [OPENMEETINGS-2543] - Error when adding google calendar + * [OPENMEETINGS-2544] - Joining via URL room does not have 'exit' link + * [OPENMEETINGS-2547] - Time is incorrect in invitations + * [OPENMEETINGS-2556] - Updated by not shown + * [OPENMEETINGS-2559] - Openmeetings instalaltion failing with oracle as DB set up + * [OPENMEETINGS-2564] - Video does not play on WB + * [OPENMEETINGS-2565] - Typo in RoomDTO getExternal - doesn't return correct room + * [OPENMEETINGS-2570] - Wrong German translation on "Reset password" popup + * [OPENMEETINGS-2573] - FlowState.NOT_FLOWING Type Audio should not stop broadcast as can start flowing again + * [OPENMEETINGS-2575] - Log file fills up with ping messages + * [OPENMEETINGS-2581] - saving whiteboard content and puttting it back onto it _ error + * [OPENMEETINGS-2584] - Whiteboard display error (build 259) + * [OPENMEETINGS-2586] - Screen-sharing is not allowed in Safari + +* New Feature + * [OPENMEETINGS-2561] - Captcha should be configurable + * [OPENMEETINGS-2562] - It should be possible to globally disable recording functionality + * [OPENMEETINGS-2577] - Add performance and monitoring metrics - in disabled state + * [OPENMEETINGS-2580] - iceCandidates can be incoming before WebRtcEndpoint is ready and requires queueing + * [OPENMEETINGS-2583] - Safari has JavaScript errors and doesn't load conference room + +* Improvement + * [OPENMEETINGS-1381] - Sip dialer should be moved to HTML5 + * [OPENMEETINGS-2000] - High resolution webcam videos should not fill the entire screen by default. Just because you set a higher resolution doesn't mean the slides should be overlaid + * [OPENMEETINGS-2081] - (6.0.0) Code clean-up + * [OPENMEETINGS-2538] - User type should be set automatically if not provided + * [OPENMEETINGS-2545] - Right justification for RTL languages + * [OPENMEETINGS-2551] - There should be way to limit NetTest client count + * [OPENMEETINGS-2558] - General configs page can be improved + * [OPENMEETINGS-2563] - Empty tabs should be hidden from private rooms panel + * [OPENMEETINGS-2576] - Sign up screen slightly confusing + * [OPENMEETINGS-2578] - TLSv1.2 should be used as SSLContext protocol + +* Test + * [OPENMEETINGS-2507] - Need push "allow cam-mic button" twice + * [OPENMEETINGS-2571] - Tests for getExternal should be added + +* Wish + * [OPENMEETINGS-2239] - (Re-) Implementation SIP (audio only) + +* Task + * [OPENMEETINGS-2518] - (6.0.0) Label contributions from https://poeditor.com should be merged back + * [OPENMEETINGS-2519] - (6.0.0) Library versions need to be updated + * [OPENMEETINGS-2520] - (6.0.0) Sonar issues need to be addressed + * [OPENMEETINGS-2560] - Improve WebService response for UserWebService + + Release Notes - Openmeetings - Version 5.1.0 ================================================================================================================ diff --git a/README.md b/README.md index 7d67f67..982f1b4 100644 --- a/README.md +++ b/README.md @@ -56,9 +56,33 @@ Release Notes see [CHANGELOG.md](/CHANGELOG.md) file for detailed log +6.0.0 +----- +[Release 6.0.0](https://www.apache.org/dyn/closer.lua/openmeetings/6.0.0), provides following improvements: + +This release provides WebRTC audio/video/screen-sharing in the Room + +Security: +* TLS1.2. is used for OAuth +* NetTest client count can be limited +* Captcha is now configurable +* Recordings can be globally disabled + +Stability: +* Audio/video in room is more stable + +UI: +* Translations are improved +* Invitation form displayes time in client time zone +* Notifications are displayed using JS Notification API +* Video pods size can be fixed and configurable per-user + +Some other fixes and improvements, 40 issues were addressed + + 5.1.0 ----- -[Release 5.1.0](https://www.apache.org/dyn/closer.lua/openmeetings/5.1.0), provides following improvements: +[Release 5.1.0](https://archive.apache.org/dist/openmeetings/5.1.0), provides following improvements: This release provides WebRTC audio/video/screen-sharing in the Room diff --git a/openmeetings-server/src/site/xdoc/NewsArchive.xml b/openmeetings-server/src/site/xdoc/NewsArchive.xml index 75f64df..1103c09 100644 --- a/openmeetings-server/src/site/xdoc/NewsArchive.xml +++ b/openmeetings-server/src/site/xdoc/NewsArchive.xml @@ -20,6 +20,40 @@ </properties> <body> + <section name="Release 5.1.0"> + <div class="bd-callout bd-callout-info"> + <h4>Version 5.1.0 released!</h4> + <div>Release 5.1.0, provides following improvements:<br/> + This release provides WebRTC audio/video/screen-sharing in the Room + Stability: + <ul> + <li>Room Audio/Video should be more stable</li> + <li>OM should work as expected after KMS server restart</li> + <li>Backup is further improved</li> + <li>Audio/Video connection established faster</li> + <li>Most recent versions of dependencies are used</li> + </ul> + UI: + <ul> + <li>User display name is used almost everywhere</li> + <li>Browser notifications are used to notify about new chat messages and moderator actions</li> + <li>Interview room was broken</li> + <li>Mute and "Mic status" were broken</li> + </ul> + <br/> + Other fixes and improvements + </div> + <br/> + + <span> + 52 issues are fixed please check <br/> + <a href="https://www.apache.org/dist/openmeetings/5.1.0/CHANGELOG.md">CHANGELOG</a> and + <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12349414">Detailed list</a> + </span> + <span> See <a href="https://archive.apache.org/dist/openmeetings/5.1.0">Archived download</a>.</span> + <span class="date">(2020-12-05)</span> + </div> + </section> <section name="Release 5.0.1"> <div class="bd-callout bd-callout-info"> <h4>Version 5.0.1 released!</h4> diff --git a/openmeetings-server/src/site/xdoc/downloads.xml b/openmeetings-server/src/site/xdoc/downloads.xml index 9fa21a9..1b097b6 100644 --- a/openmeetings-server/src/site/xdoc/downloads.xml +++ b/openmeetings-server/src/site/xdoc/downloads.xml @@ -32,21 +32,21 @@ </p> <subsection name="Latest Official WebRTC Release"> <p> - Apache OpenMeetings 5.1.0 + Apache OpenMeetings 6.0.0 </p> <ul> <li> Binaries: <ul> <li> - <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.zip">apache-openmeetings-5.1.0.zip</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.zip.asc">[SIG]</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.zip.sha512">[SHA512]</a> + <a href="https://www.apache.org/dyn/closer.lua/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.zip">apache-openmeetings-6.0.0.zip</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.zip.asc">[SIG]</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.zip.sha512">[SHA512]</a> </li> <li> - <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.tar.gz">apache-openmeetings-5.1.0.tar.gz</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.tar.gz.asc">[SIG]</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/bin/apache-openmeetings-5.1.0.tar.gz.sha512">[SHA512]</a> + <a href="https://www.apache.org/dyn/closer.lua/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.tar.gz">apache-openmeetings-6.0.0.tar.gz</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.tar.gz.asc">[SIG]</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/bin/apache-openmeetings-6.0.0.tar.gz.sha512">[SHA512]</a> </li> </ul> </li> @@ -54,22 +54,22 @@ Sources: <ul> <li> - <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.zip">apache-openmeetings-5.1.0-src.zip</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.zip.asc">[SIG]</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.zip.sha512">[SHA512]</a> + <a href="https://www.apache.org/dyn/closer.lua/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.zip">apache-openmeetings-6.0.0-src.zip</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.zip.asc">[SIG]</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.zip.sha512">[SHA512]</a> </li> <li> - <a href="https://www.apache.org/dyn/closer.lua/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.tar.gz">apache-openmeetings-5.1.0-src.tar.gz</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.tar.gz.asc">[SIG]</a> - <a href="https://downloads.apache.org/openmeetings/5.1.0/src/apache-openmeetings-5.1.0-src.tar.gz.sha512">[SHA512]</a> + <a href="https://www.apache.org/dyn/closer.lua/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.tar.gz">apache-openmeetings-6.0.0-src.tar.gz</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.tar.gz.asc">[SIG]</a> + <a href="https://downloads.apache.org/openmeetings/6.0.0/src/apache-openmeetings-6.0.0-src.tar.gz.sha512">[SHA512]</a> </li> </ul> </li> <li> - Changes: <a href="https://downloads.apache.org/openmeetings/5.1.0/CHANGELOG.md">CHANGELOG.md</a>. + Changes: <a href="https://downloads.apache.org/openmeetings/6.0.0/CHANGELOG.md">CHANGELOG.md</a>. </li> <li> - Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/5.1.0">https://github.com/openmeetings/openmeetings-docker/tree/5.1.0</a> + Docker image: <a href="https://github.com/openmeetings/openmeetings-docker/tree/6.0.0">https://github.com/openmeetings/openmeetings-docker/tree/6.0.0</a> </li> <li> <a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Live+iso+OpenMeetings+on+Ubuntu">Live OM iso images by Alvaro</a> diff --git a/openmeetings-server/src/site/xdoc/index.xml b/openmeetings-server/src/site/xdoc/index.xml index f2ff57c..9d49315 100644 --- a/openmeetings-server/src/site/xdoc/index.xml +++ b/openmeetings-server/src/site/xdoc/index.xml @@ -69,23 +69,27 @@ </section> <section name="News"> <div class="bd-callout bd-callout-danger"> - <h4>Version 5.1.0 released!</h4> - <div>Release 5.1.0, provides following improvements:<br/> - This release provides WebRTC audio/video/screen-sharing in the Room + <h4>Version 6.0.0 released!</h4> + <div>Release 6.0.0, provides following improvements:<br/> + This release provides WebRTC audio/video/screen-sharing in the Room<br/> + + Security: + <ul> + <li>TLS1.2. is used for OAuth</li> + <li>NetTest client count can be limited</li> + <li>Captcha is now configurable</li> + <li>Recordings can be globally disabled</li> + </ul> Stability: <ul> - <li>Room Audio/Video should be more stable</li> - <li>OM should work as expected after KMS server restart</li> - <li>Backup is further improved</li> - <li>Audio/Video connection established faster</li> - <li>Most recent versions of dependencies are used</li> + <li>Audio/video in room is more stable</li> </ul> UI: <ul> - <li>User display name is used almost everywhere</li> - <li>Browser notifications are used to notify about new chat messages and moderator actions</li> - <li>Interview room was broken</li> - <li>Mute and "Mic status" were broken</li> + <li>Translations are improved</li> + <li>Invitation form displayes time in client time zone</li> + <li>Notifications are displayed using JS Notification API</li> + <li>Video pods size can be fixed and configurable per-user</li> </ul> <br/> Other fixes and improvements @@ -93,12 +97,12 @@ <br/> <span> - 52 issues are fixed please check <br/> - <a href="https://www.apache.org/dist/openmeetings/5.1.0/CHANGELOG.md">CHANGELOG</a> and - <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12349414">Detailed list</a> + 40 issues are fixed please check <br/> + <a href="https://www.apache.org/dist/openmeetings/6.0.0/CHANGELOG.md">CHANGELOG</a> and + <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&version=12348297">Detailed list</a> </span> <span> See <a href="downloads.html">Downloads page</a>.</span> - <span class="date">(2020-12-05)</span> + <span class="date">(2021-03-09)</span> </div> <div class="bd-callout bd-callout-info"> <span class="date"><a href="NewsArchive.html">You can find older news here</a></span> diff --git a/openmeetings-server/src/site/xdoc/security.xml b/openmeetings-server/src/site/xdoc/security.xml index 0501081..22dfd32 100644 --- a/openmeetings-server/src/site/xdoc/security.xml +++ b/openmeetings-server/src/site/xdoc/security.xml @@ -45,6 +45,17 @@ Please NOTE: only security issues should be reported to this list. </p> </section> + <section name="CVE-2021-27576 - Apache OpenMeetings: bandwidth can be overloaded with public web service"> + <p>Severity: Low</p> + <p>Vendor: The Apache Software Foundation</p> + <p>Versions Affected: 4.0.0 - 5.1.0</p> + <p>Description: NetTest web service can be used to overload the bandwidth of the server<br/> + <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27576">CVE-2021-27576</a> + </p> + <p>The issue was fixed in 6.0.0<br/> + All users are recommended to upgrade to Apache OpenMeetings 6.0.0</p> + <p>Credit: This issue was identified by Trung Le, Chi Tran, Ngo Van Thien</p> + </section> <section name="CVE-2020-13951 - Apache Openmeetings: DoS via public web service"> <p>Severity: High</p> <p>Vendor: The Apache Software Foundation</p>