OpenMeetings 3.1.2 released

Release v3.1.2 contains 55 enhancements and fixes and 1 patch for a security vulnerability.
Security Fix: CVE-2016-3089 - Apache OpenMeetings XSS in SWF panel

Other security relevant updates:

  • XSS in Chat window leading to DOS
  • MD5 should not be used for password encryption
  • OpenMeetings is vulnerable to session fixation
  • Private recording files were available to all users

Additionally a signed Screen-Sharing application with a valid certificate from the Apache Foundation is available since this release. Please update to this release from any previous OpenMeetings release. A detailed documentation on how to migration from older versions is available on the project website see: http://openmeetings.apache.org/Upgrade.html.

Other fixes in admin, localisation, installer, invitations, room etc.

For a complete list of changes, see: https://www.apache.org/dist/openmeetings/3.1.2/CHANGELOG

Downloads and documentation is available from our project website:
http://openmeetings.apache.org/downloads.html

Update (15/08/2015)
OpenMeetings modules are now also available individually as Maven dependencies, see: https://repository.apache.org/#nexus-search;quick~openmeetings

For example:
<dependency>
<groupId>org.apache.openmeetings</groupId>
<artifactId>openmeetings-db</artifactId>
<version>3.1.2</version>
</dependency>

The sync to http://repo1.maven.org/maven2/org/apache/ should be available within the next 24hours.

Copyright ©2012-2025 Apache Software Foundation . All Rights Reserved.

Apache OpenMeetings, OpenMeetings, Apache, the Apache feather, and the Apache OpenMeetings project logo
are trademarks of the Apache Software Foundation.
Privacy policy