This is an automated email from the ASF dual-hosted git repository.

solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git


The following commit(s) were added to refs/heads/master by this push:
     new 6bdba02  Release preparation: documentation update
6bdba02 is described below

commit 6bdba02c5d7142a6588b90eeaa308de6282bc734
Author: Maxim Solodovnik <solomax...@gmail.com>
AuthorDate: Tue Apr 10 22:37:42 2018 +0700

    Release preparation: documentation update
---
 CHANGELOG                                         | 26 ++++++++++++++++
 README                                            | 17 ++++++++++
 openmeetings-server/src/site/xdoc/NewsArchive.xml | 38 +++++++++++++++++++++++
 openmeetings-server/src/site/xdoc/downloads.xml   | 36 ++++++++++-----------
 openmeetings-server/src/site/xdoc/index.xml       | 35 +++++++--------------
 openmeetings-server/src/site/xdoc/security.xml    | 11 +++++++
 6 files changed, 122 insertions(+), 41 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 7229be5..ca5f9fe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,32 @@ Apache OpenMeetings Change Log
 See http://issues.apache.org/jira/browse/OPENMEETINGS-* (where * is the number 
of the issue below)
 See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-* (where * is the 
number of CVE below)
 
+Release Notes - Openmeetings - Version 4.0.3
+================================================================================================================
+
+** Vulnerability
+    * CVE-2018-1325 - Wicket Jquery UI: XSS while displaying value in WYSIWYG 
editor
+
+** Bug
+    * [OPENMEETINGS-1836] - Performance degradation
+    * [OPENMEETINGS-1837] - Audio isn't recording but the video is ok
+    * [OPENMEETINGS-1840] - Add Group in Room
+    * [OPENMEETINGS-1841] - List Of All Groups and Group is not Deleted
+    * [OPENMEETINGS-1849] - WhiteBoard tab needed to broadcast cam/audio
+    * [OPENMEETINGS-1852] - Impossible to set/change password of privileged 
user
+    * [OPENMEETINGS-1853] - Closed Room redirect link causes error
+    * [OPENMEETINGS-1857] - RoomWebService hash method is broken
+
+** Improvement
+    * [OPENMEETINGS-1791] - Quick response within a session
+    * [OPENMEETINGS-1863] - Red5sip Log-files - add a command to VoIP tutorial 
(chown nobody)
+
+** Task
+    * [OPENMEETINGS-1848] - Library versions need to be updated (4.0.3)
+    * [OPENMEETINGS-1862] - Apache mailing list RSS is not loaded
+    * [OPENMEETINGS-1866] - Entity enums should be annotated with different 
namespaces
+
+
 Release Notes - OpenMeetings - Version 4.0.2
 
================================================================================================================
 
diff --git a/README b/README
index 40299ca..8af64ea 100644
--- a/README
+++ b/README
@@ -8,6 +8,23 @@ Apache OpenMeetings provides video conferencing, instant 
messaging, white board,
 collaborative document editing and other groupware tools using API functions 
of 
 the Red5 Streaming Server for Remoting and Streaming. 
 
+Release Notes 4.0.3
+=============
+see CHANGELOG file for detailed log
+
+Release 4.0.3, provides following improvements:
+
+Security fix in Calendar
+
+Room:
+* Performance was improved
+* Issues with audio/video were fixed
+* Quick poll was added
+
+Multiple improvements in web services
+
+Other fixes and improvements, 13 issues were fixed
+
 Release Notes 4.0.2
 =============
 see CHANGELOG file for detailed log
diff --git a/openmeetings-server/src/site/xdoc/NewsArchive.xml 
b/openmeetings-server/src/site/xdoc/NewsArchive.xml
index 8ca31db..b0ab7aa 100644
--- a/openmeetings-server/src/site/xdoc/NewsArchive.xml
+++ b/openmeetings-server/src/site/xdoc/NewsArchive.xml
@@ -22,6 +22,44 @@
        <body>
                <section name="News">
                        <div class="bs-callout bs-callout-info">
+                               <b>Version 4.0.2 released!</b>
+                               <div>Release 4.0.2, provides following 
improvements:<br/>
+                                       <div class="bs-callout 
bs-callout-danger">Security fixes in Chat</div>
+                                       <br/>
+                                       Chat:<br/>
+                                       <ul>
+                                               <li>Send on 
Enter/Ctrl+Enter</li>
+                                               <li>Invited guest's name 
displayed as expected</li>
+                                               <li>Turned OFF global chat is 
not displayed</li>
+                                               <li>Link works as expected</li>
+                                               <li>Smiles works as 
expected</li>
+                                               <li>Hover removed from chat</li>
+                                       </ul>
+                                       <br/>
+                                       Room:<br/>
+                                       <ul>
+                                               <li>Download as PDF</li>
+                                               <li>Download/screen-sharing 
application in IE</li>
+                                               <li>No duplicated users</li>
+                                               <li>Activities&amp;Actions 
improved</li>
+                                               <li>Number of users is 
displayed in the room</li>
+                                               <li>Mathematical formulas on 
WB</li>
+                                       </ul>
+                                       <br/>
+                                       Other fixes and improvements
+                                       <div class="bs-callout 
bs-callout-info">Please update to this release from any previous OpenMeetings 
release</div>
+                               </div>
+                               <br/>
+
+                               <span>
+                                       32 issues are fixed please check <br/>
+                                       <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG";>CHANGELOG</a> 
and
+                                       <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&amp;version=12342276";>Detailed
 list</a>
+                               </span>
+                               <span> See <a href="downloads.html">Downloads 
page</a>.</span>
+                               <span class="date">(2018-02-24)</span>
+                       </div>
+                       <div class="bs-callout bs-callout-info">
                                <b>Version 4.0.1 released!</b>
                                <div>Release 4.0.1, provides following 
improvements:<br/>
                                        <ul>
diff --git a/openmeetings-server/src/site/xdoc/downloads.xml 
b/openmeetings-server/src/site/xdoc/downloads.xml
index e54174a..5a22178 100644
--- a/openmeetings-server/src/site/xdoc/downloads.xml
+++ b/openmeetings-server/src/site/xdoc/downloads.xml
@@ -24,31 +24,31 @@
                <section name="Downloads">
                        <p>
                                All downloads should be verified using the 
Apache OpenMeetings code
-                               signing <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/KEYS";>KEYS</a>, <br/>
+                               signing <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/KEYS";>KEYS</a>, <br/>
                                Here are <a 
href="https://www.apache.org/dyn/closer.cgi#verify";>the instructions</a><br/>
                                <br/>
-                               changes: <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG";>CHANGELOG</a>.
+                               changes: <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/CHANGELOG";>CHANGELOG</a>.
                        </p>
                        <p>
                                All versions are available for download as 
source and binary.
                        </p>
                        <subsection name="Latest Official Release">
                                <p>
-                                       Apache OpenMeetings 4.0.2
+                                       Apache OpenMeetings 4.0.3
                                </p>
                                <ul>
                                        <li>
                                                Binaries:
                                                <ul>
                                                        <li>
-                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip";>apache-openmeetings-4.0.2.zip</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip.asc";>[SIG]</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.zip.sha256";>[SHA256]</a>
+                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip";>apache-openmeetings-4.0.3.zip</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip.asc";>[SIG]</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.zip.sha256";>[SHA256]</a>
                                                        </li>
                                                        <li>
-                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz";>apache-openmeetings-4.0.2.tar.gz</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz.asc";>[SIG]</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/bin/apache-openmeetings-4.0.2.tar.gz.sha256";>[SHA256]</a>
+                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz";>apache-openmeetings-4.0.3.tar.gz</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz.asc";>[SIG]</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/bin/apache-openmeetings-4.0.3.tar.gz.sha256";>[SHA256]</a>
                                                        </li>
                                                </ul>
                                        </li>
@@ -56,22 +56,22 @@
                                                Sources:
                                                <ul>
                                                        <li>
-                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip";>apache-openmeetings-4.0.2-src.zip</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip.asc";>[SIG]</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.zip.sha256";>[SHA256]</a>
+                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip";>apache-openmeetings-4.0.3-src.zip</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip.asc";>[SIG]</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.zip.sha256";>[SHA256]</a>
                                                        </li>
                                                        <li>
-                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz";>apache-openmeetings-4.0.2-src.tar.gz</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz.asc";>[SIG]</a>
-                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/src/apache-openmeetings-4.0.2-src.tar.gz.sha256";>[SHA256]</a>
+                                                               <a 
href="https://www.apache.org/dyn/closer.lua/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz";>apache-openmeetings-4.0.3-src.tar.gz</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz.asc";>[SIG]</a>
+                                                               <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/src/apache-openmeetings-4.0.3-src.tar.gz.sha256";>[SHA256]</a>
                                                        </li>
                                                </ul>
                                        </li>
                                        <li>
-                                               Docker image: <a 
href="https://github.com/openmeetings/openmeetings-docker/tree/4.0.2";>https://github.com/openmeetings/openmeetings-docker/tree/4.0.2</a>
+                                               Docker image: <a 
href="https://github.com/openmeetings/openmeetings-docker/tree/4.0.3";>https://github.com/openmeetings/openmeetings-docker/tree/4.0.3</a>
                                        </li>
                                        <li>
-                                               ISO: <a 
href="https://om.alteametasoft.com/om_4.0.2.qcow2";>https://om.alteametasoft.com/om_4.0.2.qcow2</a>
 (QEMU qcow2 format)
+                                               ISO: <a 
href="https://om.alteametasoft.com/om_4.0.3.qcow2";>https://om.alteametasoft.com/om_4.0.3.qcow2</a>
 (QEMU qcow2 format)
                                                <source>
 <![CDATA[
 #######      PLEASE CHANGE ALL PASSWORDS !!
@@ -85,7 +85,7 @@ OM:            om_admin/1Q2w3e4r5t^y
 # run
 #   memory          ==: "-m 2G"
 #   number of cores ==: "-smp 1"
-qemu-system-x86_64 -boot d -smp 1 -m 2G -drive 
format=qcow2,file=om_4.0.2.qcow2 -net 
user,hostfwd=tcp::10022-:22,hostfwd=tcp::15080-:5080 -net nic
+qemu-system-x86_64 -boot d -smp 1 -m 2G -drive 
format=qcow2,file=om_4.0.3.qcow2 -net 
user,hostfwd=tcp::10022-:22,hostfwd=tcp::15080-:5080 -net nic
 
 # connect
 ssh om_admin@localhost -p10022
diff --git a/openmeetings-server/src/site/xdoc/index.xml 
b/openmeetings-server/src/site/xdoc/index.xml
index 9ccbe11..39f464a 100644
--- a/openmeetings-server/src/site/xdoc/index.xml
+++ b/openmeetings-server/src/site/xdoc/index.xml
@@ -69,42 +69,31 @@
                </section>
                <section name="News">
                        <div class="bs-callout bs-callout-danger">
-                               <b>Version 4.0.2 released!</b>
-                               <div>Release 4.0.2, provides following 
improvements:<br/>
-                                       <div class="bs-callout 
bs-callout-danger">Security fixes in Chat</div>
-                                       <br/>
-                                       Chat:<br/>
-                                       <ul>
-                                               <li>Send on 
Enter/Ctrl+Enter</li>
-                                               <li>Invited guest's name 
displayed as expected</li>
-                                               <li>Turned OFF global chat is 
not displayed</li>
-                                               <li>Link works as expected</li>
-                                               <li>Smiles works as 
expected</li>
-                                               <li>Hover removed from chat</li>
-                                       </ul>
+                               <b>Version 4.0.3 released!</b>
+                               <div>Release 4.0.3, provides following 
improvements:<br/>
+                                       <div class="bs-callout 
bs-callout-danger">Security fix in Calendar</div>
                                        <br/>
                                        Room:<br/>
                                        <ul>
-                                               <li>Download as PDF</li>
-                                               <li>Download/screen-sharing 
application in IE</li>
-                                               <li>No duplicated users</li>
-                                               <li>Activities&amp;Actions 
improved</li>
-                                               <li>Number of users is 
displayed in the room</li>
-                                               <li>Mathematical formulas on 
WB</li>
+                                               <li>Performance was 
improved</li>
+                                               <li>Issues with audio/video 
were fixed</li>
+                                               <li>Quick poll was added</li>
                                        </ul>
                                        <br/>
+                                       Multiple improvements in web services
+                                       <br/>
                                        Other fixes and improvements
                                        <div class="bs-callout 
bs-callout-info">Please update to this release from any previous OpenMeetings 
release</div>
                                </div>
                                <br/>
 
                                <span>
-                                       32 issues are fixed please check <br/>
-                                       <a 
href="https://www.apache.org/dist/openmeetings/4.0.2/CHANGELOG";>CHANGELOG</a> 
and
-                                       <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&amp;version=12342276";>Detailed
 list</a>
+                                       13 issues are fixed please check <br/>
+                                       <a 
href="https://www.apache.org/dist/openmeetings/4.0.3/CHANGELOG";>CHANGELOG</a> 
and
+                                       <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312720&amp;version=12342829";>Detailed
 list</a>
                                </span>
                                <span> See <a href="downloads.html">Downloads 
page</a>.</span>
-                               <span class="date">(2017-02-24)</span>
+                               <span class="date">(2018-04-13)</span>
                        </div>
                        <div class="bs-callout bs-callout-info">
                                <span class="date"><a 
href="NewsArchive.html">You can find older news here</a></span>
diff --git a/openmeetings-server/src/site/xdoc/security.xml 
b/openmeetings-server/src/site/xdoc/security.xml
index 5749072..afdbb76 100644
--- a/openmeetings-server/src/site/xdoc/security.xml
+++ b/openmeetings-server/src/site/xdoc/security.xml
@@ -45,6 +45,17 @@
                                Please NOTE: only security issues should be 
reported to this list.
                        </p>
                </section>
+               <section name="CVE-2018-1325 - Wicket Jquery UI: XSS while 
displaying value in WYSIWYG editor">
+                       <p>Severity: High</p>
+                       <p>Vendor: wicket-jquery-ui</p>
+                       <p>Versions Affected: &lt;= 6.29.0, &lt;= 7.10.1, &lt;= 
8.0.0-M9.1</p>
+                       <p>Description: JS code created in WYSIWYG editor will 
be executed on display<br/>
+                               <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1325";>CVE-2018-1325</a>
+                       </p>
+                       <p>The issue was fixed in 6.29.1, 7.10.2, 
8.0.0-M9.2<br/>
+                               All users are recommended to upgrade to Apache 
OpenMeetings 4.0.2</p>
+                       <p>Credit: This issue was identified by Kamil Sevi</p>
+               </section>
                <section name="CVE-2017-15719 - Wicket jQuery UI: XSS in 
WYSIWYG editor">
                        <p>Severity: High</p>
                        <p>Vendor: wicket-jquery-ui</p>

-- 
To stop receiving notification emails like this one, please contact
solo...@apache.org.

Reply via email to