OpenTalk v25.1.5
Release notes
Security measures against eavesdropping
An attacker can re-join the meeting without being noticed, and continue to receive media streams after they left. This can not be prevented entirely with the current technology stack, but it can be detected.
To mitigate eavesdropping, the presence of unrecognized participants is now detected and a warning is shown to the other participants in the conference.
The attack requires access to a meeting room, either by being authenticated, or by an invite link.
Component versions
| Category | Component | Version |
|---|---|---|
| Frontend | web-frontend | v2.4.5 |
| Services | controller | v0.29.6 |
| Services | controller-enterprise | v0.29.6 |
| Services | obelisk | v0.19.6 |
| Services | recorder | v0.14.2 |
| Services | smtp-mailer | v0.13.1 |
| Documentation | ot-setup | v25.1.5 |
| 3rd-Party Components | ot-spacedeck | v2.0.2 |
| 3rd-Party Components | ot-etherpad | v2.0.1 |
| 3rd-Party Components | livekit-server | v1.8.4 |
| 3rd-Party Components | keycloak | v20.0.5 |
| 3rd-Party Components | postgres | v15.12.0 |
| 3rd-Party Components | rabbitmq | v3.13.7 |
| 3rd-Party Components | redis | v7.4.2 |
| 3rd-Party Components | minio | RELEASE.2023-07-21T21-12-44Z |
web-frontend v2.4.5
🚀 New features
- Add wiretapping user notification (!2363)
🐛 Bug fixes
- (popout) Suppress eavesdropping notification (!2406)
obelisk v0.19.6
🐛 Bug fixes
- Udpate ezk-sip version which caused TLS transports to not be chosen (!286 (merged))
- Avoid dropping packets when the internal RTP receiver falls behind (!278 (merged))
ot-setup v25.1.5
Changed
- Update container image versions related to the product version v25.1.5.
ot-spacedeck v2.0.2
⚙ Miscellaneous
- (licenses) Migrate from dep5 to REUSE.toml format (!10)
ot-etherpad v2.0.1
Generation of this document was supported by retoki.