[2026.2.0] - 2026-07-09
Note our new version numbering system:
[year].[feature release index - starting at 1].[bugfix release index - starting at 0]
Added
- Add support to require a new SMS code to be sent when using Portal v2.11.0
Fixed
- Add some missing aria-labels for better accessibility
- Hide join by phone and video conference for hybrid webex meetings
Security
-
Add support to send API Token as HMAC hashed value to supported Portal versions
-
Upgrade Django, lxml, libxml2, urllib3, requests, cryptography, pyOpenSSL, pyasn1, python-ldap, dnspython, soupsieve, sqlparse, libpq5 and OS security packages
-
Related CVEs: CVE-2025-57833, CVE-2025-64459, CVE-2025-66418, CVE-2025-66471, CVE-2025-68973, CVE-2026-6473, CVE-2026-6477, CVE-2026-6478, CVE-2026-21441, CVE-2026-23490, CVE-2026-26007, CVE-2026-30922, CVE-2026-44431, CVE-2026-49476, CVE-2026-49477
-
Pin Vuetify to a patched 2.7.3 build fixing CVE-2025-8083, CVE-2025-8082 and CVE-2025-1461
-
Apply security apt upgrades in the python and node build containers for clean trivy scans
-
Internal - not reachable: CVE-2025-64458, CVE-2025-69421, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006, CVE-2026-3833, CVE-2026-23949, CVE-2026-24049, CVE-2026-27459, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-33845, CVE-2026-33846, CVE-2026-40355, CVE-2026-40356, CVE-2026-41066, CVE-2026-42009, CVE-2026-42010, CVE-2026-45447
[1.1.2] - 2025-10-21
Fixed
- Update API-version of Swedish BankID integration
[1.1.1] - 2025-07-04
Fixed
- Stop enabling demo mode by default on initial onboarding
- Fix invalid code format of some non-english translations
- Remove temporary files from the packaged container that unnecessarily increased the download size
Security
- Upgrade gunicorn
- Related CVEs: CVE-2024-6827
Changed
- Set HttpOnly for CSRF-token to remove false positive finding for some automatic security scanners
[1.1.0] - 2024-12-22
Note: The downloaded package was replaced 2025-04-25, with a single change of removing some temporary files that unnecessarily increased the download size
Added
- Add support for SAML SP metadata-XML and SLO
- Add german translation
Fixed
- Fix reloading updated meetings after meetings list has been loaded
- Redirect back to meetings list if joining meeting fails
Security
- Upgrade Django, cryptography, libexpat1, libgnutls30, gunicorn, libc-bin, patch django-rest-framework
- Related CVEs: CVE-2023-43665, CVE-2023-50782, CVE-2023-52425, CVE-2024-0553, CVE-2024-1135, CVE-2024-26130, CVE-2024-2961, CVE-2024-33599, CVE-2024-21520
Changed
- Enable HSTS SSL headers
- Use HTTP proxy for all requests
- Change syslog format to LogFmt, include additional context
- Upgrade base python version and libraries
[1.0.1] - 2023-07-12
Renamed "Mividas Connect" to "Mividas Identify"
Fixed
- Clear meeting list when session expires
- Reload meeting list when no meetings are still valid
- Display more error messages in user interface
Security
- Upgrade django
- Related CVEs: CVE-2023-36053
[1.0.1-rc1] - 2023-04-28
Fixed
- Support domain names longer than 50 characters
- Extend session expiry on manual actions
- Clear meeting list upon session expiration
Security
- Upgrade django, cryptography, sentry-sdk
- Related CVEs: CVE-2023-23969, CVE-2023-24580, CVE-2023-28858, CVE-2023-28117
- Sanitize invite HTML-content
Changed
- Log BankID-errors to console
- Require manual action to refresh SIP PIN-code
[1.0.0] - 2023-01-18
Fixed
- Fix join meeting user interface for smaller screens, and for longer text translations
[1.0.0-rc1] - 2022-11-24
This version is required if running Mividas Portal v2.9.0-rc1 or later. Downgrades requires re-setting all passwords and certificates in backend admin
Added
- More detailed error messages for end users upon login failures
- Display information about expired session without user interaction if leaving tab too long in background
- Add French translation
- Add support to use email field for SAML-login to enable matching against internal users
- Add separate landing page for SMS code-login
- Add support to reuse previous meeting code if server could not be contacted upon login
Fixed
- Fix test video-meeting link
- Fix saving branding settings in onboarding wizard
Changed
- Increase SAML allowed clock skew to 15 seconds
- Update layout for better support for text changes/translations with varying text length
- Pass meeting code using location hash (#?code=) instead of query string to leave it out of browser history
- Encrypt all end user data before storing in temporary session store
- Encrypt API, SAML-metadata and certificate passwords before storing in database
- Update user interface if logging in/out in another tab
- Display loading indicators for all end user actions
- Validate color settings syntax
- Allow more formats of support phone number
- Update settings form layout and error handling
- Set Secure-flag for session- and csrf-cookie
Security
- Upgrade django, pydantic, paramiko
[1.0.0-beta2] - [2022-05-31]
Added
- Log API errors to console log
- Add IVR phone number to branding settings
Fixed
- Fix uploading only one of favicon and logo during onboarding wizard
- Hide test url if not set in theme settings
- Fix countdown until meeting opens if distance is over 24h
Changed
- Validate URL format for remote SAML metadata
- Display warning message in UI if login was successful but no meetings matching user was found
- Improve design for join by phone-dialog
[1.0.0-beta1] - [2022-05-13]
- General workup of most functionality
Added
- Join by phone using theme setting for IVR number
- Add support to categorize authentication types as internal SSO login or eID
[1.0.0-alpha] - [2022-02-25]
Initial public test release