Release notes for Mividas Meeting Portal.

[2.10.3] - 2025-01-23

Added

  • Add support to attach extra iCal-file using advanced meeting type-setting {"attach_extra_ical_file": true}
  • Add support to force auto lock of calls by using advanced meeting type-setting {"enable_auto_lock_call": "force"}
  • Add support to override sender email address if organizer is included in attendee-list by using advanced meeting type-setting {"override_organizer_self_email": "[email protected]"}
  • Add support to search video users to add as invites (set global setting to enable)
  • Extract names and email addresses from pasted invite users

Fixed

  • Fix scheduling webinars if moderator pin has been disabled
  • Fix text of support-button in mobile version
  • Fix change password-link if local accounts are disabled
  • Display 404-error if trying to remove dialout multiple times
  • Ignore settings for forcing pin codes for existing VMRs
  • Override disabled moderator PIN for Pexip webinars
  • Return error message if trying to schedule meeting in existing VMR without selecting one
  • Display unbook-button on Outlook meeting details view when Outlook meeting removal is enabled
  • Fix recurring rule format for Outlook meetings to be able to move the first occurrence without effecting the whole series
  • Display error message when search requests fails
  • Disable changing e-mail address if using SAML/LDAP for authentication
  • Fix using cached data for some account-related settings to improve performance
  • Handle validation errors due to invalid encoding of e-mail addresses

Security

  • Disable changing e-mail address if using SAML/LDAP for authentication
  • Upgrade requests and pydantic, patch django-rest-framework
  • Related CVEs: CVE-2024-3772, CVE-2024-35195, CVE-2024-21520

Changed

  • Set max length of meeting title input
  • Send invite iCal-file as top level alternative
  • Increase cache timeout for outlook views
  • Validate that PIN codes are the same length for Pexip meetings
  • Pre-fill organizer email address as moderator for secure meeting
  • Include installation domain name in manifest filename
  • Decrease cache duration for meeting type settings to 10 seconds
  • Collect more information to audit log
  • Validate that the same PIN code has not been set for both VMR moderator- and guest access method
  • Allow unbooking meetings from Outlook using POST-request if policy blocks DELETE-request
  • Display ID, sent time and send errors in meeting invite lists for troubleshooting

Deprecations

  • Portal v2.10.x will be the last versions supporting advanced Outlook mode using dialogs

[2.10.2] - 2024-10-04

Fixed

  • Fix manually specifying SAML claim names using uri-syntax - e.g. http://schemas.microsoft.com....
  • Fix saving outlook-settings if having license for secure meetings but no enabled meeting types
  • Fix sending cancellation notification for meetings in static VMRs
  • Redirect to previous occurrence when removing invitations from recurring meetings
  • Display moderator invite message for meetings in static VMRs, if enabled
  • Fix resending invitation emails when the first occurrence of a meeting series is cancelled
  • Update API-request for sending SMS with Brevo (previously sendinblue)
  • Resync recurring meeting series to extend upper provisioning date for long series
  • Stop logging errors during cancellation for SMS-based invites
  • Hide button to add new static VMRs in case that the user does not have a user in the MCU
  • Fix compatibility for downloadable iCal-file
  • Fix Outlook-status for meeting scheduled using advanced mode using dialog
  • Fix some translations and issues with whitespace detection since browser-updates
  • Display moderator connection details for webinars if no PIN-code was excplititly set by user

Changed

  • Use role as fallback SAML claim name if none is provided
  • Log result of sending SMS-messages
  • Log name specified in invite for secure meetings using SMS-invites
  • Require users to visit VMR details before seeing the connection-button for all roles
  • Disable scheduling meetings in existing VMRs belonging to separate tenants

[2.10.1] - 2024-07-01

Fixed

  • Fix rescheduling ended recurring meetings
  • Fixed selecting meeting types in Outlook settings if secure meetings license is not enabled
  • Fix SSO-login in Outlook-addin when local accounts are enabled
  • Fix inviting participant step in wizard for webinars
  • Fix availability API-request for recurring meetings with more than 15 instances
  • Fix populating PIN-codes from static VMR since Core API-connection

Changed

  • Log if LDAP bind or filter calls takes over 1s for troubleshooting
  • Include extra ACS-url with trailing slash in SAML metadata to prepare for future change

[2.9.6] - 2024-07-01

Fixed

  • Fix rescheduling ended recurring meetings
  • Fix login form in backend admin if both SAML and local accounts are enabled
  • Fix cache expiry for SAML metadata
  • Fix SSO-login in Outlook-addin when local accounts are enabled

Changed

  • Log if LDAP bind or filter calls takes over 1s for troubleshooting
  • Include extra ACS-url with trailing slash in SAML metadata to prepare for future change

[2.10.0] - 2024-05-29

Added

  • Search and filtering support in meeting list
  • New meeting type for external meetings, eg. scheduling dialouts to a zoom meeting
  • Support for searching meeting based on dialouts
  • Availability checking for automatic dialout
  • New list view of users' meeting rooms
  • More options for user meeting rooms, layout, only member access and microphone mute for new participants
  • Create/remove support for users meeting rooms
  • Added support for creating copies of existing meetings
  • Add/remove members support for users meeting rooms
  • Support for managing other users meetings, requires license flag
  • Schedule static meetings in Core, and add support for dialouts

Global settings

  • Enable/disable advanced invitations
  • Force dialout availability validation
  • Enable/disable searching for meetings based on dialout

Meeting room settings

  • Enable/disable requirement of meeting room guest and moderator PIN code

Outlook add-in settings

  • Menu based add-in settings
  • Enable/disable smart events
  • Default meeting types for secure and static meeting scheduling

Fixed

  • Javascript fixes for IE 11
  • Fixes for popups opening in main window

Changed

  • All-around translation updates
  • Better error handling in scheduling forms
  • Improved email base template
  • Improved invitation forms in scheduling wizard
  • Improved automatic dialout form
  • Allow more style attributes in invitation message

[2.9.5] - 2024-05-29

Added

  • Add support for regular user LDAP filter using new separate field in Installer

Fixed

  • Fix SRV-lookup for LDAP servers
  • Add custom LDAP relation fields from Installer to user query
  • Remove redundant data from LDAP error messages
  • Only display SAML SSO login on start page when local accounts are enabled in Installer
  • Dont strip sip: or CMS/Pexip desktop protocols in email content

Changed

  • Increase session expiration to 7 days when using SAML SSO in combination with LDAP
  • Change header in backend admin
  • Improve cache for remote SAML-metadata. Enable HTTP(s)-proxy
  • Allow rescheduling recurring meetings ended more than a couple of hours ago

[2.9.4] - 2024-03-28

Recommended platform versions (at time of release):

  • Mividas Installer v1.8.5
  • Mividas Core: v3.1.4
  • Mividas Connect/Identify: v1.0.x
  • Mividas Outlook add-in v2.0.2+

Added

  • Pass meeting settings about forced moderator PIN-code to outlook addin
  • Add support to remove existing invitations
  • Add support to adding H323- and E.164 dialouts

Fixed

  • Fix second action button in wizard, e.g. "Add another"
  • Fix unbooking single occurrence outside of weekly rule
  • Display public title for secure meetings in sidebar calendar
  • Fix adding dialouts for recurring secure meetings
  • Use secure meeting invite message from backend admin in Outlook add-in
  • Fix overriding meeting title in iCal-file for recurring instances
  • Fix clearing unbooked recurring overrides from Outlook calendar
  • Fix wizard-steps when using advanced/dialog mode for Outlook add-in
  • Fix detection of re-used secure meeting invites and normalize identification number
  • Fix initial layout mode if overridden in meeting type settings
  • Handle error if visiting invalid meeting url
  • Fix generation of SMS code with at least one digit for iPhone-support. Replace hard to distinguish characters
  • Fix restoring recurring meeting instance that had previously been removed
  • Detect and merge renamed LDAP-users using objectGUID
  • Fix redacting meeting invites
  • Fix enable preset for dialout-flag for meeting types in new installations
  • Fix content-type for outgoing secure meeting API json-requests
  • Display correct end time for separate occurrences when rescheduling recurring meeting series
  • Fix initial layout selection when using advanced settings for meeting-type
  • Don't prefill invitation-field with organizer email address if already invited
  • Send extra cancellations for separate events of recurring series to remove events from outlook
  • Fix display of call id for meetings scheduled in static Cisco Meeting Server VMRs
  • Display moderator pin-form if only guest-PIN has been forced using advanced settings
  • Fix public meeting titles for secure meetings if changing from single title to separated titles
  • Fix normalization of digits and dashes for swedish personal number
  • Fix Pexip "Control meeting"-button if using specific webapp-version in Core
  • Fix displaying secure meeting invites for recurring meetings with overrided first occurrence
  • Fix changing title of meeting if secure meeting settings has been changed from having separate title enabled to not enabled
  • Allow login with SAML-responses that are missing NameID (Note that SLO is unavailable)

Security

  • Upgrade libncursesw6, libpq-dev, libpq5, libtinfo6, ncurses-base, ncurses-bin, Django, setuptools, cryptography
  • Related CVEs: CVE-2021-39537, CVE-2023-29491, CVE-2023-5869, CVE-2023-46695, CVE-2022-40897

Changed

  • Use invite text from flatblock for secure meetings scheduled using Outlook add-in
  • Sort multiple meetings on the same day using start- and stop time in sidebar calendar
  • Allow more CSS-styles in invite text, update base email template
  • Log errors when sending emails
  • Use dialog when removing dialouts from meeting
  • Log secure meeting invite-actions
  • Use empty title by default in wizard, focus text input on page load
  • Remove unused "single use"-checkbox from SMS-code invites
  • Try at most 3 LDAP-servers from SRV-lookup. Sort by priority
  • Log if LDAPS is configured but only _ldap._tcp SRV pointers are available
  • Don't resend SMS-invite for changed meetings within 48h unless the recipient has already opened and read the time information
  • Delay sending invite emails for 45 seconds after booking meeting
  • Log more information about resolved LDAP-servers to syslog
  • Upgrade some javascript dependencies and packaging runtime
  • Don't send email when someone accepts invitation from Portal, except if advanced setting send_open_meeting_notification is set
  • Pre-provision recurring meetings up to 12 months from now and/or 120 meetings from today
  • Rebook single instance by default when opening dialog

[2.9.3] - 2023-11-01

Recommended platform versions (at time of release):

  • Mividas Core: v3.1.4
  • Mividas Connect/Identify: v1.0.x
  • Mividas Outlook add-in v2.0.2+

Added

  • Ask if meeting should be cancelled if wizard is aborted
  • Add support for SAML metadata /saml/metadata/ and SLO front channel flow
  • Add support for SAML signing certificates
  • Add support to specify admin permission claims for SAML in future version of Installer
  • Add support for dialog based Outlook add-in scheduling when using desktop client with IE11 engine

Fixed

  • Use correct timezone when selecting day of week when updating meeting
  • Use correct timezone when calculating active days in sidebar calendar
  • Fix updating dialouts for recurring series using other occurrence than the first scheduled one
  • Display backend admin link in mobile
  • Hide test meeting in mobile version if not enabled
  • Use current locale in sidebar calendar
  • Allow logging in as admin with- or without domain (if allowed by LDAP filter)
  • Handle timeout when fetching static meeting rooms in dialog
  • Fix race condition where single occurrence overrides for meeting series was not reflected in Core until the next modification
  • Don't show recording options when not supported by backend
  • Transpile some more vendor libraries for better IE11 (embedded Outlook) support
  • Lower delay for initial healthcheck to speed up deployment
  • Fix SMS phone number-validation if using eID as secure meeting authentication

Security

  • Upgrade Pillow, certifi, cryptography
  • Related CVEs: CVE-2023-4863, CVE-2023-37920, CVE-2023-38325

Changed

  • Clearer meeting serie information in meeting details view
  • Display year of meeting and occurrence

[2.9.2] - 2023-07-11

Recommended platform versions (at time of release):

  • Mividas Core: v3.0.1+ / v3.1.2+
  • Mividas Connect/Identify: v1.0.x

Added

  • Add support for menu-based Outlook add-in

Fixed

  • Fix redacting name from secure meeting log
  • Fix removing default meeting type

Security

  • Fix potential elevated privilege issue when an admin user with a logged in Outlook-session delegates full mailbox delegation access to a non-admin user in Exchange
  • Lower session expiration value
  • Validate- and auto-logout if LDAP-user has been disabled or removed after login
  • Upgrade cryptography, django, sqlparse
  • Related CVEs: CVE-2023-31047, CVE-2023-30608, CVE-2023-36053

Changed

  • Send both moderator- and guest PIN-codes when changing static VMR-settings to allow empty PIN-code and single operation toggle of activated PIN

[2.9.1] - 2023-04-28

Recommended platform versions (at time of release):

  • Mividas Core: v3.0.1+ / v3.1.0+
  • Mividas Connect/Identify: v1.0.x

Note: To keep "Test meeting" visible in the user interface, you have to set relevant SIP- and/or WebRTC-address in Theme settings > Support settings > Test calls

Added

  • Add support to modify email template header (e.g. to remove invite subject) from outgoing emails in Backend admin > Flat blocks > Text Content > invite_email.content

Fixed

  • Fix issue in error reporting where the system tried to contact Mividas-servers to report the number of exceptions that was not sent, due to that error reporting was disabled
  • Fix selecting day before today when updating recurring meeting series
  • Remove invalid authentication type from help text
  • Fix disabling default meeting type
  • User interface fixes if scheduled recordings are enabled in preparation for next version

Changed

  • Hide fields from backend admin not applicable for secure meeting types
  • Change input tag-type for layout selector for better WCAG-compatibility

[2.9.1-rc1] - 2023-03-30

Recommended platform versions (at time of release):

  • Mividas Core: v3.0.1+ / v3.1.0+
  • Mividas Connect/Identify: v1.0.0

Added

  • Add theme option for setting URL for WebRTC test call, and default test call SIP-address
  • Include if requested meeting belongs to a recurring meeting in the API response
  • Add support to automatically delete old meetings (advanced setting {"remove_meetings": "7 01:02:03"} for custom time length)
  • Add support to automatically redact meeting invite data (advanced setting {"redact_invites": "7 01:02:03"} for custom time length)
  • Add support to automatically delete secure meeting authentication logs (input number of days in the user interface, or advanced setting {"redact_log": "7 01:02:03"} for custom time length)
  • Add support to specify custom duration before hiding secure meeting authentication logs (advanced setting {"redact_log": "7 01:02:03"})
  • Helper API for importing existing meetings into Portal
    • Basic support for Synergy Manage

Fixed

  • Fix unbooking recurring series from Outlook add-in
  • Allow updating user video address when using SAML in combination with LDAP
  • Fix moderator suffix sometimes being added twice to iCal calendar items
  • Fix matching recurring occurrence using EWS item ID
  • Increase iCal change counter for every standalone occurrence
  • Fix error message in schedule static meeting room form if no rooms are available
  • Fix delay for changing PIN for secure meetings without unique addresses

Security

  • Better sanitation of invite HTML content before displaying to users
  • Upgrade django, certifi, cryptography, pyopenssl, sentry-sdk, urllib3
  • Related CVEs: CVE-2022-41323 CVE-2023-23969 CVE-2023-24580 CVE-2022-45198 CVE-2022-45199 CVE-2023-28117

Changed

  • Bundle MicrosoftAjax.js for better Outlook compatibility in air-gapped environments
  • Allow setting staff-flag if LDAP user is member of dn-nested child group to configured group dn
  • Fix static meeting room list-view layout if no static meeting rooms are available
  • Send the number of invited participants to Core for future support to display counters
  • Validate email address format (e.g. copy-pasted lists) for invited participants. Extract name of users if included and include in outgoing email

[2.9.0] - 2023-01-27

Recommended platform versions (at time of release):

  • Mividas Core: v3.0.0
  • Mividas Connect/Identify: v1.0.0

Added

  • Add support for scheduling meetings in static meeting rooms (if enabled in Core > Backend Admin > Scheduling Portal API key-settings)
  • Add support to schedule secure meetings from Outlook
  • Add support for scheduling recurring meetings
    • Support for weekly rule and custom occasions/overrides.
    • Missing: reschedule/override "this and future events"
  • Add support to pass service account name that will always be added to Outlook invites
  • Add French translation
  • Add support for scheduling secure
  • Add support to match secure meeting-invite to email address if configured as verified in Connect/Identify SAML-settings
  • Send separate moderator email for meetings scheduled in Outlook without extended authentication

Fixed

  • Better reschedule error handling
  • Fixes for wizard-based Outlook scheduling:
    • Workaround office-js bug #2437 effecting on premise Exchange-installation caused by wrong casing of folder name
    • Workaround office-js bug #1286 effecting on premise Exchange-installation

Security

  • Upgrade django, pydantic, django-ninja, pillow, pytz, pysaml2

  • Related CVEs:

  • Validate image file name in theme image fields

Changed

  • Encrypt secure meeting authentication log data
  • Include at least one digit in SMS code to fix iPhone code-matching

[2.8.10] - 2022-09-06

Fixed

  • Re-package office-js files - fixes problems with Outlook SSO authentication

[2.8.9] - 2022-07-05

Fixed

  • Keep language cookie after browser close

Changed

  • Enable secure flag for session cookies
  • Increase SAML allowed clock skew to 15 seconds
  • Open support links in new window
  • Display cancel meeting in dialog
  • Change the label text on the support ticket-button

[2.8.8] - 2022-05-31

Note: For LDAP login, TLS verification is forced by default when LDAPS/SSL connection is not enabled. Make sure to install any custom CA or disable TLS verification.

Added

  • Add more logging for Connect API requests
  • Display more information for unhandled error when using admin login

Fixed

  • Keep language cookie after browser close

Changed

  • Enable secure flag for session cookies
  • Increase SAML allowed clock skew to 15 seconds
  • Open support links in new window
  • Display cancel meeting in dialog
  • Change label on ticket button

[2.9.0-beta3] - 2022-08-24

Fixed

  • Hide cancelled meetings from incoming secure meeting list
  • Redirect meeting login to Connect for meetings that have Portal login disabled
  • Fix opening meeting details when not logged in
  • Fix meeting PIN change when using Core without support for separate access methods
  • Fix webinar user registration
  • Fix pre-set authentication method for guest participant
  • Fix scheduling meeting with only one enbled guest participant authentication method
  • Fix meeting start time for scheduling wizard if using different timezones in Outlook vs Portal
  • Fix meeting start time when using Outlook with IE11 web engine
  • Increase API timeout to Core
  • Better default language detection

Changed

  • Enable secure flag for session cookies
  • Increase SAML allowed clock skew to 15 seconds
  • Open support links in new window

[2.8.8] - 2022-05-31

Note: For LDAP login, TLS verification is forced by default when LDAPS/SSL connection is not enabled.?Make sure to install any custom CA or disable TLS verification.

Added

  • Add support to set SAML metadata XML offline in Installer, without using autoconfiguration URL
  • Add support to use external redis server
  • Add support to set moderator password from Outlook add-in
  • Add support to follow ldap referrals

Fixed

  • Fix moderator PIN code copy for static meeting rooms
  • Fix moderator SIP uri in meeting details
  • Fix flatblock search in backend admin
  • Fix formatting of dialout system directory search
  • Fix updating PIN-code for static meeting rooms
  • Don't close login wizard when using dialout from address book search

Security

  • Upgrade django, openssl, libssl1.1
  • Related CVEs: CVE-2022-28346, CVE-2022-28347, CVE-2022-0778

Changed

  • Add help text for canceling meeting + cancel link
  • Lookup LDAP servers alternatives using SRV query
  • Always try to start TLS connection to ldap server when not using SSL/LDAPS
  • Set default timeout for API requests, log errors
  • Don't prefill user email address in invite form when using Outlook add-in

[2.9.0-beta2] - 2022-05-31

Added:

  • Add support to set SAML metadata XML offline in Installer, without using autoconfiguration URL
  • Add support to use external redis server
  • Add support to set moderator password from Outlook add-in
  • Add support to follow ldap referrals

Added, secure meeting:

  • Add new SSO authentication variant that only allows SSO from Connect
  • Add new SSO authentication variant that allows all SSO/eID login in Connect
  • Add support to toggle if moderators and participants should have separate agendas
  • Add support to toggle if "send using other program" should be visible
  • Add support to override organizer email address for specific secure meeting types
  • Add support to override labels of authentication variants

Fixed:

  • Increase max length of SMS invite text
  • Fix moderator iCal file-download
  • Use correct location field for secure moderator iCal-requests
  • Fix wizard step count for webinars if meeting type has been modified
  • Fix update of secure meeting
  • Don't display meeting invites in sidebar for cancelled meetings
  • Use secure meeting login url as both iCal location and description for organizer
  • Fix meeting callback for Outlook add-in running on mac desktop
  • Don't close wizard when adding dialout from address book search

Security

  • Upgrade openssl, libssl1.1
  • Related CVEs: CVE-2022-28347, CVE-2022-0778

Changed:

  • Treat SAML and LDAP email field as verified to connect to static meeting rooms
  • Bypass join meeting-lobby when connecting to secure CMS meeting
  • Update meeting data after settings update
  • Change name of session cookie
  • Add help text for canceling meeting + cancel link
  • Lookup LDAP servers alternatives using SRV query
  • Always try to start TLS connection to ldap server when not using SSL/LDAPS
  • Moderator invite text will always be generated if moderator status is set to Yes in backend admin, only if lobby pin checkbox is checked during scheduling if set to "Unknown"
  • Sync meeting types on version upgrade
  • Hide SMS tabs if no SMS provider has been configured
  • Change default secure meeting auth types
  • Display "cancel meeting" confirmation in dialog
  • Limit console log output of personal authentication information
  • Hide agenda information tab for secure meetings if agenda is not enabled in wizard
  • Keep default meeting subject if no subject has been provided in Outlook add-in

[2.8.7] - 2022-05-03

Fixed

  • Fix listing of personal video conference system if only using H323

Changed

  • Allow 3 second time drift between servers for SAML authentication requests
  • Don't display recording menu if customers recording provider does not support playback
  • Add space between sip uri and web url in iCal location

[2.8.7-rc1] - 2022-04-22

Added

  • Addressbook search from Mividas Rooms
  • List users personal endpoints in dialout form for easier access
  • Log SMTP errors
  • Display more moderator connection details on meeting tab

Fixed

  • Dialout to personal video conference system
  • Fix missing translations

Security

  • Stop accepting unsolicited SAML logins. NOTE: this breaks idP-initiated logins for now
  • Upgrade libzma5 and gzip
  • Related CVEs: CVE-2022-1271

Changed

  • Populate user given name from SAML
  • Include default SAML claim names from ADFS
  • Increase log verbosity for ldap logins
  • Join as moderator when pressing join-buttons as default
  • Bundle all office.js-files for Outlook add-in for supporting airgapped environments
  • Use Sent-By for meeting iCal-request for moderator to make invite show up again in some Outlook-versions
  • Send iCal-request for meeting cancellations
  • Redirect to login page and return after submit when trying to opening a protected URL__

[2.9.0-beta1] - 2022-03-02

Added:

  • Support for end user authentication before joining meetings (separate license and Mividas Connect edge service is required)
  • Add support to modify meeting templates from backend admin
  • Add support to use static meeting rooms using user email address instead of MCU user object
  • Add support to schedule all meeting types using Outlook plugin (v2)
Print page

On this page