OpenTalk v25.2.2 released
Wolfgang Silbermayr
w.silbermayr at opentalk.eu
Mon Sep 8 14:44:37 CEST 2025
We are happy to announce a new OpenTalk release.
This release addresses a security flaw that was identified by the development
team. Please install this update if you run an earlier version of OpenTalk
v25.2.
Please see the release page [0] for the HTML version of the release notes.
-------------------------------------------------------------------------
OpenTalk v25.2.2
-------------------------------------------------------------------------
Release notes
Security measures against eavesdropping
An attacker can re-join the meeting without being noticed, and continue
to receive media streams after they left. This can not be prevented
entirely with the current technology stack, but it can be detected.
To mitigate eavesdropping, the presence of unrecognized participants is
now detected and a warning is shown to the other participants in the
conference.
The attack requires access to a meeting room, either by being
authenticated, or by an invite link.
Browser compatibility
Only browser versions with support by their vendor are listed in this
matrix. We might add newer versions of browsers that are released while
the OpenTalk 25.2 release series is supported.
Browser System Version Camera Blurring Screen Share Audio UI/UX
Chrome Desktop 136 ✔️ ✔️ ✔️ ✔️ ✔️
Chrome Android 136 ✔️ ✔️ ❌ ✔️ ⚠️^1
Edge Desktop 134 ✔️ ✔️ ✔️ ✔️ ✔️
Firefox Desktop 139 ✔️ ✔️ ✔️ ✔️ ✔️
Firefox Desktop 128 (ESR) ✔️ ✔️ ✔️ ✔️ ✔️
Safari MacOS 18.5 ✔️ ❌ ✔️ ⚠️^2 ✔️
Safari iOS 18.5 ✔️ ❌ ❌ ❔ ⚠️^3
1. mobile layout is flawed
2. no track update on unfocused tabs (‘mute’ participants)
3. mobile layout is flawed
-------------------------------------------------------------------------
Component versions
Category Component Version
Frontend web-frontend v2.5.6
Services controller v0.30.3
Services obelisk v0.20.3
Services recorder v0.15.1
Services smtp-mailer v0.14.0
Integrations outlook-add-in v0.2.1
Documentation ot-setup v25.2.2
3rd-Party Components ot-spacedeck v2.0.1
3rd-Party Components ot-etherpad v2.0.0
3rd-Party Components livekit-server v1.8.4
3rd-Party Components keycloak v20.0.5
3rd-Party Components postgres v15.12.0
3rd-Party Components rabbitmq v3.13.7
3rd-Party Components redis v7.4.2
3rd-Party Components minio RELEASE.2025-02-28T09-55-16Z
-------------------------------------------------------------------------
web-frontend v2.5.6
🐛 Bug fixes
* Display user reports in glitchtip ui (!2430)
web-frontend v2.5.5
🐛 Bug fixes
* (popout) Suppress eavesdropping notification (!2405)
* Black screen when hidden participants share their screen (!2420)
web-frontend v2.5.4
🚀 New features
* Use AudioContext for EchoTest (!2371)
* Add wiretapping user notification (!2363)
🐛 Bug fixes
* Audio activation in lobby (!2371)
* (popout) Ensure media streams work reliably and avoid triggering
eavesdropping notification (!2382)
* Show active speaker in full screen when no participant is selected
(!2373)
controller v0.30.3
🐛 Bug fixes
* (db) User creation race condition which is still present in database
transaction (#1094)
obelisk v0.20.3
🐛 Bug fixes
* Use workaround to include padding in STUN attribute value lengths
(!304)
outlook-add-in v0.2.1
🐛 Bug fixes
* Suppress e-mail when creating or editing events (!119)
* Fix screenshots file type for publiccode.yml (!121)
⚙ Miscellaneous
* Add publiccode.yml file (!120)
ot-setup v25.2.2
Changed
* Update container image versions related to the product version
v25.2.2.
-------------------------------------------------------------------------
[0] https://docs.opentalk.eu/releases/25.2.2/
More information about the Opentalk-announce
mailing list