|
|
|
|
Changelog for ZoneMinder-1.37.61+git599.g75cd5e616-lp155.37.1.x86_64.rpm :
* Tue Oct 15 2024 Joel Baltazor - update to latest github master branch 1.37.61+git599.g75cd5e616 * Fri Oct 11 2024 Joel Baltazor - .spec file updates to clean up some warnings/errors for Tumbleweed builds - Add logrotate as Recommended package - Convert from %patchX to %patch -PX * Fri Oct 11 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git597.gf1a72c909 * Fri Sep 27 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git511.gd1c140e0a * Fri Sep 13 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git404.g0af441912 * Fri Aug 09 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git293.gc294ad09f * Wed Jul 17 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git265.gcec6723f1 * Thu Jul 11 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git226.g6c6fa74f2 * Mon Jul 01 2024 Joel Baltazor - Updated to latest github master branch 1.37.61+git185.g47eff20c1 * Mon Jun 24 2024 Joel Baltazor - Update to the latest github master branch 1.37.61+git168.g3b084bebb * Wed Jun 05 2024 Joel Baltazor - Update to latest github master branch 1.36.15-3824-gdeca02c3e * Sat Feb 25 2023 Dirk Hartmann <2monexAATTgmx.net>- Move detection of php version into post install section. * Fri Feb 24 2023 ecsos - Update to 1.36.33 - Sanitise attr input in FilterTerm to prevent SQL Injection. Fixes GHSA-222j-wh8m-xjrx - Add object-src CSP directive to help prevent XSS - db: Add helper for escaping strings and use it on username retrieved from jwt to prevent SQL injection - use detaintPath on modal to prevent including other files instead of real modals - Check for valid date in minTime and maxTime to prevent SQL attack - Introduce check_datetime function to validate dates - Attempt to sanitize daemon and arguments before executing commands to prevent executing other programs. - Use validCardinal on MonitorId when creating snapshots to prevent executing other commands - Adjust size of text inputs MonitorName and Source Path Filters to match chosen inputs - test for existence of username in session to prevent error outputs when using AUTH_RELAY=plain - Move actions process to after the unauth check to prevent actions happening when unathentication - Fix detaintPath not stripping sequences like ..././ - Escape <> in log messages to prevent html shenanigans. Fixes [#3596] - Don\'t start the statusCmdQuery on streaming start, because it is used when doing still updates. If we start it too fast, zms may not have started yet, causing errors in logs about zms - Set a short expiry 1min and set the cookie name to include the filter so that each and every filter gets it;s own pagination saved. Fixes [#3510] - Use reload instead of restart on zone save - Add reload to monitor zmcControl - Stop streams when clicking cancel/Save so that we don\'t log errors trying to access a dead zms. Fixes [#3643] - Adding :80 to address is not worthy of an Error log, fixes warnings in logs from various PTZ scripts - Add a sleeping flag so that when we get sigterm, we can just exit instead of returning to the sleep. Speeds up zoneminder shutdown - fix format endtime on events list on watch view - Include command line in debug output when generating images - Fix missing/corrupted pre-alarm frames in recording. Fixes #3656 - Remove test for Enabled on monitor. Motion detection being disabled has nothing to do with manual triggering. Fixes [#3657] - Allow viewing of events whose Monitor[Function]=None - Remove stripslashes when saving config values. The values in REQUEST have not been escaped, so strip slashes is not appropriate. Fixes [#3655] - Apply chosen styles to dropdowns in Options, allowing text search - Queue packets instead of packet locks in event thread. Since we are using std::shared_ptr and not modifying the packet, should not need locking. Also, locking in one thread and unlocking in another is apparentlyundefined behaviour and doesn\'t work infreebsd. - fixes for freebsd - Don\'t wait for decode in Analyze, fixes some hangups on logrotate/shutdown - Hide timestamp caption from bottom of video.js event view. It serves no purpose. Fixes [#3488] - Add 2>&1 to command to delete event dir so that we get error messages logged. - Move code from Event to Storage to implement delete_path() - Use ajax() instead of getJSON with no timeout when deleting events. - Update monitor preset view: Use a submit button instead of input with javascript. Remove no longer needed js code. Sort presets by Name. - Fix saving Server modal. Form was incomplete, action and view were duplicated. Don\'t need javascript just use the submit button Save. - Improve info when moving event to show source and Dest paths - Remove dead code from report_event_audit.js - Use Y-m-d H:i:s instead of c for date formatting to match what datetimepicker expects. remove unused action input and put view in the get part of form action - Add styles to table headers to left align them to match the body * Mon Feb 13 2023 ecsos - Let Leap use php8 also.- Remove BuildRequires of php%%{php_major}- * because not need to build. * Wed Jan 25 2023 ecsos - Let Tumbleweed use php8. * Sat Nov 19 2022 ecsos - Update to 1.36.32 - More properly fix the alarm status api changing. The previous hack broke doing alarm on/off. - fix handle of SQL generation of IN array when array is empty. Just always return false. - Fix test for null in Object::find - Make inputs on filter action table 100% - Fix Warning when monitor is not visible - Switch to utf8mb4 to support 4 byte unicode Fixes [#3514] - Make search input the same size as other toolbar elements - Remove deprecated CAMBOZOLA references - Update Monitor symlinking, improving deleting old link when changing name - Fix zone deleting and fix an extra comma in default coordinates - Add libswscale6 and libswresample4 dependencies for ubuntu kinetic - Remove return type from session class methods. not supported in php5.4. Fixes breakage on centos7. Fixes [#3622] - Fix recalculating Event Disk Space a second time when updating. - Set xhrFields: withCredentials: true so that we send cookies with our streaming xhr requests so that we pick up new auth hashes - Add Access-Control-Allow-Credentials: true so that we can pass cookies along with xhr requests. - Add Cause, Notes and EndDateTime to available columns in events list on watch view - Make button on Filter Debug modal be Close instead of Cancel - Handle empty but defined REQUEST[action] - replace php Memcached with Apc on Fedora - Allow MonitorName as default sort field as well as Monitor - Try out just using connkey as the semaphore key instead of ftok in ajax streaming requests - Turn back on error_reporting, just don\'t display the error in json ajax requests. - Check for return value of openEvent. Fixes crash when openEvent fails - Fix infinite recursion in montagereview - Add error message when minTime >= maxTime in montagereview - Fix crash in zmfilter DiskSpace Update when Event doesn\'t exist - Make .form-group styles export page specific because they are affecting layout in modals - Cleanup the state modal. Fix form post - Set web backend db connection to utf8 Fixes [#3631] - implode the output from zmu to fix php complaint abou array to string - convert strings into integers before doing math as of php 8.2 Fixes Unsupported operand types: string - int * Tue Oct 18 2022 ecsos - Update to 1.36.31 - Fix failed login due to remoteAddr not being populated in session after regeneration - Use REQUEST instead of SESSION to store the post login redirect because we clear the session on login. Fixes [#3517] - Turn off logging of deprecation notices so that we work with php8.2- Update to 1.36.30 - Test for definition of ZM_LOG_INJECT. We don\'t include the config when not logged in. So it won\'t be defined and an error will be logged - Fix saving from the function modal (and other modals) - left align option value column - when a config value is overridden via *.conf files, put up a warning/explanation on the options view - Turn failure to send into a debug instead of warn. When running under fpm etc we may not get SIGPIPE. - Move relevant code out of includes/actions/auth.php into includs/auth.php. Fixes inability to login using GET method. - Don\'t panic if no font file found. We seem to be able to continue without it. - Rework session handling to fix breakage with php8.2. Please note that php 8.2 still completely breaks a ton of our code. Do not upgrade to php8.2 and expect ZoneMinder to work. * Wed Oct 12 2022 ecsos - Update to 1.36.29 - update web/ajax.log.php to contents from master. Fixes errors causing log view to not work. Fixes [#3606] - use ajax() instead of getJSON so that we can specify no timeouts.. This prevents log queries from stacking up overloading the db - Check for definition of CAMBOZOLA defines. The purpose is just to ease running the 1.36 UI against a 1.37 database. - Added option ZM_AUTH_CASE_INSENSITIVE_USERNAMES to match mixed case Usernames to lower case usernames in database [#3516] - Move LIBAVCODEC_VERSION_CHECK so that it is defined when the include files are under ffmpeg. Maybe fixes build with 5.1.2? - Test for matches[operator]. Fixes [#3607] * Sat Oct 08 2022 ecsos - Update to 1.36.28 - Add ZM_LOG_INJECT config parameter to disable unprivileged log injection through api. - Check value of System:Edit permission and ZM_LOG_INJECT to disable ajax log injection. - Use canEdit[\'System\'] and value of new ZM_LOG_INJECT to disable attempting to inject javascript errors into zm logs - The above 3 Fixes GHSA-cfcx-v52x-jh74 - Fix Monitor => monitor in zmwatch causing crash in zmwatch - update storage modal to fix buttons not being in form. Also remove duplicate view field and make button action be save instead of Save. Fixes [#3605] * Fri Oct 07 2022 ecsos - Update to 1.36.27 - Use zm_setcookie, which will automatically set samesite on the session cookie. Maybe fixes [#3517] - commit to free up locks when there is an error doing MoveTo (like does not exist on disk). Also remove commit from CopyTo which does no transactions/locking. - Use y instead of Y for path generation when using Deep scheme. Fixes [#3583] - Add spans and title attributes on the title h2 parts of frame view so that on mouseover it tells you what the numbers are - Update frame view js to use const etc instead of var. Put back EventId and FrameId in stats being links and fix FrameId not being populated. If no stats available disable the stats button and use the title to explain why. - In failure state populate imageData array to reduce output php errors in frame view - Add connkey and semaphore key to logging about failure to get semaphore. Add sem_release before every ajaxError call because ajaxError exits and so we never release the semaphore. - fix not saving v4l settings. - Only warn about event exceeding section_length if we are not using close_mode=TIME. Fixes [#3599] - make OutputCodec work in API Maybe fixes [#3341] - Handle filter[query] not being defined - Fix export not working for filter due to limit set to 0. - Only look for action if there is a view. Prevents lookup of a non-existent file. - Include monitor Id in zmwatch logs, for consistency as well as utility - Escape File parameters when inserting log to prevent XSS. Related to fixing [#2466]. Fixes https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h6xp-cvwv-q433 - Only perform actions on post. Doing them on GET allows doing actions without CSRF from things like img tags which is not good. Fixes https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-xgv6-qv6c-399q - Upgrade jquery to 3.6.1 - Update jquery-ui to 1.13.2 to remove reported dependency advisory - Fix missing STATE_UNKNOWN in perl libs causing missed events in zmes. - Add permissions checking to API/Logs. Fixes unprivileged user being to add/edit/delete/view logs. Fixes https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-mpcx-3gvh-9488 * Fri Sep 16 2022 ecsos - Update to 1.36.26 - Fix [#3580] Export page broken due to type on dateTimeFormater => dateTimeFormatter - Restore the integer value returned for status on API MonitorsController to per 1.36.16 value. The values got shifted due to making 0 = Unknown instead of -1. - Only init the bootstrap table of events on watch view if the user has permission to view events. This prevents endless logging of insufficient permissions errors. - Add fade to the logout modal which for some reason fixes it not showing after a cancel - Specify that only main page content tables should have the first column be min-width: 300px. This was affecting the logout dialog table content when viewing the monitor edit view. - fix export from event view - Only try to set TIMEZONE when loading dateTimeFormatter if it is set and handle the exception when any of TIMEZONE or LOCALE are invalid. - Fix values in LOCALE_DEFAULT dropdown in options. - Add libio-interface-perl to dependencies. Fixes [#3577] - Show the Reboot control when it is enabled without wake, sleep or reset. * Wed Aug 31 2022 ecsos - Update to 1.36.25 - add build for ubuntu kinetic - fix javascript error on zone edit - fix deprecation error on php8 due to implicit conversion to integer when displaying event duration - Update ZM_MIN_RTSP_PORT description - fix some javascript errors during page transition - Ignore errors when decoding log message - add detection of out of order packets from ffmpeg - Keep track of max_keyframe_interval and log it when complaining - fix hang during logrotate due to waiting in packetqueue for decode - Remove warning about maxImageBuffer. Will be handled better in queuePacket. - Fix snapshot jpeg not being created early enough - finally fix (we think) hung zmu/zms processes due to race in db thread creation. - Update material icons to v1.11.10 - Add a button to event view to jump to this event time in montage review - fix different button heights when using font awesome vs material icons - Add a back to frames button from frame view - Use HTTP_X_FORWARDED_HOST or HTTP_X_FORWARDED_SERVER if present to get correct hostname to use when behind a reverse proxy. - Handle case where time_base is not set in the codec. Fixes h265 not playing through zms - When there are less than 3 storage areas, just list them in the header instead of making it a dropdown - fix problems with migrateHash * Sat Aug 06 2022 ecsos - Update to 1.36.24 - fixes failure to build due to missing ffmpeg include in zm_packet.h - add -x option to zmu to get monitor triggered status. - fix deadlock when doing logrot when analysis is waiting for decode. We do this by notifying each packet in packetqueue::stop. - Revert \"Sync up with c++ shm alignment to fix same size of 32bit\" - Fix hang due to not increasing iterator for audio packets. - Fix memleak due to not deleting okpt in VideoStore destructor * Fri Aug 05 2022 ecsos - Update to 1.36.23 - Fix failed build - set timezone when initializing IntlDateFormatter * Fri Aug 05 2022 ecsos - Update to 1.36.22 - Make proportional zoom and movement work for AxisV2 API - remove padding from ptz buttons making proportional zoom/pan not work right - Fix memleak - reduce debugging calls - include reorder_queue_size setting in warning about out of order dts - Sync up with c++ shm alignment to fix same size on 32bit - improve warning about MaxImageBuffer size being smaller than keyframe interval - Fix ever increasing duration in event list - fix javascript console log about leaflet not being installed - Fix event listing for filter involving AlarmedZone rule. - Fix logic inversion causing Filters involving DiskPercent rules to still hit the database - Fix too much logging about finding locked packets - Fix segfault when audio stream is present but not being recorded - when a new auth hash is generated, don\'t reload the image stream, just update the global var to be used if the image stream breaks. * Sat Jul 23 2022 ecsos - Update to 1.36.21 - revert change that breaks compile with ffmpeg 5 - Only do the vsnprintf if the log is actually going to to happen (minor performance improvement when ffmpeg logging is enabled) - Fix memleak when not doing passthrough - Convert missed strftimes to dateTimeFormatter. Fixes [ #3526] - Remove remaining locale stuff from language files- Add mysql to BuildRequires to fix install error: file /etc/my.cnf.d from install of ZoneMinder * conflicts with file from package mariadb * * Wed Jul 13 2022 ecsos - Update to 1.36.20 - When deleting events add a progress ticker and delete in chunks of 10 so that deleting a lot of events works. Fixes [#3444] - Fix semaphore getting failing when php doesn\'t have semaphore support - Handle php versions < 5.6.1 which don\'t have non-blocking semaphore fixes flashing streams with lots of errors in logs - Escape single quotes in config values. Fixes broken UI due to broken js. Fixes [#3508] - replace all uses of strftime which was deprecated in php8.1. So we now work with php8.1. - introduce new date formatting code and a locale setting separate from language. Allow full customisation of date/time formatting. Fixes [#183]. You likely want to specify Options->System->DateTime Format as the default will include timezone information. One example is: yyyy/MM/dd HH:mm:ss - Format the output of getLoad to two decimal places - Add a reorder_queue to videostore. This is needed if you are getting out of order dts errors in your logs. Use it by adding a reorder_queue_size= to EncoderOptions. I think a good value is something like the keyframe interval. Have had good luck with a setting of 10. YMMV. - Center the up/down arrows in console Mark column - Don\'t turn \'0\' into \'\' in monitor edit - Use Content-Security-Policy: for all views instead of Report-Only - fix possible packetqueue hang on logrotate - Don\'t cache_bust bootstrap, because it loads the .map and logs an error - Remove dependency on php-apc - Add php-intl as a dependency - fixes to viewing h265 videos as mjpeg including - remove username/passwords in logs instead of just masking them, as masking gives info about length. - translate more strings in the UI- Changes to 1.36.19 - No changes, just a version bump to satisfy the PPA. * Mon Jun 06 2022 ecsos - Update to 1.36.18 - use zm_setcookie function to save MontageLayout value. fixes new layout not being automatically chosen on save. - fix editing a montage layout. For some reason removing onclick event isn\'t working, so use a global state variable instead. - fix multiple linked monitor or group selection by not trimming values of select elements - Add Private field to config (from master). Do not include private config entries in javascript client side. - Do not include config in javascript client side if not logged in. * Tue May 31 2022 ecsos - Update to 1.36.17 - Small adjustments to sizing/placement of shutdown button, status button and account text - Implement CTRL-click on montagereview to open event in a new tab/window - report errors from saving a new monitor to ui - Put back click on image in montage to bring live view - fix errors saving a new monitor - fix image scaling on live view/cycle/montage - implement ctrl-click on montage to open single live view in a new window/tab - implement semaphore retry when talking to zms - don\'t delete .sock files in zms which should reduce zms errors - start streams in single jpeg mode and then have monitorStream turn them on to streaming * Sat May 28 2022 ecsos - Update to 1.36.16 - Fix packetqueue not emptying and deadlock in event writer - fixes to build on ubuntu bionic - Set samesite for session ZMSESSID cookie for php < 7.3 - Fix numbering of State enum - more fixes to scaling and image loading in watch/montage/zones/zone - fix lots of zms errors in logs - fix broken audio storage - fix zmc getting restarted if decoding falls too far behind - fix export - fix crash when zone is entirely out of the image - stop the dbqueue before closing logs. Fixes zms/zmu hangs - Only keep ZM_COOKIE_LIFETIME entries in Sessions. Prevents millions of sessions from preventing the logout modal to load. - fix password entries not being upgraded on login. - debug log the keyframe interval found in the packetqueue - Don\'t delete socket in zms as it is a race condition. - remove lots of debug - Introduce System setting in config entries which makes them only settable in /etc/zm/.conf files. This is to prevent remote code execution by setting ZM_PATH_FFMPEG. - Use Content-Security-Policy: for all views instead of Report-Only. This prevents an XSS attack using ZM_HOME_CONTENT - fix apache complaining about bad headers when using zms instead of nph-zms and getting a 403. - queue stream requests so that only 1 runs at a time. - Merge MonitorStream features from master. - Update montage layouts to fill the available space - when streaming, start with single image and use javascript to start up the stream and ajax status requests. Fixes brokenness with 4k cameras - The entire configuration is now available to javascript land as constants - fix the border changing colour on alarm etc. - When clicking cancel on zone edit, go back instead of reload - fix duplicated action on force/cancel alarm buttons on watch view - Don\'t update DiskSpace with a 0 value when listing events. This generally happens with missing events and causes too much contention on the Events and summaries tables - Fix centering when zooming when clicking on image and improve fidelity - zoom by 10% instead of 25% and remove the limit so you can now zoom in forever.- Rebase zm_database_default_config.patch. * Fri May 13 2022 ecsos - Update to 1.36.15 - Merge AATTalabamatoys\' work to add focus controls to Amcrest PTZ - Ensure rate is an integer when coming from cookie. Remove commented out rate display. - INF logging of alarm frames in alert state changed to debug - remove error about last analyse time being zero, which is very common on startup. Not an error. - Fix issue with leftover zms processes - Rough in a queue and a thread into the event to process packets. We do this so that the event creator can get back to analysis as fast as possible so as to avoid the packetqueue filling up. - Fix FFMPEG5 build - Introduce mask_authentication function to replace username and password with * in url like strings - Fix lockups due to lack of locking around terminate_ - Merge more code from master fixing up when to clearPackets, don\'t delete image data if we have an event etc. - Fixes to layout and scaling of image stream on watch and montage cycle and zone edit views - auto-select layout instead of defaulting to Freeform. - Fix problem viewing stream in Safari - Rename Scale To Fit to Auto. Fix logic when selecting Width/Height/Scale/Layout - trim whitespace at beginning and end of monitor settings - Add support for Ubuntu Jammy - Reduce warnings logged when the packetqueue is full - Make a warning into a debug in zmdc when restarting a process. - Merge UpdateCaptureFPS and UpdateAnalysisFPS into 1 SQL Update - Change zms to stick around and wait for zmc to come back - Disconnect and Reconnect in PrimeCapture instead of in constructor and destructor. Fixes camera not reconnecting when using Remote RTSP - Move CMD_ defines to skin.js.php so that they are available everywhere - Remove loading=lazy as it causes problems with ajax Querying - Set width of 200px for cycle sidebar - remove :\'s in labels cycle header to be consistent - handle undefined HTTP_REFERER, and escape zone name in zone edit - Merge from debian patch 0001-Adapt-apache2.conf-to-work-out-of-the-box.patch - Use toLocaleString to format fps values with 1 decimal - Fix points not unhighlighting onmouseout on zone edit - Fix lockup on logrot by not releasing the event lock - Remove timeout on ajax call to generate the zip. Fixes [#3264\\ - Improve error message when sws_scale fails - Set samesite for session ZMSESSID cookie for php < 7.3 - Don\'t assuming we want to communicate with zms if streaming. - Introduce packetqueue::stop which just sets the deleting flag and sends out a notify. - We have to update start_usec not just start. Fixes [#3439] * Tue Apr 05 2022 ecsos - Update to 1.36.14 - Fix test for chrome version 7 by not including periods. Fixes broken event with new Chrome - more fixes for compiling against ffmpeg5. Doesn\'t yet compile though. - fix broken PTZ - remove debugging for displaying ram use estimate in monitor * Thu Mar 31 2022 ecsos - Update to 1.36.13 - Change a warning to a Debug when getting the latest image using zmu - Updates to Axis PTZ script adding support for getting details from Path and fixing support for older cameras - Fix for update script for 1.35.25 and DayEventDiskSpace - include user and function error message about insufficient permissions. Will make it easier to figure out who tried what. - Fix for crash in CSRF - Fix missing text-right align on Port/Path labels. Set step to 1 for Port - Remote RTSP camera. - Fix fail to get Sources in Remote RTSP - Fix compilation with ffmpeg 5.0 - Implement filter limits. Which go before pagination/advanced search limits - Fix do_debian_package build script for version = CURRENT style versioning. - Implement a check on change of language. Make sure that the specified language file exists. Reports errors to UI - Test for valid language file when saving user. - add styling for errors reported to ui and include the errors on options view - Fix zmu device probing - Change title of v4l settings button to give an indication WHY it isn\'t enabled - Convert Fatal()s to Errors() in image viewing. Maybe Fixes [#3426] - Include EndDateTimeShort in event stats - Handle empty endtime (in progress event) more gracefully. If there is a next event just jump to it. - locking fixes that caused hung zmu and zms processes - Set mysql character set to utf8 explicitly to support chinese characters (or other special characters). - escape html in Storage names - fix auth\'d user information being saved to session before switching session id\'s leaving bogus authenticated user in previous session. - Fix potential XSS from Username - Add a pattern filter for Usernames, Group Names and Storage Names to prevent invalid characters and XSS - Add NOT IN case to filters. Also, fix bad SQL when value evals to false. Test for empty string instead. Fixes [#3425] - Fix CURL monitors - Fix event view corruption caused by changes to the sendfile system call.Fixes [#3437] - Add useful title to frame image telling us which we are looking at - Allow empty sort field when listing events - Fix error in PTZ control code when no speed has been defined. - Allow editing of admin user. - Add more of the resulting SQL to the filter debug modal - Make filter debug modal work on non-saved filter - improvements to Event module implementing a Server() function which figures out which Server likely has the video. Use it to remove duplicate logic - improvements to Zone module Add numCoords, Coords, Area, AlarmRGB to Zone object. Also add Points(), AreaCoords, svg_polygon - Implement zm_setcookie to simplify setting cookies, set samesite, deal with older php etc - add loading=lazy to most images to improve page loading - Don\'t both running zmu if monitor Function is set to None - Add mp4 as an option for generated video and make it the default instead of avi - Set some new more sensible defaults for various settings including logging, navbar refreshes, full page refreshes and ajax timeouts - Big update to Control.pm - Fix for Netcat PTZ using x=0 y=0 for autostop in addition to old stop movement code - Implement reboot and ping methods for Trendnet PTZ Control - rough in Url, UrlToZMS PathToZMS PathToIndex, UrlToIndex UrlToApi PathToApi in SERver object - reduce debug logging in zmaudit + There are fixes in here for 3 vulnerabilities: - Remote code execution by specifying an invalid language found by Krastanoel. - Stored XSS in Username field found by Tester Tester - Session Fixation problem found by Tester Tester. * Sat Feb 05 2022 ecsos - Fix build error in Leap: \"conflict for providers of systemd-mini = 246.16-7.33.1 needed by udev-mini, (provider systemd-mini conflicts with systemd)\" * Sat Dec 11 2021 ecsos - Update to 1.36.12 - Allow NOW or CURRENT for PACKAGE_VERSION similar to snapshot in do_debian_package.sh - Fix lack of scaling when TIMESTAMP_ON_CAPTURE is off - Fix deleting from event view. - Pause streaming before delete to prevent errors being logged due to missing files - documentation fixes - Fix NULL and add special 0 case for Storage area specification in filter - Handle bug where a value of \'\' will prevent special case handling in filter rules - Allow \'\' to mean NULL when specifying Storage Area - include monitor dimensions when logging about zone mismatch - Remove text-nowrap from cause/notes column - If we are starting a process that is waiting to term, mark it to get started by the reaper. Fixes case where zmdc thought the process was still running and so didn\'t start it. We never noticed because zmwatch would eventually notice. The result is instant restart. - kill the background timer when switching to history so that we don\'t cause a javascript error - Detect group hierarchy loops and break them. - clear the monitors array before terminating log. Might fix zmu hangs - Add auth relay to status ajax request fixing logged 404 error - Wait for closeEvent thread to finish. Fixes unfinished event when zmc told to restart - Fix libvnc_camera so that we don\'t crash on Reload - Fix build on FreeBSD/armv7 * Thu Nov 18 2021 ecsos - Update to 1.36.11 - fixes to do_debian_package.sh - Fix Event count subsitutions in emails - Fix locking in CopyTo and MoveTo filter functions - Fix super fast playback after switch to next event - Allow orderings set by filters to work in event listing. Fixes [#3348] - Handle auth to mysql problems during postinst more gracefully - fix validInt to take negative integers. Introduce validCardinal to handle positive integers - Put back generate video button in event view - Add Debian 11 (Bullseye) install docs - Italian translation updates - set rows on email body textarea - Restore download buttons behaviour on event view. It should just download the mp4. - fix javascript error if download button doesn\'t exist because there is no mp4 - Set Locale for time to en_GB.utf8, changed STRF_FMT_DATETIME_SHORTER to %x which is locale aware short date - Fix filters not deleting - Make delete dialog disappear on success. Fixes [#3377] - Set character set as utf8 when connect to mysql to avoid mistakes when there are Chinese characters in storage path. - Fix event listing when not paginated. - Fix logged errors when av_write_trailer returns a positive value - alert error message when an error is returned instead of rows in events list ajax - Report error if sql fails. Add check for access to specific event in events listing - Set zm_terminate on crash so that other threads exit instead of continuing - Don\'t exit(0) on QUIT in zms. Instead set zm_terminate=true so that all the cleanup routines run. Fixes swap files not being deleted. - fix build on posix/musl - Add privacy to options tabs so we can get back to it. - Send all stats rows instead of just 1 so that you can view stats for all zones - implement UrlToZMS in Monitor.php - implement Event::canEdit - When saving v4l settings redirect back to watch instead of console. - Add title to Download button so you can see the expected filename. * Thu Oct 28 2021 ecsos - Update to 1.36.10 - Set shm->valid to false on disconnect. Fix linked monitors stopping after a while - Documentation update regard WEB_TITLE - Corrections to filters when using row locks. An error would commit, ending the transaction and locks. - Fix monitor type labels by adding an Unknown for entry 0. Implement Function_Strings. - Fix decoding_enabled not being recalculated correctly because we havn\'t loaded savejpegs or videowriter yet. - Fix logic ordering in db 1.35.14 update that moves columns from Monitor table to Monitor_Status - set vertical-align:top on monitor edit labels - We now delete a non-keyframe from head instead of waiting in capture. This should fix lockups when MaxImageBufferCount is too low.- Changes from 1.36.9 - fixes to do_debian_package.sh - Test for existence of AutoEmail and AutoMessage. Fixes [#3369] issue 2. - Improve debug logging of packetqueue cleaning - Improvements to export. Fix tar -v, should be tar --version. make table width:100% and iframe height 100%. Always show thumbnail of video. Show Id of event if no other links. generate Images frame content event if no jpegs but there is an mp4. Set timeout to infinity for generating export. Provide more feedback if it breaks. Fix ticker. - Fix loading logging importance adjustment. - always correct decoding_enable, as zms needs to know it\'s correct value. - Change commands used to set and goto presets in Floureon PTZ. Fixes [#3371] - Improve filter edit layout: Put actions and options in a div, remove hr\'s and style the resulting div to have the borders and clearing required. Make email options 100% - Only record when in modect or nodect. Linked monitors would cause a monitor in monitor mode to record - update man pages and typos- Use pcre2 instead of pcre because pcre is no longer being actively maintained. * Thu Oct 07 2021 ecsos - Update to 1.36.8 - Fix js error in montage review when using scaled mode. Fixes [#3351] - French translation updates - fixes to packetqueue locking which should reduce RAM consumption in certain cases. - Don\'t crash in rstp server when unable to create source - Fixed a bug in Image::Buffer that would return the wrong location in the image if the image had > 1 channels (and if the request were for x > 0) - remove useless commit in zmfilter.pl causing logged warnings - fix width=0px causing empty looking montage - Handle when SERVER[\'HTTP_HOST\'] is not set - allow values != -1 in setting Brightness, Contrast, etc in zmu - fix zmu in verbose mode reporting change in brightness when contrast was specified- Use current commits for plugins cakePHP and Crud. * Mon Sep 20 2021 ecsos - Fix error in logrotate script. * Tue Sep 14 2021 ecsos - Update to 1.36.7 - Add an example fail2ban rule - Email sending: fix html emails when using ZM_NEW_MAIL_MODULES. Improve debugging reduce Info logging - fix bug in zms causing failed image loading in zmNinja and anywhere a low maxfps was specified - Updated italian translation - add missing calls to update_function_pointers allowing SSE Blend functions to be used. Significant improvement to cpu use when doing motion detection. * Thu Sep 09 2021 ecsos - Update to 1.36.6 - Fix Archive FTP .zip filename not including monitor name. Fixes [#3304] - Correct the size of the Longitude and Latitude fields. Fixes [\\3311] - Optimise API by optionally not loading the Frames from db table - Handle the case when the monitor doesn\'t exist more gracefully and not crash. Fixes [#3316] - Fix for export zip crashing due to including non existent files. Fixes [#3313] - fix build for bionic due to missing libjwt-gnutls-dev - fix linked monitors not working after a random period of time - fix unimplemented viewing fps in live view. - fix fps display in live view when paused - Update Dark skin to look better - fix styling of shutdown button making it invisible - Support specifying the export filename by passing the export_root - Turn on export functionality for snapshots - fix save button on monitorprobe - zmu may still output results even if it encounters errors, so continue even if we have an error return status from zmu. - Allow specifying export Structure to get a flat zip - Fix deleting snapshots - When locking, use the results to reload the object fields fresh as they may have changed since the object was loaded. Fixes Archived events losing their endtime. - add export and download functions in snapshot. - Add defaults for AutoMoveTo and AutoCopyTo so that we don\'t get false changes when saving filters. Fix redirect after save. Re-null the Id of the filter object after temp execute so that we don\'t reference a no longer existing filter. - Change monitor->canView semantics so that a specified monitorId trumps the Monitors:None setting. This is so that the console can be hidden, but the group dropdown still gets populated. - When the selected layout is not freeform, calculate the ratio of computed size to stream source size to calculate a value for scale. Should reduce cpu use and bandwidth from zms - Fixed \'Call to undefined function Error()\' in control_functions.php - Only show thumbnail if Function is != None - add autoplay tag. Fixes [#3343] - Don\'t use AUTH_HASH_IPS when talking to zmu as it doesn\'t support that at this time. - Fix PTZ Diagonal cmds. Fixes [#3300] - add getMonitorStatuses function to return string values for status numbers - Fix building SQL for ExistsInFileSystem PostCondition. - Fix how we turn the rows into Event objects. - Fix value handling in ExistsInFileSystem post condition. - Add a 5 second timeout when setting suspending/resuming motion detection.Log errors appropriately - If we fail to suspend/resume, assume we need to disconnect/reconnect to the mmap - Fix usage summary in zmu, as there must be a space between -u and dbuser, etc - documentation and readme updates, fixing dead links - support for building with gitlab CI - add support for ubuntu impish - fixes in quoting default values in perl Monitor and Zone objects. - Return early if packetqueue is empty instead of getting the lock. Return early in clear() if we are not initialised - Make failure to resolve http remote monitors non fatal - Fix errors due to not stopping the dbQueue in zmu. Fix crash when querying v4l devices - LocalCamera: Add a missing include to fix FreeBSD build Fixes [#3330] - fix errors reported during adding monitors due to missing Importance member in Monitor object - Only suspend/resume motion detection if the monitor is doing motion detection- Run spec-cleaner. * Sun Jul 25 2021 ecsos - Update to 1.36.5 - fix logout modal not appearing when too many sessions in sessions table - fix remote monitors not restarting when Function = None leaving them running. - fixes to onvif zooming [#3295] - fix EndTime handling in Filters - fix sorting of in progress events when sorting by EndDateTime - Allow cakephp cache engine to be set during build - remove code to control analysis fps that sleeps as it is no longer relevent. Should help memory use. * Sun Jun 20 2021 Dirk Hartmann <2monexAATTgmx.net>- Move existing configuration in %posttrans to /etc/zoneminder during update, not yet perfect because it needs manual restart. * Fri Jun 18 2021 ecsos - Update to 1.36.4 - Fix revision of CRUD in submodule - Fix problems in zmstats.pl: Fix log deletion only ever deleting 100 entries when it should delete more in a loop. Add deleting more than 100 sessions. Fix loop not terminating on Ctrl-C - Add samesite when setting cookie for skin and css - Default to UTC when no timezone set so that montagereview continues working. Fixes [#3274] - Fix bug in onvifprobe when specifying interface - Remove 25x and 50x rate options in event view. Browsers do not support them. Add 16x which is the max. Fixes [#3284] - fix crash when in alert state with no event - fix some queue clearing cases that cause hangs - improve efficiency of getting packets from queue in decode thread. - fix timestamping not being done on all recorded frames - Fix renaming events [#3265]- Changes from 1.36.3 - fix incorrect filename causing tmpfiles.d config to not be installed for ubuntu focal and newer. Fixes [#3258] - fix heap overflows causing crashes - Apply height css to limit height of logout modal and apply overflow:auto to add a scrollbar if needed so that we don\'t have to scroll to logout.- Changes from 1.36.2 - fix behaviour of reverse and fast forward buttons. [#3251] - fix Cannot export events [#3250] - fix missing jquery.js in exported zip - fix DB log messages not being populated - add redirect so that Yes I\'d like to donate now goes to the zoneminder donate page - fix montagereview layout on firefox [#3249] - updated Chinese Traditional and Hungarian languages - fix build on debian stretch due to unsupported hwaccel code - Allow [] characters in url to work with ipv6. Fixes [#3261] - fix zm_update-1.28.99.sql to handle existence of other columns in Controls table. [#3260] - restore api behaviour for getting alarm status- Changes from 1.36.1 - Image: Fix a dynamic-stack-buffer-overflow when filling polygons - fix warnings not being displayed when saving a monitor [#3237] - API Add Event_Summary model so that it is included in monitor listing fixes [#3232] - Fix API does not work correctly for alarm operations when using username/password authentication [#3239] - event view: Fix status of delete button when archived. Change title to say that you can\'t delete due to archived - fix compile on centos7 - fix buffer alignment. Fixes [#3233] Video writer incorrectly encoding rotated monitor for h264/libx264 - fix packaging for hirsute- Changes from 1.36.0 * Filters - Moved event email options from global config to per Filter - Added user to run filter as, so that users without access to certain monitors can\'t just use a filter to access them. - Filters now have PreSQL and PostSQL conditions. The first Post SQL condition is ExistsInFileSystem. This can be used to cleanup after a crash instead of using zmaudit. - warnings on Filter edit page when you create a filter than can delete archived events. - Added Auto Unarchive function * UI Updates - bootstrap updated to version 3 - removed mootools - events list now uses bootstrap-table to enable a more modern powerful ui - scaled thumbnail on mouseover on events list - thumbnails with scaling on console - frames view updates to include stats information - many popups turned into modals - monitor edit is now a full view instead of popup - Zone edit is now scaled so high res cameras don\'t take the entire screen or more. - Added Estimated RAM use to Buffers tab in Monitors. - Monitor edit no longer form submits/reloads between tabs it just hides/unhides tabs using bootstrap nav. - Monitors can now have Latitude/Longitude associated and displayed on a map * General - New Monitor type VNC for recording desktops - better use of scaling when streaming to reduce bandwidth/cpu use - dynamic loading of vlc, curl and other libraries that might not be used. Saves ram - ONVIF probe can now select a network to scan - Sessions now stored in database - Event Summary tables reorganized to improve locking performance - Clicking on username in header will now list other logged in users if you have SystemView permission. - ZoneMinder will now try other Storage Areas if it can\'t create the event in the assigned area. - New Monitor Setting: Decoding Enabled/Disabled - /dev/shm mmap use decoupled from image buffering. You should set ImageBufferCount to 3 or larger. - mp4v2 deprecated and removed. - zma process has been turned into a thread of zmc. - Added second ffmpeg input stream for when audio is coming from another source. - added RTSP re-streaming - hwaccel encoding support for intel vaapi and nvenc - Use onmousedown/onmouseup for PTZ start/stop in PTZ controls. Amcrest is the only Protocol that supports it so far.- Move zoneminder config dirs from /etc and /etc/conf.d to /etc/zoneminder and /etc/zoneminder/conf.d- Rebase reload_config.patch.- Dop move-include-sys-uio.h-outside-defined-BSD-block.patch, because now in upstream. * Fri May 07 2021 ecsos - Update to 1.34.26 - Fix margin in ptz buttons - Use > instead of >= to fix duplicated log entries display Fixes [#3086] - Fix colour shift when Zooming - Fix errors in Amcrest_HTTP. Fixes [#3107] - Fix warnings from zmaudit due to trying to update StorageId to 0 when already 0.- Changes from 1.34.25 Release to deal with ppa screwup. No changes since 1.34.24 * Fri Apr 16 2021 ecsos - Update to 1.34.24 - Upgrade cakephp to 2.10.24 which fixes php8 - Fix error in onvif PTZ script - Fix to logging when not connected to db - Fix disableAlarms button not working. Fixes [#3203] - Add more state information to output of zmu -q - Fix failure in settings action preventing brightness/etc settings changes - Fix auth timeout in montage and watch views - Add more resolutions to resolution dropdown * Sun Mar 28 2021 Dirk Hartmann <2monexAATTgmx.net>- Fix zm_tempfiles.conf Create directory in /run instead of /var/run. * Sat Feb 06 2021 ecsos - Update to 1.34.23 Changes see * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.23 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.22 * Fri Oct 30 2020 Dirk Hartmann <2monexAATTgmx.net>- Fix MP-Build (name conflict). * Sun Oct 11 2020 ecsos - Update to 1.34.21 Changes see * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.21 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.20 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.19 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.18 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.17 * Fri Jul 31 2020 Dirk Hartmann <2monexAATTgmx.net>- Update to version 1.34.16 Changes see * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.16 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.15 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.14 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.13 * Sun May 17 2020 Dirk Hartmann <2monexAATTgmx.net>- Fix privileges issue when starting zm_database_init in ExecStartPre. * Sat May 09 2020 Dirk Hartmann - Update to version 1.23.12 Changes see * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.12 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.11 * https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.10 * Mon Apr 13 2020 Dirk Hartmann - Update to version 1.34.9. Changes see https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.9 General changes for 1.34.x see https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.0 * Sun Sep 08 2019 Dirk Hartmann - Change version. * Sun Sep 08 2019 Dirk Hartmann - Try to fix unit file for newer systemd version * Sun Sep 08 2019 Dirk Hartmann - Fix rundir from /var/run to /run- Remove old unit file for 42.3 * Sat Mar 09 2019 Dirk Hartmann - correct wrong vhosts directory. * Sat Mar 09 2019 Dirk Hartmann - Change install directory of apache vhost file. * Sun Feb 17 2019 Dirk Hartmann - Added missing CakePHP-Enum-Behavior. * Tue Feb 12 2019 Dirk Hartmann - Fix paths in config patch.- Set user and group explicit. * Sat Feb 09 2019 Dirk Hartmann - Added special unit file for 42.3. * Sat Feb 09 2019 Dirk Hartmann - Added requirement for perl-JSON-MaybeXS. * Sat Feb 02 2019 Dirk Hartmann - Update to version 1.32.3. See https://github.com/ZoneMinder/zoneminder/releases/tag/1.32.3 for full changelog. * Tue Oct 09 2018 Dirk Hartmann - Fix broken patch for not defining config values twice. * Wed Oct 03 2018 Dirk Hartmann - Update to version 1.32.1. See https://github.com/ZoneMinder/zoneminder/releases/tag/1.32.1 for full changelog. * Fri Jun 29 2018 monexAATTliquid-co.de- Require new zm_database_init version * Wed Jun 13 2018 monexAATTliquid-co.de- Fix zm.service file. ZM failed to start with the following error message: New main PID XXX does not belong to service, and PID file is not owned by root. Refusing. Added User= and Group= as a fix for this issue * Thu May 31 2018 monexAATTliquid-co.de- Update to ZoneMinder 1.30.4- Change to php7 * Sun Dec 10 2017 monexAATTliquid-co.de- Added some missing directories for zmNinja * Fri Nov 24 2017 monexAATTliquid-co.de- Applay missing patch for ZM_VERSION already defined error. * Fri Nov 24 2017 monexAATTliquid-co.de- Fix missing ZM_VERSION * Sun Nov 12 2017 monexAATTliquid-co.de- Revert last change. * Sun Nov 12 2017 monexAATTliquid-co.de- Removed lame requirements. * Tue Aug 22 2017 monexAATTliquid-co.de- Remove obsolete section. * Tue Aug 22 2017 monexAATTliquid-co.de- Fix security permission problem for events and images. * Tue Aug 15 2017 monexAATTliquid-co.de- Removed obsolete Requires. * Tue Aug 15 2017 monexAATTliquid-co.de- Added missing sources. * Mon May 01 2017 monexAATTliquid-co.de- Updated to version 1.30.2 See https://github.com/ZoneMinder/ZoneMinder/releases/tag/1.30.2 for a full description of changes.- Cleanup of spec file for older discontinued versions. * Sun Dec 25 2016 monexAATTliquid-co.de- Changes for 42.2 packages. * Wed Aug 24 2016 monexAATTliquid-co.de- Eevert last change because it breaks custom states * Sun Aug 21 2016 monexAATTliquid-co.de- Fix web control start/stop/restart * Thu Aug 18 2016 monexAATTliquid-co.de- Fix montage view * Mon Aug 15 2016 monexAATTliquid-co.de- Fix dependencies to ffmpeg * Sun Aug 14 2016 monexAATTliquid-co.de- updated MP requirements for 42.1 * Sat Aug 13 2016 monexAATTliquid-co.de- Added perl module dependencies for ONVIF. * Sun Aug 07 2016 monexAATTliquid-co.de- Fix wrong patch due to last change * Sun Aug 07 2016 monexAATTliquid-co.de- Fix order of update execution on startup/shutdown. * Sun Aug 07 2016 monexAATTliquid-co.de- Modified BuildRequired for MP Build * Sun Aug 07 2016 monexAATTliquid-co.de- Fix MP build- Updated cambozola to latest version.- Updated mootools to latest version. * Sat Aug 06 2016 monexAATTliquid-co.de- Update to version 1.30.0 * see https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.30.0 for changes. * Sat Mar 12 2016 monexAATTliquid-co.de- Updated to version 1.29.0 * see https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.29.0 for changes * Mon Feb 15 2016 monexAATTliquid-co.de- Load enable php5 apache module if not already enabled. * Fri Dec 25 2015 monexAATTliquid-co.de- fix patch. * Fri Dec 25 2015 monexAATTliquid-co.de- Chages for new ffmpeg api. * Fri Dec 11 2015 monexAATTliquid-co.de- change requirement for libffmpeg * Sun Feb 15 2015 monexAATTliquid-co.de- update to version 1.28.1 for full changelog look at https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.1 * Tue Nov 04 2014 monexAATTliquid-co.de- update to version 1.28.0 for full changelog look at https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.0
|
|
|