Changelog for
icingaweb2-common-2.12.1-2.2.noarch.rpm :
* Tue Feb 13 2024 roAATTsuse.de- Provide group as required by RPM 4.19
* Thu Nov 16 2023 ecsos
- Update to 2.12.1 - Add PHP 8.3 support - Login Redirect Loop #5133 - UI database migration not fully compatible with PostgreSQL #5129 - Missing styles when logging out and in while CSP is enabled #5126
* Fri Sep 22 2023 ecsos - Update to 2.12.0 - Support for PHP 8.2 #4918 - Support for Content-Security-Policy #4528 - Allow to initiate a refresh with __REFRESH__ #5108 - Don\'t refresh twice upon __CLOSE__ #5106 - Add event column-moved #5049 - Add copy-to-clipboard behavior #5041 - Access Oracle Database via tnsnames.ora / LDAP Naming Services #5062 - Reduce risk of crashing the x509 collector daemon #5115 - CSV export does not escape double quotes #4910
* Full changelog see: https://github.com/Icinga/icingaweb2/milestone/79?closed=1- Massive changes in spec needed.
* Tue Jul 04 2023 James Pearson - DB schema files are in schema not etc/schema in packaged tarball
* Tue May 09 2023 ecsos - Add subpackge php-fpm with php-fpm configuration.- Remove max php version restrictions for suse.- Fix rights for /etc/icingaweb2/enabledModules directory as upstream use.
* Thu Jan 26 2023 ecsos - Update to 2.11.4
* Notable Fixes - Add/Edit dashlet not possible #4970 - Custom library path + custom library, without slash in its name, results in exception #4971 - Reflected XSS vulnerability in User Backends config page #4979 See: https://github.com/Icinga/icingaweb2/milestone/78?closed=1- Add icingaweb2-additions.tar.gz with source from version 2.11.3 because upstream has removed packages and etc source dir and files. See: https://github.com/Icinga/icingaweb2/pull/4964
* Wed Dec 14 2022 ecsos - Update to 2.11.3 This is a security release.
* Minor to Medium Vulnerabilities - Open Redirects for logged in users #4945 - SSH Resource Configuration form XSS Bug #4947 - Dashlets allow the user to run Javascript code #4959 - Role member suggestion endpoint is reachable for unauthorized users #4961
* The More Usual Dose of Fixes - Browser print dialog result broken #4957 - Shared navigation items are not accessible #4953 - While using dropdown filter menu it gets closed automatically due to autorefresh #4942
* Tue Nov 08 2022 ecsos - Update to 2.11.2 It brings performance improvements and general fixes. Most notable of which are that having e.g. notifications disabled globally is now visible in the menu again and that the event history is grouped by days again. See: https://github.com/Icinga/icingaweb2/milestone/76?closed=1
* Thu Jul 07 2022 ecsos - Update to 2.11.1 This update\'s main focus is to solve the issue that all history views didn\'t work correctly or showed invalid time and dates. (#4853)
* Fri Jul 01 2022 ecsos - Update to 2.11.0
* Enhancements, Some - Support for PHP 8.1 #4609 - Redesign User Menu #4651 - &showFullscreen suppresses announcements #4596
* Fixes, More - Navigation item filter
* not working #4772 - Objects with a
* in the name are not found #4682 - Theme mode switch disabled on theme with mode support #4744
* When developers become cleaning maniacs - User preferences in INI files not supported anymore #4765 - mysql: use of utf8 vs utfmb4 #4680 - Remove Vagrant file and its assets #4762
* Thu Jun 30 2022 ecsos - Update to 2.10.3 This release mainly ensures compatibility with icinga-php-library v0.9.0 and Icinga DB Web 1.0.0. Two fixes regarding the theme mode support are also included (#4744 and #4835)
* Wed Apr 06 2022 ecsos - Update to 2.10.1 - Clicking anywhere on a list item in the dashboard now opens the primary link again, instead of nothing #4710 - The Check Now and Remove Acknowledgement quick actions in an object\'s detail header are now working again #4711 - Clicking on the big number in the tactical overview if there are UNKNOWN services, shows UNKNOWN services now #4714 - The contrast of text in the sidebar, while in light mode, has been increased #4720 - A theme without mode support, which is set globally, now also prevents users from configuring the mode #4723- Drop 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch, because now in upstream.
* Wed Mar 30 2022 roAATTsuse.de- add 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch taken from upstream PR 4721 fixing mouseover for list items to make checks selectable again
* Thu Mar 24 2022 ecsos - Update to 2.10.0 Release information see: https://github.com/Icinga/icingaweb2/releases Fixed issues see: https://github.com/Icinga/icingaweb2/milestone/63?closed=1
* Tue Mar 08 2022 ecsos - Update to 2.9.6
* Security Fixes Please check the advisories on GitHub for more details. - Path traversal in static library file requests for unauthenticated users GHSA-5p3f-rh28-8frw - SSH resources allow arbitrary code execution for authenticated users GHSA-v9mv-h52f-7g63 - Unwanted disclosure of hosts and related data, linked to decommissioned services GHSA-qcmg-vr56-x9wf
* Mon Nov 22 2021 ecsos - Update to 2.9.5
* This is a hotfix release which fixes the following issues: - Some detail views of Icinga Director and other modules are broken with Web 2.9.4 #4598 - Error on skipping LDAP Discovery #4603
* Wed Nov 10 2021 ecsos - Update to 2.9.4
* Broken Preference Configuration - Config/Preferences not accessible without config.ini #4504 - \"My Account\" broken after Upgrade from 2.8.2 to 2.9.3 #4512
* Notable Fixes in the UI - Proposal for new Feature make comments collapsible #4515 - new line character is being removed in the plugin output #4522
* Less Notable But No Less Important Fixes - announcements request clears focus #4543 - js: Fix regression for loading dependent modules for sub-containers #4533- Changes from 2.9.3
* Staying remembered on RHEL/CentOS 7 now possible - Stay Logged In - Unknown cipher algorithm #4493
* Missing icons with SLES/OpenSUSE 15 - Missing fileinfo php extension on SLES/OpenSUSE 15+ #4503
* Child downtimes for services are now removed automatically - If appropriate, set the API parameter all_services for schedule-downtime #4501- Changes from 2.9.2 This is a hotfix release. v2.9.1 included a change that wasn\'t compatible with PostgreSQL again. This has been fixed in this release. (#4490)- Changes from 2.9.1
* Pancakes everywhere - Nested custom variables are flattened #4439 - Disable login orb animation and all orbs for themes #4468 - SVG chart library doesn\'t process input as UTF-8 #4462
* Staying remembered too difficult - RememberMe not working with only PostgreSQL #4441 - RememberMe compatibility with php version 5.6+ #4472 - RememberMe fails after running the wizard for grants #4434
* Being picky pays off - Datetimepicker not usable by keyboard #4442 - Close the datepicker automatically #4461 - Paragraphs in Acknowledge/Downtime not possible #4443- Changes from 2.9.0
* Icinga DB - We continue our endeavour soon. Icinga Web 2 is still a crucial part of it and this update is again required for Icinga DB. If you like to participate again, don\'t forget to update Icinga Web 2 as well.
* Security Fixes This release includes two security related fixes. Both were published as part of a security advisory on Github. They allow the circumvention of custom variable protection rules and blacklists as well as a path traversal if the doc module is enabled. Please check the respective advisory for details. - Custom variable protection and blacklists can be circumvented GHSA-2xv9-886q-p7xx - Possible path traversal by use of the doc module GHSA-cmgc-h4cx-3v43
* RBAC, The Elephant In Icinga Web 2 - Authorization enhancements #4306 - Audit View #4336 - Highlight modules with permissions set inside a role #4241
* Support for PHP 8 - Support PHP 8 #4289 - Raise minimum required PHP version to 7.3 #4397
* Stay, Be Remembered - Implement a \"remember me\" feature #2495
* It Does Matter, When - Add datetime picker widget #4354 - Expire Option for Comments #3447 - Custom defaults for downtime end, comment and duration #4364
* Wed Nov 10 2021 ecsos - Update to 2.8.5 No changelog from upstream.
* Tue Jul 27 2021 ecsos - Update to 2.8.4 - This release only contains a single fix for flattened custom variables. #4439
* Mon Jul 12 2021 ecsos - Update to 2.8.3
* Security Fixes This release includes two security related fixes. Both were published as part of a security advisory on Github. They allow the circumvention of custom variable protection rules and blacklists as well as a path traversal if the doc module is enabled. Please check the respective advisory for details. - Custom variable protection and blacklists can be circumvented GHSA-2xv9-886q-p7xx - Possible path traversal by use of the doc module GHSA-cmgc-h4cx-3v43