This repository was archived by the owner on Dec 13, 2022. It is now read-only.
Releases: centreon/centreon-archived
Releases · centreon/centreon-archived
Release date: September 20, 2022
Bug Fixes
- [Configuration] Fixed an error in the Configuration > Services > Templates menu causing HTML code to be displayed
- [Core] Cleaned code in forMyAccount
- [Core] Corrected escapeSecure usage
- [Widgets] Restored possibility to not select a poller in preferences
Security fixes
- [Administration] Applied validation of format with media synchronization
- [Administration] Sanitized and bound Centreon ACL class queries
- [CLAPI] Added a check to verify that the user has the admin role
- [Configuration] Fixed SQLi in poller's resource creation
- [Configuration] Sanitized and bound queries in centreonConnector file
- [Configuration] Sanitized and bound queries in contactgroup file
- [Configuration] Sanitized and bound queries in listServiceCategories file
- [Configuration] Sanitized and bound queries in listVirtualMetrics file
- [Configuration] Sanitized and bound queries in service argumentsXml file
- [Configuration] Sanitized and bound queries in service host categories file
- [Configuration] Sanitized and bound queries in servicegroup_dependency file
- [Monitoring] Fixed XSS vulnerability in deprecated services status details page
Release date: August 26, 2022
- [Install] Improved error handling during installation
Bug fixes
- [CLAPI] Column names were displayed several times when listing recurrent downtimes
- [Configuration] Extended the size of the URL, Notes and Action URL fields to avoid truncating long URLs
- [Configuration] Fixed a regression: multiple trap definitions can use the same OID again
- [Configuration] Fixed contact/contactgroup additive inheritance configuration using massive change
- [Core] Fixed SQL queries when databases names contained a dash
- [Core] Fixed the database partitioning for MySQL 8
- [Monitoring] Fixed deletion of comments
- [Monitoring] Fixed the "Last_update" column in legacy pages
- [Widget] Fixed hostgroup multiple selection
Security fixes
- [Administration] Sanitized SQLi in media synchronization
- [Administration] Sanitized and bound ACL group queries
- [Administration] Sanitized and bound ACL menus definitions queries
- [Administration] Sanitized and bound Auth class queries
- [Administration] Sanitized and bound queries in ACL actions definition
- [Configuration] Fixed an XSS vulnerability in the Broker configuration page
- [Configuration] Fixed an XSS vulnerability in the service template form
- [Configuration] Sanitized and bound "poller" queries
- [Configuration] Sanitized and bound contact form queries
- [Configuration] Sanitized and bound downtime queries
- [Configuration] Sanitized and bound escalation form queries
- [Configuration] Sanitized and bound hosts dependencies configuration queries
- [Configuration] Sanitized and bound hosts queries
- [Configuration] Sanitized and bound queries in Centreon Broker configuration listing
- [Configuration] Sanitized and bound queries in CentreonXMLBGRequest class
- [Configuration] Sanitized and bound queries in Meta Services dependency configuration
- [Configuration] Sanitized and bound queries in generateImage file
- [Configuration] Sanitized and bound queries in hostgroups dependency configuration
- [Configuration] Sanitized and bound queries in virtual metrics configuration
- [Configuration] Sanitized and bound service configuration queries
- [Configuration] Sanitized and bound service dependency queries
- [Configuration] Sanitized and bound timeperiod form queries
- [Core] Cleaned code in centreonUser.class.php
- [Core] Updated PHP libraries for security issues
- [Cron] Fixed SQL queries when databases names contain dash
- [Install] Sanitized and bound update queries
- [Monitoring] Sanitized SQLi in Centreon centreonGraph class
Release date: August 25, 2022
- [API] Added endpoint to perform all web updates
- [Authentication] Added a log message when an unregistered user tries logging in
- [Configuration] Use API to select metrics in virtual metrics configuration form
- [UI] Reduce spacing and align access buttons in user menu
Bug fixes
- [APIv1] Using the CLAPI import function no longer results in a PHP fatal error for the mentioned versions
- [Administration] Fixed consistency of ACLs with new poller creation wizard structure
- [Configuration] Fixed a regression: multiple trap definitions can use the same OID again
- [Cron] Fixed SQL queries when database names contain a dash
- [Install] Make it possible to connect as user centreon-engine for Debian packaging
- [Install] Fixed Debian packages build when npm is not installed
- [Install] Fixed dependency name for Debian packaging
- [Monitoring] Fixed deletion of comments
- [Monitoring] Fixed the bug that canceled the display of text in graphics after an export in png
- [UI] Fixed OpenID configuration form with Safari
- [UI] Fixed dark mode theme switch
- [Widget] Fixed hostgroup multiple selection
Security fixes
- [Administration] Sanitized SQLi in media synchronization
- [Administration] Sanitized and bound ACL menus definitions queries
- [Administration] Sanitized and bound Auth class queries
- [Administration] Sanitized and bound queries in ACL actions definition
- [Configuration] Fixed an XSS vulnerability in the Broker configuration page
- [Configuration] Fixed an XSS vulnerability in the service template form
- [Configuration] Sanitized and bound hosts dependencies configuration queries
- [Configuration] Sanitized and bound queries in Centreon Broker configuration listing
- [Configuration] Sanitized and bound queries in CentreonXMLBGRequest class
- [Configuration] Sanitized and bound queries in Meta Services dependency configuration
- [Configuration] Sanitized and bound queries in generateImage file
- [Configuration] Sanitized and bound queries in hostgroups dependency configuration
- [Configuration] Sanitized and bound service configuration queries
- [Configuration] Sanitized and bound service dependency queries
- [Core] Clean code in centreonUser.class.php
- [Core] Remove unused appKey feature
- [Monitoring] Sanitized SQLi in Centreon centreonGraph class
Release date: August 22, 2022
- [Install] Improved error handling during installation
- [Configuration] Use API to select metrics in virtual metrics configuration form
Bug Fixes
- [Configuration] Fixed contact/contactgroup additive inheritance configuration using massive change
- [Core] Fixed the database partitioning for MySQL 8
Security fixes
- [Administration] Sanitized SQLi in media synchronization
- [Administration] Sanitized and bound ACL group queries
- [Administration] Sanitized and bound ACL menus definitions queries
- [Administration] Sanitized and bound Auth class queries
- [Administration] Sanitized and bound queries in ACL actions definition
- [Configuration] Fixed an XSS vulnerability in the Broker configuration page
- [Configuration] Fixed an XSS vulnerability in the service template form
- [Configuration] Sanitized and bound downtime queries
- [Configuration] Sanitized and bound escalation form queries
- [Configuration] Sanitized and bound hosts dependencies configuration queries
- [Configuration] Sanitized and bound hosts queries
- [Configuration] Sanitized and bound queries in Centreon Broker configuration listing
- [Configuration] Sanitized and bound queries in CentreonXMLBGRequest class
- [Configuration] Sanitized and bound queries in Meta Services dependency configuration
- [Configuration] Sanitized and bound queries in generateImage file
- [Configuration] Sanitized and bound queries in hostgroups dependency configuration
- [Configuration] Sanitized and bound queries in virtual metrics configuration
- [Configuration] Sanitized and bound service configuration queries
- [Configuration] Sanitized and bound service dependency queries
- [Configuration] Sanitized and bound timeperiod form queries
- [Core] Clean code in centreonUser.class.php
- [Install] Sanitized and bound update queries
- [Monitoring] Sanitized SQLi in Centreon centreonGraph class
Release date: July 28, 2022
- [Administration] Added consistency in ACLs with the new structure of the poller creation wizard
- [Authentication] Added the permission to import automatically new users using the OpenId Connect protocol
- [Authentication] Applied an ACL Group(s) definition on login for OpenID Connect users
- [Configuration] Extended the size of the URL, Notes and Action URL fields to avoid truncating long URLs
- [Core] Properly managed the switch between Resource Status repositories
- [Install] Improved error handling during installation
- [UX] Improved the OpenId Connect form
Bug fixes
- [API] Fixed MBI APIs with the latest version of Centreon
- [Administration] Fixed the display of the end date of the licenses
- [Administration] Fixed the scrolling when reducing the screen size to access all items
- [Configuration] Fixed contact/contactgroup additive inheritance configuration using massive change
- [Configuration] Fixed empty host template from mappers (Host Discovery) by using default template form Plugin Packs discovery rule
- [Configuration] Fixed the export when the host group is disabled
- [Configuration] Fixed the export when the service group is disabled
- [Configuration] Fixed the export when the service template is disabled
- [Core] Fixed href on links that were broken in menus
- [Core] Fixed SQL queries when databases names contained a dash
- [Core] Fixed the database partitioning for MySQL 8
- [Install] Fixed an SQL issue during update
- [Install] Fixed rights on the /usr/share/centreon/.env.local.php file for Debian package
- [Install] Fixed the waterfall visual effect in the extension's details tile
- [Monitoring] Fixed the "Last_update" column in legacy pages
- [Monitoring] Fixed the notifications number in legacy pages
- [Resources Status] Fixed the timeperiod group button and custom period selectors heights
- [UI] Fixed header and skeleton UI instability
- [UI] Fixed the display of CSS code with Firefox browser
- [UI] Now close the menu when a navigation item is clicked
- [UX] Reduced the timeout to prevent the menu from closing unexpectedly
- [Widget] Now use ACL to get list of pollers in widget configuration to filter display of services
Security fixes
- [Administration] Sanitized and bound ACL Group queries
- [Administration] Sanitized and bound ACL resources queries
- [Configuration] Fixed SQLi vulnerability in escalation form
- [Configuration] Fixed XXS vulnerability in escalation form
- [Configuration] Sanitized and bound "User" class queries
- [Configuration] Sanitized and bound "downtime" queries
- [Configuration] Sanitized and bound "hostgroups" queries
- [Configuration] Sanitized and bound "hosts" queries
- [Configuration] Sanitized and bound "meta_service" related queries
- [Configuration] Sanitized and bound "pollers" queries
- [Configuration] Sanitized and bound contact form queries
- [Configuration] Sanitized and bound escalation form queries
- [Configuration] Sanitized and bound queries in virtual metrics configuration
- [Configuration] Sanitized and bound timeperiod form queries
- [Core] Removed deprecated switch in encodePass() method
- [Core] Updated PHP libraries for security issues
- [Install] Sanitized and bound update queries
Release date: June 16, 2022
Bug fixes
- [Configuration] Fixed checkbox selection after enabling/disabling a contact via icons
- [UX] Improved interface response time if CEIP is enabled but the browser does not have internet access
Security Fixes
- [Apache] Fixed cookies with missing or contradictory properties
- [Apache] Improved Apache configuration to enable HSTS
- [Core] Passwords are now obfuscated in the page's HTML source
- [Security] Fixed SQLi in virtual metrics
- [Security] Sanitized and bound "User" class queries