Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Centreon 2.8.30
Compare
Choose a tag to compare
@lpinsivy lpinsivy released this 25 Nov 11:55
· 9736 commits to master since this release
2.8.30
2bf3e15

Documentation

  • Correct migration using nagios reader (PR/#7781)

Security

  • Avoid SQL injections in multiple monitoring pages - CVE-2019-17647 (PR/#8029, PR/#8094)
  • Contact list using escapeSecure method (PR/#7947)
  • Control directory indexes with an htaccess (PR/#8115)
  • Do not allow to get all services using downtime ajax file - CVE-2019-17643 (PR/#8022)
  • Escape myAccount special characters - CVE-2019-16195 (PR/#7876)
  • Escape persistent and reflected XSS in my account (PR/#7865)
  • Escape script and input tags by default (PR/#7811)
  • Fix default contact_autologin_key value
  • Fix security on LDAP page - CVE-2019-15300 (PR/#8009)
  • Hide password in command line (#7414, PR/#7883)
  • RCE on mib import from manufacturer input - CVE-2019-15298 (PR/#8023)
  • Remove command test execution - CVE-2019-16405 (PR/#7884)
  • Sanitize host_id and service_id (PR/#7880)
  • Session fixation using regenerate_session_id (PR/#7893)
Assets 2
Loading