This repository has been archived by the owner on Dec 13, 2022. It is now read-only.
Releases: centreon/centreon-archived
Releases · centreon/centreon-archived
19.10.23
=====================
Centreon Web 19.10.23
Bug fixes
- [Administration] Cannot list Pollers in Centreon Engine statistics
Security fixes
- [Administration] User can install or delete modules with no ACL rights
- [Configuration] Cross-site Scripting (XSS) Stored/Persistent in Dependency/Notification form
- [Configuration] SQL injection in user additional information
- [Configuration] Stored XSS in host Alias for host form
- [Core] Predictable anti-CSRF token
- [Lib] Update centreon vulnerable packages
21.04.1
21.04.1
May 11, 2021
Bugfixes
- [Configuration] Default Centreon Engine value is different from the tooltip, and affects performance
- [Platform Topology] Register a remote / poller to central with proxy
- [Resources Status] Click anywhere in the metric tile within the legend to select metrics to display in graphs
- [Resources Status] Custom filters cannot be listed from the drop down menu after upgrade to 21.04
- [Resources Status] Graph export does not work correctly on Safari and Firefox
- [Resources Status] Graph units are not properly displayed when graphs have a 2 way scale
- [Resources Status] Jagged disposition when multiple graphs displayed in extended host panel
- [Resources Status] Listing refresh gets slower as the number of items per page increases
Performances
- Replace "WITH RECURSIVE" MySQL calls with PHP-based recursion loops
Security
- [Configuration] SQL injection in additional user information
2.8.37
###################
Centreon Web 2.8.37
###################
Bug fixes
- [Core] Update centreon copyright dates
- [Lib] moment-timezone 0.3.0 does manage anymore timezone
Security
- Missing access control mechanism in rest API v1
- Predictable anti-CSRF token
- SQL injection in additional information in contact form
- SQL Injection on graph periods
- SQL Injection on graph split
20.10.7
20.10.7
May 7, 2021
Enhancements
- [Custom Views] Add regex filtering to widget compare field
Bugfixes
- [Configuration] Can not delete Remote Server from UI
- [Configuration] Central's Engine configuration is set to use aggressive host checking
- [Configuration] Hosts/services templates become simple hosts/services
- [Configuration] Unable to create Meta service with high amount of metrics
- [Configuration] Wrong number of services/pages to display
- [Graph] Graphics are not displayable in the interface
- [Monitoring] Cancelled BA downtime from Downtime menu
- [Monitoring] Export event logs with filter on output is broken
- [Platform Topology] API: remote / poller to central with proxy
- [Platform Topology] Remove all topology when Remote => Central Conversion
- [Platform Topology] Script: Unable to register a remote on a Central
- [Platform Topology] Unable to replace 127.0.0.1 by real IP in poller form when already saved in platform_topology
- [Purge] Script can't drop several partitions
- [Resources Status] Be able to sort by Parent name in listing
- [Resources Status] Manage notes on resources for Notes URL
- [Resources Status] Missing french translations
- [Resources Status] Service link to multiple hosts or service by hostgroup won't be listed
- [UI] Centreon blank page on all menu with firefox < 78
Security fixes
- [Administration] User can install or delete modules with no ACL rights
- [Configuration] Cross-site Scripting (XSS) Stored/Persistent in Dependency/Notification form
- [Configuration] SQL injection in user additional information
- [Configuration] Stored XSS in host Alias for host form
- [Core] Predictable anti-CSRF token
- [Graph] SQL Injection on graph periods
- [Graph] SQL Injection on graph split
- [Lib] Update centreon vulnerable packages
- [Resources Status / Service Details] Passwords are displayed in command line
- [Resources Status / Service Details] Passwords field for EXTRAOPTIONS is not hidden in command line
Performance
- [Core] Replace "WITH RECURSIVE" MySQL calls with PHP-based recursion loops
20.04.13
20.04.13
May 10, 2021
Bugfixes
- [Administration] Cannot list Pollers in Centreon Engine statistics
- [Configuration] Configuration output can lead to an empty broker configuration
- [Configuration] Hosts/services templates become simple hosts/services
- [Configuration] Wrong number of services/pages to display
- [Monitoring] Cancelled BA downtime from Downtime menu
- [Purge] Script can't drop several partitions
Security fixes
- [Administration] User can install or delete modules with no ACL rights
- [Configuration] Cross-site Scripting (XSS) Stored/Persistent in Dependency/Notification form
- [Configuration] SQL injection in user additional information
- [Configuration] Stored XSS in host Alias for host form
- [Core] Predictable anti-CSRF token
- [Graph] SQL Injection on graph periods
- [Graph] SQL Injection on graph split
- [Lib] Update centreon vulnerable packages
- [Resources Status / Service Details] Passwords are displayed in command line
- [Resources Status / Service Details] Passwords field for EXTRAOPTIONS is not hidden in command line
20.10.6
20.10.6
April 20, 2021
Bugfixes
- [ACL] Use ACL Action to generate traps
- [About] Update about page with current team
- [Administration] Cannot list Pollers in Platform Status pages
- [Configuration] Error while adding a Remote Server and attaching a poller to it via wizard
- [Configuration] Poller attached to remote is not fully removed from database when deleted using the from
- [Core/API/v1] Can't filter on criticality
- [Core] Configuration output can lead to an empty broker configuration
- [Core] Update centreon copyright dates
- [Extensions Manager] No popup when removing extension
- [Graph] Adapt graph scale for b/s unit
- [Graphs] Colors of labels don't match colors of curves (old library)
- [Install] During installation, web installer can not be executed fully
- [Platform Topology] Distant Poller attached behind a Remote Server does not receive conf
- [Platform Topology] Missing current node IP address in register script
- [Platform Topology] Register script concatenates default values to values from the template
- [Platform Topology] Script target address not parsed correctly.
- [Platform Topology] Enhance register script displaying
- [Reporting] Dashboard is slow to display with large service groups
- [Resources Status] Bad urls for mediawiki
- [Resources Status] Macros in "URL" and "Action URL"
- [Resources Status] Missing french translations
- [UX] Remove "deprecated" from menu for deprecated monitoring pages
Security fixes
- [Core] XSS in index.php and index.html
- [Library] Update jQuery to version sup or equal 3.5.1
Performance
- [API/Topology] Refacto PlatformTopology 20.10
20.10.5
19.10.22
20.04.12
19.10.21
Centreon Web 19.10.21
March 23, 2021
Bug fixes
- [Core] Update centreon copyright dates
- [Install] Complete the Last step upgrade redirection
- [Administration/About] Update about page with current team
Security fixes
- [Core] Cross-site Scripting (XSS) in index.php
- [Lib] Update jQuery to version >= 3.5.1