Centreon Web 2.8.27¶
Enhancements¶
[ACL] Improve ACL access on downtime and hostgroup form - PR #6962
[API] API for commands arguments descriptions - PR #7196
[API] Add showinstance CLAPI command to Host #7199
[LDAP] manage multiple ldap group with same dn - PR #6714
Bug Fixes¶
[ACL] Host calculation with ACL is not correct - PR #6436
[API] Broker configuration accept accept id 0
[API] Unset service/contact relations if set option - PR #7115
[API] Use “Reach API *” to validate access to API - PR #7117
[Authentication] add sync with ldap groups upon login - PR #7057
[Backup] Fix scp export of configuration files backup - PR #7112
[Chart] fix graph export when a curve is only displayed in legend - PR #7009
[Centcore] Allow to set illegal characters for centcore (#7206)
[Configuration] fix export of cbd watchdog logs path - #6794, PR #6919
[Configuration] fix broken hostgroup form and massive change on host - PR #7105
[Downtimes] Pagination & filters corrections in recurrent Downtimes form - #6501, #6504, #6506, PR #6509
[Global] fix pagination when new header is enabled - PR #6687
[LDAP] fix ldap import due to var typo
[LDAP] Fix LDAP search when the ‘user group attribute’ field of ldap configuration is empty - PR #7057
[Monitoring] Fix columns on the list page - PR #6984
[UI] Fix a Javascript bug when the new header is selected - PR #6590
[UI] backport memory leak - PR #7003
[Visual notification] exclude services started by BA from BAM UI notification style - PR #6782
Documentation¶
Correct menu access to add/edit recurrent downtime - #6698
Correct the upgrape chapter - #6916
Improve prerequisite MySQL version to correct bug on partitioned tables - PR #6974
Quick Start improvements
Security¶
Add SQL and XSS protection of Administration Logs page - PR #7038
Avoid password macro to appear in cleartext - PR #7020
Clean dead code about escalation - PR #7200
Fix XSS vulnerability on hosts and services comments - PR #6953
Fix SQL injection and duplicate action on the host list page - PR #6961
Fix the XSS vulnerability on poller resource - PR #6982
Fix XSS vulnerability in the ACL group search field - PR #7032
Fix SQL injection for virtual metrics - PR #7061
Fix SQL injection and duplicate feature - PR #7069
Fix XSS vulnerability in media - PR 7089
Protect hostname resolver from XSS - PR #7043
Rce vulnerability fixed when using command’s testing feature (#7245)
Others¶
Change copyright calculation code and replace mailto link by a direct link to our website
Fix compatibility with PHP 5.3