Centreon Web 2.8.27

Enhancements

  • [ACL] Improve ACL access on downtime and hostgroup form - PR #6962

  • [API] API for commands arguments descriptions - PR #7196

  • [API] Add showinstance CLAPI command to Host #7199

  • [LDAP] manage multiple ldap group with same dn - PR #6714

Bug Fixes

  • [ACL] Host calculation with ACL is not correct - PR #6436

  • [API] Broker configuration accept accept id 0

  • [API] Unset service/contact relations if set option - PR #7115

  • [API] Use “Reach API *” to validate access to API - PR #7117

  • [Authentication] add sync with ldap groups upon login - PR #7057

  • [Backup] Fix scp export of configuration files backup - PR #7112

  • [Chart] fix graph export when a curve is only displayed in legend - PR #7009

  • [Centcore] Allow to set illegal characters for centcore (#7206)

  • [Configuration] fix export of cbd watchdog logs path - #6794, PR #6919

  • [Configuration] fix broken hostgroup form and massive change on host - PR #7105

  • [Downtimes] Pagination & filters corrections in recurrent Downtimes form - #6501, #6504, #6506, PR #6509

  • [Global] fix pagination when new header is enabled - PR #6687

  • [LDAP] fix ldap import due to var typo

  • [LDAP] Fix LDAP search when the ‘user group attribute’ field of ldap configuration is empty - PR #7057

  • [Monitoring] Fix columns on the list page - PR #6984

  • [UI] Fix a Javascript bug when the new header is selected - PR #6590

  • [UI] backport memory leak - PR #7003

  • [Visual notification] exclude services started by BA from BAM UI notification style - PR #6782

Documentation

  • Correct menu access to add/edit recurrent downtime - #6698

  • Correct the upgrape chapter - #6916

  • Improve prerequisite MySQL version to correct bug on partitioned tables - PR #6974

  • Quick Start improvements

Security

  • Add SQL and XSS protection of Administration Logs page - PR #7038

  • Avoid password macro to appear in cleartext - PR #7020

  • Clean dead code about escalation - PR #7200

  • Fix XSS vulnerability on hosts and services comments - PR #6953

  • Fix SQL injection and duplicate action on the host list page - PR #6961

  • Fix the XSS vulnerability on poller resource - PR #6982

  • Fix XSS vulnerability in the ACL group search field - PR #7032

  • Fix SQL injection for virtual metrics - PR #7061

  • Fix SQL injection and duplicate feature - PR #7069

  • Fix XSS vulnerability in media - PR 7089

  • Protect hostname resolver from XSS - PR #7043

  • Rce vulnerability fixed when using command’s testing feature (#7245)

Others

  • Change copyright calculation code and replace mailto link by a direct link to our website

  • Fix compatibility with PHP 5.3