Centreon 19.04.2

Centreon Web 19.04.2

Bug fixes

• [LDAP] optimizing the data sent when importing contact (PR/#7559)
• [Web] expose properly react router dom (PR/#7582)
• [Web] retrieve loading animation (PR/#7587)
• [Web] retrieve scrollbar on internal react pages

Centreon Web 19.04.1

Enhancements

• [Graphs] Add more curves template for fresh installations (#5819, #7530)
• [Remote Server] Add possibility to use HTTPS or HTTP for communication and to define TCP port (PR/#7536)
• [Remote Server] Add possibility to verify or not peer SSL certificate (PR/#7536)
• [Remote Server] Add possibility to use or not configured proxy (PR/#7536)

Bug fixes

• [ACL] Fix issue with monitoring pages (PR/#7554)
• [Administration] Correct the redirection after submitting the monitoring form (PR/#7545)
• [Packaging] Install systemd .service files with 644 permissions
• [Web] Fix date format for CSV export (PR/#7533)
• [Web] Correct the displayed saved researched value in the select2 components (PR/#7525)
• [Packaging] fix installation of conf.pm and centreontrapd.pm
• [Monitoring] Fix hard_state_duration column (#7506)
• [Graphs] No-unit series now trigger a second axis (Closes #7330 with #7341)
• [Graphs] "Split chart" mode do not show thresholds (Closes #7342,#7235 with #7343)
• [Monitoring] Macros not displayed in WUI for new services when you select your template (Fixes #7121 with #7515, #7535)
• [Monitoring] Filter issues on host monitoring page fixed (#7511)

Security fixes

• [ACL] Fix ACL calculation when interfering with the GET request (PR/#7517)

Centreon Web 18.10.5

Enhancements

• [Centcore] Enhance centcore process logs (PR/#7243)
• [Core] Enhance logger lib to handle utf8 (PR/#7404)
• [Graphs] Add more curves template for fresh installations (#5819, #7530)
• [LDAP] default contactgroup ldap import (PR/#7220)
• [Remote Server] Add possibility to use HTTPS or HTTP for communication and to define TCP port (PR/#7536)
• [Remote Server] Add possibility to verify or not peer SSL certificate (PR/#7536)
• [Remote Server] Add possibility to use or not configured proxy (PR/#7536)
• [UI] Better menu delimitation (PR/#7257)
• [UI] Color menu level 2&3 (PR/#7295)

Bug fixes

• [Backup] partial backup didn't backup the right partition for data_bin and logs (PR/#7242)
• [Broker] broker config generate external values (PR/#7401)
• [Broker] Default log path in configuration form (PR/#7367)
• [Export] Fix date format for CSV export (PR/#7533)
• [Graphs] No-unit series now trigger a second axis (Closes #7330 with #7341)
• [Graphs] "Split chart" mode do not show thresholds (Closes #7342,#7235 with #7343)
• [Install] Get the ip address of an existing connection to set the permission correctly (PR/#7347)
• [LDAP] Fix SQL error on LDAP authentication (Closes #7134 with PR/#7278)
• [LDAP] Optimize ldap sync at config generation (Closes #6949 with #7130)
• [LDAP] LDAP Groups ACLs are not working (Closes #7189 with #7308)
• [Monitoring] Macros not displayed in WUI for new services when you select your template (Closes #7121 with #7515, #7535)
• [Packaging] Install systemd .service files with 644 permissions
• [Packaging] fix installation of conf.pm and centreontrapd.pm
• [Systemd] use /etc/sysconfig/cent* files to get options (PR/#7380)
• [UI] Correct the displayed saved researched value in the select2 components (PR/#7525)
• [UI] Correct the redirection after submitting the monitoring form (PR/#7545)
• [UI] Filters persistence on monitoring and configuration (PR/#7327,#7355,#7348,#7369,#7345
• [UI] Filters and pagination MediaWiki (PR/#7397)
• [Widget] Widget parameters displayed in public views (PR/#7408)

Security fixes

• Fix ACL calculation when interfering with the GET request (PR/#7517)
• Fix vulnerability on file loading #7227
• Remove obsolete rrdtool configuration and sources (PR/#7195)
• Fix SQL injection on Service grid by hostgroup page (PR/#7275)

Centreon Web 2.8.28

Enhancements

Bug Fixes

• [Actions] Downtime and acknowledgement not working (PR/#7233)

Security

• Adding security filters on the host list page (PR/#6625)
• Fix ACL calculation when interfering with the GET request (PR/#7518)
• Fix vulnerability for file loading (PR/#7226)
• Type juggling can lead to authentication bypass (PR/#7084)
• Fix SQL injection on Service grid by hostgroup page (PR/#7275)

Centreon 19.04.0

Centreon Web 19.04.0

New features

• The extension management page has been unified. The installation, update and removal of modules and widgets are available via the "Administration> Extensions> Manager" menu. It is now possible to install all extensions at one time or to update all extensions in one click. Moreover a detail page provides access to the description of the extensions.
• Improved navigation within the menu. It can be used both open (by clicking on Centreon logo) and closed to navigate within the Centreon web interface. Closed, only one click is required to access the desired page. Open, it is possible to navigate a menu by opening and closing the submenus or to access another menu in a click.

Enhancements

• [CEIP] Add additional statistics including modules if present (PR/#7328)
• [Configuration] improve filters and pagination in the configuration menus (PR/#7348)
• [Debug] centreon_health script to gather various data (PR/#7418)
• [Install] New upgrade process that can start only from 2.4.0 and later
• [LDAP] Optimize ldap sync at config generation (#6949 PR/#7130)
• [Menu] Remove unnecessary menu level
• [Menu] Color the open level 2 and 3 menus (PR/#7295)
• [Remote-server] allow usage of domain names (PR/#7250)
• [UI] Fix wording of messages related to recurring downtimes (PR/#7261)
• Standardize how to display menus access
• Reduce reduce number of title levels displayed in index
• Create dedicated UI access administration chapter
• Improve custom uri chapter
• Move SSO chapter to administration/ldap

Bug fixes

• [API] Use the web service or initialize it (PR/#7265)
• [API] Fix init parameters (PR/#7277)
• [Backup] partial backup didn't backup the right partitions
• [Broker] change default value for centreonbroker_logs_path
• [Broker] Broker configuration doesn't generate rrdcached external information in a new install
• [CEIP] Improve ceip install update (PR/#7374)
• [Centcore] Don't generate blank line in centcore.cmd
• [Centcore] Enhance centcore log
• [Centcore] Fix getinfos information
• [Configuration] change size (6 => 30) of input geo coordinates on host form (PR/#7405)
• [Install] Remove non-existing topology_JS entries
• [Install] Remove obsolete rrdtool configuration and sources (PR/#7195)
• [Install] use /etc/sysconfig/cent* files to get options for Centcore and Centreontrapd process (PR/#7380)
• [LDAP] Fix sql errors in the log on authentication (PR/#7278)
• [LDAP] Optimize ldap sync at config generation (Fix #6949 PR/#7130)
• [Logs] removing warning in the logs (PR/#7395)
• [Menu] Fixing an issue with the menu when loaded by mobile browsers (PR/#7256)
• [Monitoring] Fix hide password in command line (PR/#7079)
• [Translation] fix translation for broker logs path
• [Translation] missing French translations in the graph page (PR/#7429)
• [logAnalyser] Code refactor
• [perl scripts] enhance logger lib to handle utf8

Documentation

• Restart php-fpm instead of Apache for changes in php.ini (PR/#7332)
• Add EN & FR chapters for data retention (PR/#7269)
• Describe how to enable user audit log in doc (PR/#7276)
• Improve partitioning chapter (PR/#7274)
• Correct installation chapters - enable systemctl for centreon (PR/#7284)
• Add FAQ for known issues about Remote Server (PR/#7266)

Security fixes

• Authenticated RCE in minPlayCommand.php (PR/#7232)
• SQL injections in the service by hostgroups and servicegroups pages (PR/#7267)
• Allow to set illegal characters for centcore (PR/#7206 PR/#7287)
• Token generation uses predictable generator
• Authenticated SQL injection in makeXML_ListServices.php
• SQL Injection in serviceGridByHGXML.php

Technical

• Add mechanism to manage external pages (PR/#7382)
• Add mechanism to manage notification mechanism of modules (PR/#7378)

Known issue

Depending on the size of your screen and which level 3 menu is opened, you may have difficulty to access to another menu. Just close the opened level 3 menu before navigating to another menu.

Centreon 18.10.4

Enhancements

• [API] API for commands arguments descriptions (PR/#7196)
• [API] Add showinstance CLAPI command to Host (PR/#7199)
• [API] Acknowledge resources using the API (Issue/#6068 - PR/#7187)
• [Centcore] Allow to set illegal characters for centcore (PR/#7206)
• [Installation] Update source installer regarding 18.10 version (PR/#7160)
• [UI] Improve host template selection by remplacing simple select with multi-select (PR/#7208)
• [UI] Indent third level menu (PR/#7251)

Bug Fixes

• [UI] Fix issue with comments date in host and service detail pages (Issue/#7180 - PR/#7194)
• [UI] Fix issue with session expiration and avoid login "inception" (PR/#7202)
• [UI] Fix issue with event logs export CSV/XML (Issue/#6929 - PR/#7167)
• [UI] Fix search filter for recurrent downtimes (PR/#7201)

Documentation

• Improve prerequisities (PR/#7244)
• Improve poller configuration (PR/#7116)
• Enable services after remote server installation (PR/#7027)
• Update upgrade to Centreon 18.10 documentation section (PR/#6934)
• Describe directory of XML files for partitioning (PR/#7203)
• Correct documentation link (Issue/#6997 - PR/#7016)
• Add daemon-reload command added when installing DB on dedicated server (Issue/#7137 - PR/#7139)

Security

• Fix security issue by removing dead code related to escalation (PR/#7200)
• Fix rce vulnerability when using command's testing feature (PR/#7245)
• Fix SQL injection for GET parameter (PR/#7229)
• Fix unauthorized file upload (PR/#7171)

Centreon 2.8.27

Enhancements

• [ACL] Improve ACL access on downtime and hostgroup form - PR #6962
• [API] API for commands arguments descriptions - PR #7196
• [API] Add showinstance CLAPI command to Host #7199
• [LDAP] manage multiple ldap group with same dn - PR #6714

Bug Fixes

• [ACL] Host calculation with ACL is not correct - PR #6436
• [API] Broker configuration accept accept id 0
• [API] Unset service/contact relations if set option - PR #7115
• [API] Use "Reach API *" to validate access to API - PR #7117
• [Authentication] add sync with ldap groups upon login - PR #7057
• [Backup] Fix scp export of configuration files backup - PR #7112
• [Chart] fix graph export when a curve is only displayed in legend - PR #7009
• [Centcore] Allow to set illegal characters for centcore (#7206)
• [Configuration] fix export of cbd watchdog logs path - #6794, PR #6919
• [Configuration] fix broken hostgroup form and massive change on host - PR #7105
• [Downtimes] Pagination & filters corrections in recurrent Downtimes form - #6501, #6504, #6506, PR #6509
• [Global] fix pagination when new header is enabled - PR #6687
• [LDAP] fix ldap import due to var typo
• [LDAP] Fix LDAP search when the 'user group attribute' field of ldap configuration is empty - PR #7057
• [Monitoring] Fix columns on the list page - PR #6984
• [UI] Fix a Javascript bug when the new header is selected - PR #6590
• [UI] backport memory leak - PR #7003
• [Visual notification] exclude services started by BA from BAM UI notification style - PR #6782

Documentation

• Correct menu access to add/edit recurrent downtime - #6698
• Correct the upgrape chapter - #6916
• Improve prerequisite MySQL version to correct bug on partitioned tables - PR #6974
• Quick Start improvements

Security

• Add SQL and XSS protection of Administration Logs page - PR #7038
• Avoid password macro to appear in cleartext - PR #7020
• Clean dead code about escalation - PR #7200
• Fix XSS vulnerability on hosts and services comments - PR #6953
• Fix SQL injection and duplicate action on the host list page - PR #6961
• Fix the XSS vulnerability on poller resource - PR #6982
• Fix XSS vulnerability in the ACL group search field - PR #7032
• Fix SQL injection for virtual metrics - PR #7061
• Fix SQL injection and duplicate feature - PR #7069
• Fix XSS vulnerability in media - PR 7089
• Protect hostname resolver from XSS - PR #7043
• Rce vulnerability fixed when using command's testing feature (#7245)

Others

• Change copyright calculation code and replace mailto link by a direct link to our website
• Fix compatibility with PHP 5.3

Centreon 18.10.3

Enhancements

• [Configuration] Avoid huge memory consumption when generating configuration (PR/#7072)
• [Remote Server] Add one-peer retention (Issues/#6910,#6978,#6987 - PR/#6959)
• [UI] Menus of banner can be opened/closed by clicking on icon (PR/#7127)
• [UI] Improve tooltip positioning in monitoring listing (PR/#7140)

Bug fixes

• [Backup] Configuration backup correctly done using scp (PR/#7112)
• [Configuration] Unset service/contact relations if SETCONTACT clapi method used (PR/#7115)
• [Configuration] Include check_centreon_dummy during installation process (Issue/#7019)
• [UI] Date picker failed when no language selected (PR/#7046)
• [UI] Manage pagination in all custom select components (PR/#7102)
• [UI] Avoid duplicated en_US language selection in user settings (PR/#7094)
• [UI] Fix issue with shared views and multi widgets (PR/#7126)
• [UI] Display configuration has changed for all pollers (PR/#7107)
• [Remote Server] Replace special characters when setting up a remote server (Issue/#6979 - PR/#7133)
• [Remote Server] Prevent access to ressources configuration not defined on remote (PR/#7136)

Centreon 18.10.2

Enhancements

• [Configuration] Prevent time period to call itself via templates - PR #7024
• [Configuration] Re-add the PID column in the poller list page - PR #6993
• [Documentation] Add clean yum cache command for 18.10 upgrade - PR #7030
• [Documentation] Correct typo in RS architecture FR chapter - PR #6965
• [Downtimes] Apply ACL on resources to configure recurring downtimes - PR #6962
• [Translate] Add all date picker libraries for new translation - PR #7040
• [UX] Improve full screen mode - PR #6976

Bug fixes

• [Chart] Fix graph export when a curve is only displayed in legend - PR #7009
• [Documentation] Describe DBMS minimal version to prevent partitioning tables issue - PR #6974
• [Monitoring] Use all selected filter on refresh with "play" button - PR #6984
• [Extensions] Fix module upgrades using php scripts - PR #7073
• [Remote Server] Update default path of broker watchdog logs

Technical

• Update select2 component - PR #7034

Centreon 18.10.1

Enhancements

• [Install] Optimize db partitioning during fresh install - PR #6937
• [Documentation] Improve FAQ chapter - PR #6900
• [Documentation] Improve prerequisites chapter - PR #6922
• [Documentation] Improve installation chapter - PR #6942 #6973
• [Documentation] Improve architecture chapter - PR #6966
• [Documentation] Add chapter to manage custom centreon uri - PR #6903
• [Documentation] Improve upgrade chapter - PR #6905 #6907 #6908
• [Documentation] Global documentation improvement - PR #6896 #6906 #6931 #6933

Bug fixes

• [API] Fix PHP warning - PR #6917
• [API] Fix export of hostgroup services - PR #6948
• [Configuration] Fix host categories creation and update form - PR #6901
• [Configuration] Remove old wizard button - PR #6902
• [Configuration] Fix export of cbd watchdog logs path - PR #6919
• [Configuration/Widget] Fix widget upgrade if directory has changed - PR #6975
• [Remote Server] Fix incorrect variable name - PR #6915]
• [Translation] Update strings - PR #6899
• [Global] Remove duplicate() method in children classes - PR #6918
• [Global] Update topology extract where clause from db - PR #6898