Request Demo

2024R1.0.2

  • February 21, 2024

Security

  • Fixed XSS in Nagios Core command expansion page (Thanks to Joran LEREEC for reporting this) [GL:XI#654] – DA
  • Fixed a SQL injection vulnerability in favorites component. (Thanks to Jarod Jaslow for reporting this) (CVE-2024-24401) [GL:XI#667] – DA
  • Fixed a privilege escalation vulnerability from nagios to root (Thanks to Jarod Jaslow for reporting this) (CVE-2024-24402) [GL:XI#668] – DA
  • Fixed a privilege escalation vulnerability in autodiscover_new.php (Thanks to Wahab Khadir for reporting this) [GL:XI#669] – DA

Deprecated

  • Deprecated Ubuntu 18 [GL:XI#579] – DA

Fixed

  • Fixed issue with column statistics table not existing with offloaded databases and backups [GL:XI#247] – DA
  • Fixed an issue where users would not be able to upgrade when they had offloaded databases [GL:XI#584] – DA
  • Fixed an issue where backups would fail due to a full tmp directory [GL:XI#602] – DA
  • Fixed an issue where recurring_downtime.php would exit because of it’s own pid [GL:XI#693] – DA

Component Updates

Core Config Manager (CCM) 3.2.3

  • Fix a regression from XI 2024R1.0.1 where the “Remove all” button was broken on some overlays - SAW