5.6.6

Fixed XSS and privilege escalation security vulnerability in Profile component and getprofile.sh script (CVE-2019-15949) (Thanks Jak Gibb) [TPS#14364] -JO

Fixed issue where re-configuring objects page would not allow switching them back to notify immediately [TPS#14340] -JO
Fixed issue where Graph Explorer exporting would be broken after upgrades [TPS#14372] -SAW
Fixed BPI api_tool.php NDO wait timeout to allow for longer NDO startup times [TPS#14398] -JO
Fixed issue with dashlets that have been uploaded unable to be downloaded due to file permissions in tmp directory [TPS#14363] -JO
Fixed CCM form validation to allow backslashes in object names/service descriptions -SAW
Fixed MIB uploading/processing on Postgres-based systems [TPS#14365] -SAW
Fixed API DELETE methods not allowing URL path to be used like in the help section [TPS#14370] -JO
Fixed Bulk Modifications Tool find relationship listings to be sorted alphabetically [TPS#12156] -JO
Fixed logrotate configuration to set the user/group on systems except el6 which doesn’t require it -JO
Fixed issue with Recurring Scheduled Downtime not showing when services is set to only the * wildcard [TPS#14388] -JO
Fixed Nagios XI Bug Report: Config Wizard Template Notification Interval could not be set to 0 [TPS#14391] -SW
Fixed problem with reading multiple line hashes sent when an inbound email response is wrapped [TPS#14396] -JO
Fixed issue in Schedule Downtime page when deleting host/service group from list and it saying none are selected [TPS#14402] -JO