Request Demo

5.7.3

  • September 3, 2020

Security

  • Fixed information tooltips in security popup during LDAP/AD user import [TPS#15247] -JO
  • Fixed XSS security vulnerability in Admin -> Manage Users (Thanks Christian Weiler) [TPS#15277] -SAW
  • Fixed XSS security vulnerability in Add/Manage Dashboard page and popup [TPS#15292]-JO
  • Fixed privilege escalation in backend scripts ran as root where some included files were editable by nagios user (CVE-2020-15903) (thanks ERNW) -JO
  • Fixed command injection vulnerability in report PDF Download (Thanks Christian Weiler) [TPS#15278] -SAW
  • Fixed privilege escalation vulnerability in getprofile.sh (Thanks Christian Weiler) [TPS#15279] -SAW

Added

  • Added missing scheduled downtime comment data to Host/Service Status Details pages [TPS#15190] -JO

Fixed

  • Fixed search on services page to properly search in a case insensitive way [TPS#15241] -JO
  • Fixed typo in Admin > Performance Settings max comment history age field [TPS#15227] -JO
  • Fixed library path for mrtg2, in cfgmaker. In some OS versions, the path needs to be ../lib64/mrtg2, instead of ../lib/mrtg2 [TPS#15213] -LG
  • Fixed library path for mrtg2, in mrtg. In some OS versions, the path needs to be ../lib64/mrtg2, instead of ../lib/mrtg2 [TPS#15213] -LG
  • Fixed parameter problem_has_been_acknowledged not working on hoststatus and servicestatus API endpoints [TPS#15256] -JO
  • Fixed backup/restore scripts to no longer copy over old nagiosmobile HTTPD config [TPS#15266] -JO
  • Fixed issue with the parameter host_object_id (host_id works) not working with objects API calls [TPS#15263] -JO
  • Fixed issue with Capacity Planning python script on Ubuntu 20.04 [TPS#15283] -JO
  • Fixed Inbound Email Processing when using Outlook and other clients that use Windows line endings [TPS#15285] -JO
  • Fixed clearner.php error on systems still running postgresql [TPS#15299] -JO
  • Fixed Host/Servicegroup summary dashlets commands link not working while they are inside dashboards [TPS#15196] -JO
  • Fixed Host/Service Details pages on smaller screen sizes having the record count/search bar overlap eachother [TPS#15304] -JO
  • Fixed issues with Dark Theme Highcharts graphs to be more readable and usable -JO

Component Updates

NDOUtils (NDO) 3.0.3

  • Fixed issue with version comparison in database upgrade script
  • Fixed issue with failed timed_event brokering on startup
  • Fixed issue with erroneous logging of notification brokering failures
  • Fixed improper handling of callback registration when some event types were disabled