Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Update nagios-base to 4.3.2
The previous version in pkgsrc had a critical bug where status would not
update and nagios log "wproc: Core Worker seems to be choked". More
details at http://tracker.nagios.org/view.php?id=642
Here is the complete Changelog
4.3.2 - xxxx-xx-xx
------------------
FIXED
* Every 15sec /var/log/messages is flooded with "nagios: \
set_environment_var" (John Frickson)
* Changed release date to ISO format (yyyy-mm-dd) (John Frickson)
* `make all` fails if unzip is not installed (John Frickson)
* Quick Search no longer allows search by Alias (John Frickson)
* flexible downtime on a service immediately turns off notifications (John Frickson)
* Fix to allow url_encode to be called twice (Z. Liu)
* Update timeperiods.cfg.in (spelling) (Parth Laxmikant Kolekar)
* Spelling fixes (Josh Soref)
* Vent command pipe before remove to avoid deadlocks on writing end (Kai Kunstmann)
* CGI utility cgiutil.c does not process relative config file path names \
properly (John Frickson)
* xdata/xodtemplate.c bug in option-deprecation code (John Frickson)
* Wildcard searching causes service status links to not work properly (John Frickson)
* Quick search with no hits shows a permission denied error (John Frickson)
* Setting a service as its own parent is not caught by the sanity checker (-v) \
and causes a segfault (John Frickson)
4.3.1 - 2017-02-23
------------------
FIXES
* Service hard state generation and host hard or soft down status (John Frickson)
* Comments are duplicated through Nagios reload (John Frickson)
* host hourly value is incorrectly dumped as json boolean (John Frickson)
* Bug - Quick Search no longer allows search by IP (John Frickson)
* Config: status_update_interval can not be set to 1 (John Frickson)
* Check attempts not increasing if nagios is reloaded (John Frickson)
* nagios hangs on reload while sending external command to cmd file (John Frickson)
* Feature Request: return code xxx out of bounds - include message as well (John \
Frickson)
4.3.0 - 2017-02-21
------------------
SECURITY FIXES
* Fix for CVE-2016-6209 - The "corewindow" parameter (as in
http://localhost/nagios?corewindow=www.somewhere.com) has been disabled by
default. See the UPGRADING document for how to enable it. (John Frickson)
FIXES
* Fix early event scheduling (pmalek / John Frickson)
* on-demand host checks triggered by service checks cause attempt number \
increments (fredericve)
* Service notification not being send when host is in soft down state (John Frickson)
* configure does not error if no perl installed on CentOS 7 (John Frickson)
* failed passive requests leave .ok files in checkresults dir (caronc)
* Services don't show in status.cgi if "noheader" specified (John Frickson)
* Standardized check interval config file names (John Frickson)
* "Event Log" (showlog.cgi) could not open log file (John Frickson)
* "nagios_check_command" has been deprecated since v3.0. Last vestiges \
removed (John Frickson)
ENHANCEMENTS
* Added new flag to cgi.cfg: tac_cgi_hard_only to show only HARD states (John \
Frickson)
* Add broker-event for the end of a timed event (NEBTYPE_TIMEDEVENT_END) (John \
Frickson)
* There is no Macro to retrieve addresses of hostgroup members (now \
$HOSTGROUPMEMBERADDRESSES$) (John Frickson)
* Add "Page Tour" videos to several of the core web pages (John Frickson)
* Added a login page, and a `Logoff` links (John Frickson)
* On the status map, the host name will be colored if services are not all OK. \
(John Frickson)
* Added "Clear flapping state" command on host and services detail \
pages. (John Frickson)
* User-entered comment now displays below generated comment for downtime (John \
Frickson)
4.2.4 - 2016-12-07
------------------
SECURITY FIXES
* Fixed another root privilege escalation (CVE-2016-9566) Thanks for bringing this
to our attention go to Dawid Golunski (http://legalhackers.com).
4.2.3 - 2016-11-21
-------------------
SECURITY FIXES
* Fixed a root privilege escalation (CVE-2016-8641) (John Frickson)
FIXES
* external command during reload doesn't work (John Frickson)
* Nagios provides no error condition as to why it fails on the verify for \
serviceescalation (John Frickson)
* No root group in FreeBSD and Apple OS X (John Frickson)
* jsonquery.html doesn't display scheduled_time_ok correctly (John Frickson)
* daemon_dumps_core=1 has no effect on Linux when Nagios started as root (John \
Frickson)
* Configuration check in hostgroup - misspelled hostname does not error (John \
Frickson)
* contacts or contact_groups directive with no value should not be allowed (John \
Frickson)
* Compile 64-bit on SPARC produces LD error (John Frickson)
* HOSTSTATEID returns 0 even if host does not exist (John Frickson)
* Submitting UNREACHABLE passive result for host sets it as DOWN if the host has \
no parents (John Frickson)
* nagios: job XX (pid=YY): read() returned error 11 (changed from LOG_ERR to \
LOG_NOTICE) (John Frickson)
* Fix for quick search not showing services if wildcard used (John Frickson)
4.2.2 - 2016-10-24
------------------
SECURITY FIXES
* There was a fix to vulnerability CVE-2008-4796 in the 4.2.0 release on
August 1, 2016. The fix was apparently incomplete, as there was still a
problem. However, we are now getting all RSS feeds using AJAX calls
instead of the (outdated) MagpieRSS package. Thanks for bringing this to
our attention go to Dawid Golunski (http://legalhackers.com).
ENHANCEMENTS
* Update status.c to display passive check icon for hosts when passive checks
are enabled and actives disabled (John Frickson)
FIXES
* Fix permissions for Host Groups reports (status.cgi) (Patrik Halfar)
* Service Parents does not appear to be functioning as intended (lev)
* Availability report mixes up scheduled and unscheduled warning percentages \
(Helmut Mikulcik)
* Invalid values for saved_stamp in compute_subject_downtime_times() (John Frickson)
* Remove deprecated "framespacing" (John Frickson)
* The nagios tarball contains two identical jquery copies (John Frickson)
* extinfo.cgi does not set content-type (most cgi's don't) (John Frickson)
* Timeperiods are corrupted by external command CHANGE_SVC_CHECK_TIMEPERIOD (xoubih)
* Quick search doesn't show hosts without services (service status detail page) \
(John Frickson)
* In host/services details view, if exactly 100 entries would not show last one \
(John Frickson)
* nagios host URL parameter for NEW map doesn`t work - Network Map for All Hosts \
(John Frickson)
* next_problem_id is improperly initialized (gherteg)
* Passive problems not showing as "unhandled" (John Frickson)
* September reported as Sept instead of Sep (Rostislav OpoÄenský)
* Notifications are not sent for active alerts after scheduled downtime ends \
(John Frickson)
* Nagios 4.2.0 not working on Solaris (John Frickson)
* install-exfoliation and install-classicui don't work FreeBSD and Mac OS X \
(John Frickson)
* Updated makefile to delete some no-longer-needed files (John Frickson)
4.2.1 - 2016-09-06
------------------
FIXES
* Fix undefined variable php error (John Frickson)
* Links on the sidebar menu under 'Problems' are indented too far (John Frickson)
* Using $ARGn$ Macros in perfdata (John Frickson)
* using a wildcard in search returns service status total all zero's (John Frickson)
* read_only does not take priority (deppy)
* Running nagios -v on 4.2.0 takes 90+ seconds (John Frickson)
* Bare "make" invoked in subtarget (mjo)
* Theme images/stylesheets installed with inconsistent permissions (mjo / John \
Frickson)
* Missing Image for Host and Service State Trends in Availability Report \
(nichokap / John Frickson)
* Maintain non-persistent comments through reload (John Frickson)
* Servicegroup availability report ignores includesoftstates in service report \
links (PriceChild)
* error: format not a string literal and no format arguments (Karsten Weiss)
* Synced config.guess and config.sub with GNU (Zakhar Kleyman)
4.2.0 - 2016-08-01
------------------
SECURITY FIXES
* Fixed vulnerability CVE-2008-4796 (John Frickson)
* Fixed vulnerability CVE-2013-4214 (John Frickson)
* web interface vulnerable to Cross-Site Request Forgery attacks (John Frickson)
ENHANCEMENTS
* Increase socket queue length for listen()
* Added host name to the website page title (leres / John Frickson)
* Added additional icons for NetBSD and SuSE (John Frickson)
* The new Status Map will now use cgi.cfg options (John Frickson)
default_statusmap_layout will default to "6" for the new map
* The new Status Map will now show some valid values in the popup for \
"Nagios Process" (John Frickson)
FIXES
* Network outage view without access to all hosts (John Frickson)
* Core workers looping (John Frickson)
* service query returns duplicate host_name and description fields in the \
returned data (John Frickson)
* HTML output of plug-ins is parsed in wrong way => webgui unusable (John \
Frickson)
* Command worker fails to handle SIGPIPE
* "View Status" links under "Map" broken in Nagios Core \
Version 4.1.1 (John Frickson)
* Can't send big buffer - wproc: Core Worker seems to be choked (velripn / John \
Frickson)
* Too big CPU load on FreeBSD and other systems using poll() interface (cejkar)
* Flexible downtime recorded as unscheduled downtime (John Frickson)
* Service Flexible downtimes produce 1 notification before entering (John Frickson)
* Once you "set flap_detection_enabled 0" it should remove flapping \
state from the host/services page (John Frickson)
* New map doesn't finish loading if a logo image is not found (John Frickson)
* Extraneous Div end tag in map.html (Scott Wilkerson)
* Issue with "Problems" section (John Frickson)
* Status Map icons and online/offline status dots disappear in IE11 (John Frickson)
* New network map overlays the nagios process with objects (John Frickson)
* Added Default-Start and Default-Stop to the init script (John Frickson)
* Compile / logging issues with BSD 6
* Related to above, Fixed a lot of incorrectly handled time_t's in *printf's \
(John Frickson)
* New map not working for RU locale (actually, most locales) (John Frickson)
* Replaced all instances of signal() with sigaction() + blocking (John Frickson)
* UTF-8 characters like german ä are not processed properly by function \
url_encode (John Frickson)
* nagios worker processes can hog CPU (huxley / John Frickson)
* custom time periods that include special characters were not being handled in \
reports (John Frickson)
* Fixed init script to wait up to 90 seconds then kill the nagios process (John \
Frickson)
* No Host Groups results in wrong error message (John Frickson)
* Setup Nagios users to view specific host is not working in the new network map \
(John Frickson)
* statusjson.cgi fails glibc realloc truncate response output (John Frickson)
* Report Time Period does not work if an @ character is in the timeperiod name \
(John Frickson)
* State History does not use actual plugin long_output (John Frickson)
* Time period corruption (xoubih)
* Tactical Overview - Disabled Flap Detection Link (John Frickson)
4.1.1 - 08/19/2015
------------------
FIXES
* CGI Could not read object configuration data (broken by error in 4.1.0)
* exclude (!) not working (broken by mis-applied fix for 4.1.0)
4.1.0 - 08/18/2015
------------------
ENHANCEMENTS
* Promoted JSON CGIs to released status (Eric Stanley)
* New graphical CGI displays: statusmap, trends, histogram (Eric Stanley)
* Make sticky status for acks and comments configurable enhancement #20 (Trevor \
McDonald / Scott Wilkerson)
* Add host_down_disable_service_checks directive to nagios.cfg #44 (Trevor \
McDonald / Scott Wilkerson)
* httpd.conf doesn't support Apache versions > 2.3 (DanielB / John Frickson)
FIXES
* Fix for not all service dependencies created (John Frickson)
* Fix SIGSEGV with empty custom variable (orbis / John Frickson)
* Fix contact macros in environment variables (dvoryanchikov)
* Fixed host's current attempt goes to 1 after going to hard state (John Frickson)
* Fixed two bugs/problems: Replace use of %zd in base/utils.c & incorrect \
va_start() in cgi/jsonutils.c (Peter Eriksson)
* Fixed: Let remove_specialized actually remove all workers (Phil Mayers)
* Fixed log file spam caused when using perfdata command directives in \
nagios.cfg (shashikanthbussa)
* Fixed off-by-one error in bounds check leads to segfault (Phil Mayers)
* Added links for legacy graphical displays (Eric Stanley)
* Update embedded URL's to https versions of Nagios websites (scottwilkerson)
* Fixed doxygen comments to work with latest doxygen 1.8.9.1 #30 (Trevor McDonald)
* Fixed makefile target "html" to PHONY to fix GitHub issue #28 \
(Trevor McDonald)
* Fixed typo as per GitHub issue #27 (Trevor McDonald)
* Fixed jsonquery.php 404 not found error, and disabled Send Query button until \
form populates #43 (Scott Wilkerson)
* Fixed linking in Tactical Overview for several of the Host entries in Featured \
section #48 (Scott Wilkerson)
* Fixed passing limit and sort options to pagination and sort links #42 (Scott \
Wilkerson)
* Added form field for icon URL and clean-up when it changes in CGI Status Map. \
(Eric Stanley)
* Added options to cgi.cfg to uncheck sticky and send when acknowledging a \
problem (Trevor McDonald)
* Low impact changes to automate the generation of RPMs from nagios.spec file. \
(T.J. Yang)
* Update index.php (Trevor McDonald)
* Fixed escaping of corewindow parameter to account for possible XSS injection \
(Scott Wilkerson)
* Typo correction (T.J. Yang)
* Make getCoreStatus respect cgi_base_url (Moritz Schlarb)
* Adjusted map layout to work within frames (Eric Stanley)
* Fixed map displays are now the full size of browser window (Eric Stanley)
* Fixed labels and icons on circular markup no longer scale on zoom (Eric Stanley)
* Got all maps except circular markup working with icons (Eric Stanley)
* Fixes to make legacy CGIs work again. (Eric Stanley)
* Fixes to make all/html target tolerant of being run multiple times (Eric Stanley)
* For user-supplied maps, converted node group to have transform (Eric Stanley)
* Fixed issue transitioning from circular markup map to other maps (Eric Stanley)
* Fix displayForm to trigger on the button press (Scott Wilkerson)
* Fix fo getBBox crash on Firefox (Eric Stanley)
* Fixed map now resets zoom when form apply()'d (Eric Stanley)
* Fixed so close box on dialogs actually closes dialog (Eric Stanley)
* Corrected directive in trends display (Eric Stanley)
* Fixed minor issue with link in trends links (Eric Stanley)
* Fixed issue with map displaying on Firefox (Eric Stanley)
* Added exclusions for ctags generation (Eric Stanley)
* Update map-popup.html (Scott Wilkerson)
* Initial commit of new graphical CGIs (Eric Stanley)
* Fixed Github bug #18 - archivejson.cgi returns wrong host for state change \
query (Eric Stanley)
* Status JSON: Added next_check to service details (Eric Stanley)
* Fixed escaping of keys for scalar values in JSON CGIs (Eric Stanley)
* build: Include <sys/loadavg.h> if it exists. (Eric J. Mislivec)
* lib-tests: test-io{cache|broker} need -lsocket to link. (Eric J. Mislivec)
* lib-tests: test-runcmd assumes GNU echo. (Eric J. Mislivec)
* lib-tests: Signal handlers don't return int on most platforms, and using a \
cast was the wrong way to resolve this. (Eric J. Mislivec)
* Fix some type/format mismatch warnings for pid_t. (Eric J. Mislivec)
* Fix build on Solaris. (Eric J. Mislivec)
* runcmd: Fix build when we don't HAVE_SETENV. (Eric J. Mislivec)
* Fixed checkresult output processing (Eric Mislivec)
* Corrected escaping of long output macros (Eric Mislivec)
* Fixed null pointer dereferences in archive JSON (Eric Stanley)
* Fixed memory overwrite issue in JSON string escaping (Eric Stanley)
* JSON CGI: Now escaping object and array keys (Eric Stanley)
KNOWN ISSUES
* New map does not account for multiple parents, leaving "legacy" map \
as an option in the menu