Cacti Security und Bugfix Release 1.2.23

      Keine Kommentare zu Cacti Security und Bugfix Release 1.2.23
Cacti Logo

Für die freie Webmonitoring Software Cacti wurde vor einigen Tagen das Update 1.2.23 veröffentlicht. Bei diesem handelt es sich um ein Bugfix und Security Release.

Cacti 1.2.23 Release Notes

security4920Add .htaccess file to scripts folder
security5119CVE-2022-46169 Unauthenticated Command Injection in Remote Agent
issue4418When using Single Sign-on Frameworks, revocation is not always detected in callbacks
issue4682New templates are not installed during the update
issue4738Improve PHP 8.1 support for Installer CLI
issue4888The database audit script fails to run properly on MySQL 8.0.29
issue4889Increase host query performance by removing check for NULL
issue4892When many hosts go offline, Recache Event can be constantly logged
issue4893Real Time Counter can become stuck and does not count down
issue4896When remote poller is in offline mode, GUI can become inaccesible and poller can timeout
issue4897Technical support page on remote poller shows max connections of Main poller
issue4903Correct incompatibility between MySQL 8.x and Automation regular expressions
issue4904The recommendation for innodb_buffer_pool_instances is incorrect for MySQL 8 and MariaDB < 10.5
issue4905Using colons in labels can break graphs with gradients
issue4917Real Time Counter can become stuck and does not count down
issue4921Some Aggregate graphs can be denied access incorrectly
issue4923Unable to duplicate a Graph template
issue4927Unable to audit the database if database password contains a bracket
issue4934Upgrade phpseclib to 2.0.37
issue4935The ‘Net-SNMP – Device I/O’ template incorrectly sets a maximum value of zero
issue4940When sorting by hostname, database errors can be reported
issue4941When boost is running, graphs can appear broken
issue4944Packages should be signed with SHA256 as SHA1 is considered deprecated
issue4947When creating a Data Template, ensure that the default max value is always ‘U’ and not ‘0’
issue4951Plugins may not work correctly with Multi-Poller setups
issue4960Setting context for connections throws error in PHP 8.x
issue4963Wen calculating 95th percentile, floor() maybe used instead of ceil() incorrectly
issue4964Tree search does not correct hide non-matching tree objects
issue4966Device Template filters should show on used templates
issue4971MIB Parser can sometimes cause errors in later PHP versions
issue4978Boost may sometimes lose the Time Zone unexpectedly
issue4980Setting business hours can cause PHP errors
issue4988When creating RRD File, more data sources than expected may be defined
issue4990When viewing Links, errors can be generated
issue4991Updating a Data Template does not switch rrd_heartbeat properly for all sources leading to empty graphs
issue4993Data Debug Troubleshooter does not pick up invalid RRD_heartbeat settings
issue4996When managing graphs, Graphs can be listed multiple times incorrectly
issue5001Data Debug troubleshooter reports false positives with Missing Data Sources
issue5006Errors can occur when attempting to remove items from CDEF or VDEF’s
issue5012When upgrading database at command line, some PHP errors may be seen
issue5013Automatically set Bulk Walk size when missing on a host
issue5015Upgrade for 1.2.21 reporting unknown status
issue5017SNMP Agent can cause unexpected errors due to implicit rounding
issue5018When using ‘Remember me’, session can still be forced to end unexpectedly
issue5024Escape char not properly replaced in snmp strings
issue5028Cacti User Stats script can throw errors unexpectedly
issue5029Searching for a plugin by name does not always work
issue5030Installer shows innodb unset in MariaDB 10.10+
issue5033Improve PHP 8.1 support with Installer
issue5034RRD Proxy Server not supported by CLI script “structure_rra_paths.php”
issue5041Custom themes may cause errors if they do not contain all required CSS/JS files
issue5057When adding a device rule in automation, depreciated filters may be reported
issue5066Graph watermark is not escaped properly, leading to broken graphs
issue5068Improve PHP 8.2 support with Installer
issue5084When viewing trees, runtime errors may be recorded
issue5088When running script host_update_template.php, reindex method may incorrectly be changed to uptime
issue5089When numeric regex validation fails, no backtrace is logged
issue5096When the SNMP Agent is enabled, certain objects can result in errors appearing
issue5097RRDtool Utilities should not appear on Remote Data Collectors
issue5101When a remote poller fails, the recovery process may also fail
issue5102When in Recovery Mode, plugins that are designed to work remotely stop working
issue5103When Remote Data Collector changes status, a full page refresh or logout should occur
issue5105ss_host_disk.php php issue after upgrade PHP 8.1 (from 7.4)
issue5107Block installation if PHP has session.auto_start enabled
issue5111During boost processing, some DS Stats functions can cause errors
feature1100Structured path not created when using remote poller and Update On-Demand
feature1392Notify Admins that page errors exist even when using dynamic callbacks
feature2239Allow Import and Export to be more selective
feature2485Importing Template requires you to upload the same file after previewing
feature2548Add Head/Tail filtering of log for more efficient searches
feature2567The innodb sort buffer should be optimized for large tables
feature2747Allow more sorting options when managing Graphs
feature2871Report when RRA’s heartbeat is below the data source profile’s interval
feature3131Add utility feature to reindex hosts with bad indexes
feature3578Allow Re-indexing of Devices to be Scheduled
feature4025When importing a Template or Package, allow the user to ignore template and use the system default dimensions
feature4239On “Graph Utility View” add the name of and a link to the graph template which the graph is based on
feature4417Support execution of custom functions at poller bottom for remote pollers
feature4754The script ss_fping.php should timeout based on the host
feature4762Allow Package Import to be selective
feature4786Windows install does not support SVG rendering
feature4820When importing, make it possible to only import certain components
feature4841Move the `cactid` function `db_check_reconnect()` to `lib/database.php` for other service oriented scripts
feature4874Add support for Business Hours
feature4890Add multi threading for Poller recache script
feature4899Allow script server to be told when the main database when offline or in recovery
feature4901Make the script server accept arguments in the standard way
feature4902Increase compatibility with MySQL 8.x
feature4907Add lmSensors to the Net-SNMP Device Template
feature4926Allow the user to override Cacti’s built-in Time Zone detection
feature4943Add ability to periodically check RRDfiles for errors in batch
feature4948When security cookie times out, redirection does not always occur properly
feature4955Provide memory tuning based upon MySQL Tuner recommendations
feature4956The function `db_check_reconnect()` should be able to work with any connection
feature4957Add Device Template categories to match the classes of the Package Plugin
feature4965When unlocking a tree, entire page should not need rebuilding
feature4967Make adding Associated Graph Templates and Data Queries easier to use
feature4989Improve table performance by caching ‘Total Rows’ using a hash
feature5009Allow SNMP Value OIDs to be parsed using regular expressions
featureAdding ESXi Device Template
featureUpgrade jQuery to version 3.6.1
featureUpgrade jQueryUI to version 1.13.2
featureUpgrade billboard.js to version 3.6
featureIntroduce exec() function with timeout
Cacti Changelog 1.2.23

Quelle: Cacti® – The Complete RRDTool-based Graphing Solution

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert