Version: 1.1.38-2.1
* Fri Jul 13 2018 uhaider.msee15seecs@seecs.edu.pk
-Fixed missing packages php-json, php-ctype, and php-gd in cacti.spec. bsc#1101024
-Fixed Apache2.4 and Apache2.2 runtime configuration issue. bsc#1101139
* Mon Apr 16 2018 liedke@rz.uni-mannheim.de
-Build version 1.1.38
- issue#1501: cmd.php poller not stripping alpha from snmp get values
- issue#1515: Special characters not rendered properly in settings
- issue#1530: Inconsistent behaviour handling blank Field Name/Value
when editing data query suggested values
- issue#1537: Numeric validation not ignoring blank elements
* Mon Mar 26 2018 liedke@rz.uni-mannheim.de
- Change minimum php version to 5.4
-Build version 1.1.37
- issue#274: Allow Realtime Graph Popup Mode
- issue#1405: When Data Query columns are wide, they cause rendering
issues
- issue#1414: DSSTATS reports incorrectly that a data source does not
exist
- issue#1419: Filtering log results in errors in the log
- issue#1420: PHP NOTICE editing cdef and vdef items
- issue#1421: CLI upgrade_database.php PHP Warning on execution
- issue#1426: Remote poller erroring attempting to verify files
- issue#1432: Delete confirmation does not disappear
- issue#1443: Partial Save warnings under Settings -> Mail/Reporting/DNS
- issue#1447: CLI audit_database.php not detecting database name, and
failed to create audit tables when run fresh
- issue#1453: CLI add_graph.php not allowing title to be set
- issue#1456: Increase minimum php version maintaining support for RHEL6
- issue#1457: Path-Based Cross-Site Scripting (XSS) issues
- issue#1458: Error in logs when creating new graphs
- issue#1459: Automation filter not applied correctly
- issue#1461: Setting output_format on input type causes no values to be
returned
- issue#1464: Poller stuck in infinitely loop causing excess logging
- issue#1466: No scrollbars in mobile browsers
- issue#1468: Increase max length of host.snmp_sysObjectID column
- issue#1471: Undefined function found in global_languages.php
- issue#1472: Change Device Options - Style needs updating
- issue#1474: Check possibility for creation of temporary tables on install
- issue#1487: Undefined constant in ldap.php
- issue#1483: Create New Graphs - Paw Styling Issue
- issue#1493: Can't create tree branches with '#' sign
- feature#1489: Add ability to use parts of OID as value via regex
- feature: Updated Chinese Simplified translations
- feature: Updated Dutch translations
- feature: JavaScript library Chart.js updated 2.7.2
- feature: Allow snmp formatting functions to detect UTF-8 output
* Mon Feb 26 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.36
- issue#934: Template names missing in graph management list
- issue#1211: CDEF and VDEF Item Edit do not use correct procedures
- issue#1250: Language support does not support localization properly
- issue#1331: Log Rotation should occur at midnight on system
- issue#1334: Console->Users->(Edit) Permissions checkmark descriptions
missing
- issue#1336: Debian test suite reports php error
- issue#1338: Allow automation to be run in debug mode from GUI
- issue#1339: First graph of second page does not render
- issue#1340: Unable to open Time Graph View in new tab
- issue#1348: Toggle context menu of Zoom
- issue#1351: Errorimage does not render on systems without GD ttf support
- issue#1353: New installation without config.php silently throws errors
- issue#1355: Single tree can have the order of the tree changed
- issue#1357: Data Profile disable fields shown temporarily as editable
- issue#1359: Settings page generates error for removed plugin tab
- issue#1362: DSStats Avg/Peak function broken due to change in RRDtool
processing
- issue#1365: Plugin Management enforce folder name
- issue#1366: Improve error/info message display
- issue#1380: Potential failure when updating script type
- issue#1384: When installing/enabling plugins, current user and admin should
get permissions
- issue#1386: form_selectable_cell() ignores width if no style_or_class is
passed
- issue#1389: Poller is including plugins that are not installed
- issue#1390: Plugin uninstall should prompt user before removal
- issue#1396: Prevent installation/uninstallation of a plugin if dependency
is present
- issue#1397: Distinguish between plugin tabs and core tabs in settings
- issue: Allow dynamic setting of from name when emailing
- issue: Data Query Cache filter layout more consistent
- issue: Minor plugin permissions format change
- issue: Implementation of error handling causes errors creating New Graphs
- issue: Deprecated DDStats setting removed
- issue: Graph context menu items are now context aware
- issue: Validate spine path before allowing enabling of spine
- issue: Errored settings fields now highlighted correctly on error
- issue: Add the Default Device to the Default Tree at install time
- issue: Secpass password verification error message unuseful
- feature: Searching of SNMP Index in View Data Query Cache now works
- feature: Presets now have default device Template
- feature: JavaScript library c3.js updated (v0.4.21) / jstree.js (3.3.5)
- feature: PHPSecLib updated 2.0.10
- feature: Updated Dutch translations
* Mon Feb 12 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.35
- issue#114: *all_max_peak* percentile calculations incorrect
- issue#430: Pressing Back often fails to work as expected
- issue#564: Fail to move items in graph template as desired
- issue#981: Hyperlinks for Data Profile stats
- issue#993: Realtime not working on remote pollers for certain data query
- issue#1244: Errors importing templates with deprecated hashes
- issue#1251: Allow zoom out through mouse mmiddle button
- issue#1281: Max OIDs setting is for bulkget and not bulkwalk operations
- issue#1286: Correct CHUNKED_ENCODING error when retrieving graph with
some browsers
- issue#1306: Graphs are not always refreshed properly
- issue#1309: Provide meaningful authentication errors in graph_json.php
and graph_image.php
- issue#1310: Return button fails on change password page
- issue#1315: Realtime not working on local data collector
- issue#1316: CDEF Item Value dialog does not update creating items
- issue#1319: Front end + remote poller - connection timeout issue
- issue#1321: Use RRDtool pipelining functions within DSSTATS
- issue#1323: Enhance form layout for readability
- issue#1329: Spelling errors in automation_networks.php
- issue: Validate regular expressions if specified in add_graphs.php
- issue: Ensure compression levels are consistent when importing package
* Tue Feb 06 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.34
issue#1040: PHP version 7.2 - ERROR PHP WARNING: sizeof()
issue#1195: Improved Javascript error message handling
issue#1245: Unable to reorder graph name suggested values
issue#1256: Error reporting of custom errors not displayed correctly
issue#1257: Boost excessively logging updates
issue#1258: cacti.sql updated to match expected schema
issue#1260: Tab images fail to render due to TrueType support in PHP GD Module
issue#1261: Automatic logout timeout does not apply to web basic authenication
issue#1263: CLI utility to validate database schema
issue#1266: Inconsistent usage graphWrapper CSS causes odd graph zoom behavior
issue#1268: Regex filters not working properly
issue#1274: Host CPU script checks value existance to avoid error
issue#1275: SNMP v3 authPriv fails to work
issue#1287: JSON calls return validation error in HTML format
issue#1289: Script Server should output parameter array rather than parameters
issue#1292: Chrome to aggressively caches Javascript files
issue#1293: Correctly identify if command 'snmpbulkwalk' is available
issue#1296: CactiErrorHandler does not ignore PHP suppressed errors
issue#1300: Automation discovery : New devices added by automation discovery
have empty SNMP community field
issue#1302: Automatic logout should not be enforced on login page
issue#1304: mib_cache.php file contains unsafe transactions for binary logging
feature: CLI utilily to generate and verify file hashes for installed Cacti
files
feature: Logging links back to appropriate areas for troubleshooting
feature: Logging lists filenames in reverse order
* Tue Jan 23 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.33
- issue#1253: Automatically generated RRDtool DEF names in Cacti
1.1.32 break existing Graph Templates
* Mon Jan 22 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.32
- issue#969: Undefined index: color_id / task_item when viewing graphs
- issue#1166: Fix typo of 'locale' in global_languages.php
- issue#1222: Graphs with large number of items causes RRDTool to error
- issue#1230: PHP Fatal error: Call to undefined function
get_max_tree_sequence()
- issue#1238: SNMP functions fail to handle "Invalid object identifier"
error
- issue#1239: Browser console error in layout.js
- issue#1240: Page layout issues caused by library update
- issue#1246: Make SNMP Error return more info
- issue: Missing or corrupted theme files can corrupt user settings
- issue: Theme may not change until next login
- issue: Tree edit Tree/Device/Graph drag areas incorrect
- issue: Make callback error handling compatible with jQuery 3.x
- issue: Ensure the snmp_error is cleared before every call
- issue: Indicate unknown error when RRDTool returns no error message
- feature: Update Javascript library: js.storage.js, d3.js, jquery.js,
jquery.tablednd.js, jquery.timepicker.js
* Wed Jan 17 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.31
- issue#629: Site reload after delete the last letter in the searchbar
- issue#1022: Discovery network stuck in "running" state does not
return results
- issue#1164: Version compare function fails on major/minor only
versions
- issue#1166: Invalid New User default language selection
- issue#1175: Automatic logout inconsistent redirect
- issue#1179: Warn during installation if installing moving to older
version
- issue#1183: Automatically detect missing Theme and use alternate
- issue#1185: Layout with Graphs having large number of data columns
- issue#1189: Allow ability to sort tree list by name asc/desc
- issue#1190: Enabling, Disabling, Uninstalling plugin, you should
page refresh
- issue#1191: Tree sequences were not set or checked
- issue#1197: Add more collection intervals to Data Source Profiles
- issue#1206: Display issue with internationalization number format
- issue#1210: CDEF and VDEF Items can not be properly edited
- issue#1212: Navigation breadcrumbs fail to handle External links
correctly
- issue#1213: PHPMailer trying TLS despite SMTPSecure setting
- issue#1215: Show version when installation prompts for license
- issue#1217: Add ability to view/edit Input/Query when editing
Data Template
- issue: Named colors fail to import on install or upgrade
- issue: Drag and Drop issues on multiple pages could corrupt
sequencing
- feature: Enhance filter to permit more glyphs for table headers
- feature: Add a page refresh dropdown to the Automation Networks
- feature: Enhanced SNMP v3 input forms
- feature: Allow Trees to be rearranged using Drag and Drop
- feature: Trap GUI callback errors and present error message
* Thu Jan 04 2018 liedke@rz.uni-mannheim.de
- Build version 1.1.30
- issue#1155: Non-secure mail setting not functional due to changes
in phpmailer
- issue#1157: Resolve issue with branch permission api
- issue#1158: Change CLOG to use regex replacement so line details
are not mangled
- issue#1161: Graph View regex's are not preserved during automatic
page refresh
- issue#1162: Error messages are not display when editing a user
- issue#1166: Default language was not correctly set when editing a
user
- issue: basename function undefined during upgrade to 1.0.x
- issue: Storage API and translations required for Change password
function
- issue: ALTER IGNORE still throws an error when attempting to drop
the primary key
- issue: Data Source profile form API generates error when system is
half upgraded
- issue: Resolve issue with importing packages
- feature: Update package versions for Cacti version 1.1.29
* Wed Dec 27 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.29
- issue#871: Allow Nth Percentile and Bandwidth Summation to respect
'Base Value' in template
- issue#965: Duplicate error message and incorrect error code when
using LDAP authentication
- issue#1084: Graph Tree Branch not properly populating when editing
report item
- issue#1104: Datetime formatting in developer debug mode incorrect
- issue#1106: Template Filters has empty row
- issue#1109: URL used in redirection when referrer already has
parameters in it
- issue#1110: Add CPU Total to 'SNMP - Get Processor Information'
- issue#1111: PHP NOTICE when using LDAP authenication
- issue#1116: Filters not allowing "None" or "All" when editing
report item
- issue#1119: Reduced amount of data fetched for CPU usage to just
the data used
- issue#1121: Bandwidth summation not using correct locale
- issue#1122: Fix issue with local login / potential password problems
- issue#1128: Resolve php warning when raising messages
- issue#1130: Fix logging level issue where logs of same level as setting
where not logged
- issue#1131: Make upgrade_database.php use same version compare as
/install/ system
- issue#1133: Fix issues with variable name and debug log
- issue#1141: When viewing graphs from list view, pagination causes list
view filter to be cleared
- issue#1143: ss_host_cpu.php - Division by zero / Invalid Return Value
- issue#1146: Installation now checks URI path matchs with configuration
option URL_PATH
- issue: Updated Graph pagenation and filter reset
- issue: Resolve issues with cacti_version_compare() processing
- issue: Zoom context menu stays open after zoom out actions
- issue: Paginator object was not always translated
* Mon Nov 20 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.28
- issue#958: User Group Tree permissions not calculated fully
- issue#959: Issue viewing email reports due to email client
decoding problems
- issue#992: RRDfile naming issues that result from random sorting
during export
- issue#1012: Issue where disabled devices will not appear in
Tree editor
- issue#1044: Handle invalid exclusion regex properly when viewing
the log
- issue#1045: Issue with multiple pages and confirmation dialogs
- issue#1048: Problem importing vdefs from templates
- issue#1053: Remote Data Collector now works with https and self
signed certificates
- issue#1055: Errors in data source statistics inserts when invalid
output is encountered
- issue#1057: CVE-2017-16641 - Potential vulnerability in RRDtool
functions boo#1067166
- issue#1058: ICMP Ping to and IPv6 address fails to gather data for
ping latency
- issue#1059: Aggregate item filter should use regular expressions to
avoid SQL errors due to flawed filter logic
- issue#1064: When a Device Template is removed, Automation Templates
for that Device Template remain
- issue#1066: CVE-2017-16660 in remote_agent.php logging function
boo#1067164
- issue#1066: CVE-2017-16661 in view log file boo#1067163
- issue#1071: CVE-2017-16785 in global_session.php Reflection XSS
boo#1068028
- issue#1074: Boost records get stuck in archive
- issue#1079: Undefined index in lib/snmpagent.php
- issue#1085: Undefined function html_log_input_error
- issue#1086: Rerun data queries in automation process has no effect
- issue#1087: cli/add_device.php --proxy option does not work with non-snmp
devices
- issue#1088: Set timeout for remote data collector context
- issue: Minor performance increase in boost processing
- issue: Poller output not empty not processed correctly on Log tab
- feature: Timeout to the remote agent for realtime graphs
- feature: Updated Dutch translations
- feature: Database update adding additional indexes for increased
performance
- feature: Updated PHPMailer to version 5.2.26
- feature: Updated phpseclib to version 2.0.7
* Mon Oct 23 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.27
- issue#1033: Issues inserting into dsstats table due to legacy data
- issue#1039: Using html_escape still double escapes. Use strip_tags
instead
- issue#1040: Resolving compatibility issue with PHP7.2
* Mon Oct 16 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.26
- issue#841: --input-fields variable not working with add_graphs.php
cli
- issue#986: Resolve minor appearance problem on Modern theme
- issue#989: Resolve issue with data input method commands loosing
spaces on import
- issue#1000: add_graphs.php not recognizing input fields
- issue#1003: Reversing resolution to Issue#995 due to adverse impact
to polling times
- issue#1008: Remove developer debug warning about thumbnail validation
- issue#1009: Resolving minor issue with cmd_realtime.php and a changing
hostname
- issue#1010: CVE-2017-15194 - Path-Based Cross-Site Scripting (XSS)
- issue#1027: Confirm that the PHP date.timezone setting is properly set
during install
- issue: Fixed database session handling for PHP 7.1
- issue: Fixed some missing i18n
- issue: Fixed typo's
- feature: Updated Dutch translations
- feature: Schema changes; Examined queries without key usage and
added/changed some keys
- feature: Some small improvements
- Build version 1.1.25
- issue#966: Email still using SMTP security even though set to none
- issue#995: Redirecting exec_background() to dev null breaks some
functions
- issue#998: Allow removal of external data template and prevent their
creation
- issue: Remove spikes uses wrong variance value from WebGUI
- issue: Changing filters on log page does not reset to first page
- issue: Allow manual creation of external data sources once again
- feature: Updated Dutch translations
* Mon Sep 18 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.24
- issue#932: Zoom positioning breaks when you scroll the graph page
- issue#970: Remote Data Collector Cache Synchronization missing
plugin sub-directories
- issue#980: Resolve issue where a new tree branches refreshs before
you have a chance to name it
- issue#982: Data Source Profile size information not showing properly
- issue: Long sysDescriptions on automation page cause columns to
be hidden
- issue: Resolve visual issues in Classic theme
- feature: Allow Resynchronization of Poller Resource Cache
* Tue Sep 12 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.23
issue#963: SQL Errors with snmpagent and MariaDB 10.2
issue#964: SQL Mode optimization failing in 1.1.22
- Build version 1.1.22
issue#950: Automation - New graph rule looses name on change
issue#952: CSV Export not rendering chinese characters correctly
(Second attempt)
issue#955: Validation error trying to view graph debug syntax
issue: MySQL/MariaDB database sql_mode NO_AUTO_VALUE_ON_ZERO
corrupts Cacti database
issue: When creating a data source, the data source profile does
not default to the system default
feature: Enhance table filters to support new Cycle plugin
feature: Updated Dutch Translations
* Tue Sep 05 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.21
issue#938: Problems upgrading to 1.1.20 with one table alter
statement
issue#952: CSV Export not rendering chinese characters correctly
issue: Minor alignment issue on tables
- Build version 1.1.20
issue#920: Issue with scrollbars after update to 1.1.19 related
to #902
issue#921: Tree Mode no longer expands to accomodate full tree
item names
issue#922: When using LDAP domains some setings are not passed
correctly to the Cacti LDAP library
issue#923: Warninga in cacti.log are displayed incorrectly
issue#926: Update Utilities page to provide more information on
rebuilding poller cache
issue#927: Minor schema change to support XtraDB Cluster
issue#929: Overlapping frames on certain themes
issue#931: Aggregate graphs missing from list view
issue#933: Aggregate graphs page counter off
issue#935: Support utf8 printable in data query inserts
issue#936: TimeZone query failure undefined function
issue: Taking actions on users does not use callbacks
issue: Undefined constant in lib/snmp.php on RHEL7
issue: Human readable socket errno's not defined
issue: Audit of ping methods tcp, udp, and icmp ping. IPv6 will still
not work till php 5.5.4
* Mon Aug 21 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.19
issue#810: Scripts in packages don't match distribution
issue#919: Unable to upgrade to 1.1.18
issue: Update documentation for minimum PHP 5.4
- Build version 1.1.18
issue#902: Correcting some issues with Console and External Links
issue#903: Upgrade pace.js to v0.7.8
issue#904: Allow user to hide Graphs from disabled Devices
issue#906: Create a separate Realm for Realtime Graphs
issue#907: XSS issue in spikekill.php
CVE-2017-12927 bsc#1054390
issue#910: Boost last run duration generates an error on new install
issue#914: Unable to purge Cacti logfile from System Utilities
issue#915: Non-numeric data in ss_host_disk.php
issue#916: Resolve display of errors when encountering ldap issues
issue#918: Minor XSS and create generalized escape function
CVE-2017-12978 bsc#1054742
issue: Resolve JavaScript errors on Login page
issue: Resolve JavaScript errors on Permission Denied pages
issue: Graphs tab would appear in non-classic even if you did not
have permissions
feature: Updated dutch translations
* Tue Aug 15 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.17
issue#450: List View to Preview shows no results
issue#486: Export Device table results to CSV
issue#544: Allow Log Rotation to be other than Daily
issue#673: Downtime/Recovery time/date is set incorrectly
issue#819: Customized timespans for graphs
issue#888: Rebuilding Poller Cache when External data sources are
present results in false positive warnings in the log
issue#891: Database.php unable to connect to MySQL when using port
different than 3306
issue#893: Warning messages when duplicating CDEF objects
issue#897: Due to browser use of special key, deprecate ctrl-shift-x
for clearing filter
issue#898: Issue with tcp and udp ping due to file description
allocation changes
issue: Unable use ipv6 ip addresses for snmp ping in the Cacti GUI
issue: Update language of the Rebuild Poller Cache menu pick
issue: Broken design for input controls with Sunrise theme
issue: Timespan switching not switching to Custom in Preview Mode
issue: Log rotation would not occur under certain conditions.
Provide more control over log functions
issue: Purge log file always purged the cacti.log, not the selected
log
issue: Unable to view graphs for errored data sources from Cacti log
* Tue Aug 01 2017 liedke@rz.uni-mannheim.de
- Build version 1.1.16
issue#865: Escape Data Query arguments to prevent issues with
special characters
issue#872: Can't add device items to graphs generated with no
device and no template
issue#875: When modifying Realm permissions, realms that are
listed multiple times don't stay in sync
issue#877: Improving resolution to issue#847 and one additional
vulnerability
CVE-2017-12065 bsc#1051633
issue#878: Ambiguous language in purge log function
issue#879: SQL Error when adding a report item to a report
issue#880: Device drop down is limited to 20 devices and lacks
a scroll bar
issue#885: Graph generated with no device and no graph template
forgets device definitions
issue#886: Unable to export templates other than Device templates
issue: Address additional corner cases around get_order_string usage
issue: Data Queries sharing a Data Source can result in poller
output table not empty errors
issue: Fix Sunrise theme to properly theme multiselect widgets
issue: Increase height of multiselects so that more options are
visible
issue: When a graph is locked, anchor tags are still functional