Package Release Info

icingaweb2-2.5.3-2.1

Update Info: openSUSE-2018-790
Available in Package Hub : 12 GA-SP5

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

icingaweb2
icingaweb2-common
icingaweb2-icingacli
icingaweb2-vendor-dompdf
icingaweb2-vendor-HTMLPurifier
icingaweb2-vendor-JShrink
icingaweb2-vendor-lessphp
icingaweb2-vendor-Parsedown
icingaweb2-vendor-zf1
php-Icinga

Change Logs

* Mon Jul 16 2018 uhaider.msee15seecs@seecs.edu.pk
- boo#1101357: Fixed missing dependency php-ctype in spec file.
* Tue May 22 2018 dev@stellardeath.org
- Backport of fix for PHP 7.2 (upstream git commit dadd2c80f)
  * 0001-Don-t-call-session_start-after-ini_set.patch
* Fri Apr 27 2018 adamradovits12@hotmail.com
- update to 2.5.3
  + Hotfix
  * This is a hotfix release and addresses an issue with frequent
    delays/timeouts when viewing hosts and services in the front-end.
    (https://github.com/Icinga/icingaweb2/milestone/50?closed=1)
* Fri Apr 27 2018 adamradovits12@hotmail.com
- update to 2.5.2
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/49?closed=1)
* Thu Jan 25 2018 adamradovits12@hotmail.com
- update to 2.5.1
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/47?closed=1)
* Fri Jan 12 2018 ecsos@opensuse.org
- remove addFilter("permissions-directory-setuid-bit") and
  addFilter("non-standard-gid")
* Thu Jan 11 2018 ecsos@opensuse.org
- insert missing requires(pre): user(wwwrun) for Tumbleweed
* Mon Jan 08 2018 ecsos@opensuse.org
- fix rpmlint errors, reduce rpmlint warnings
* Tue Dec 26 2017 jengelh@inai.de
- Remove redundant %clean section. Fix RPM groups.
  Update summaries.
* Mon Dec 11 2017 ecsos@opensuse.org
- drop permissions.d and add BuildRequires nagios-rpm-macros >= 14.0
  to remove setBadness in rpmlintrc
* Wed Dec 06 2017 adamradovits12@hotmail.com
- removed php5-Zendframework dependency
- added icingaweb2-vendor-zf1 package
* Wed Dec 06 2017 adamradovits12@hotmail.com
- update to 2.5.0
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/45?closed=1).
* Wed Oct 18 2017 adamradovits12@hotmail.com
- update to 2.4.2
  + Bugfixes
  * Bug 2965: Transport config: Default port not changing upon auto-submit
  * Bug 2926: Wrong order when sorting by host_severity
  * Bug 2923: Number fields should be valid when empty
  * Bug 2919: Fix cached loading of module config
  * Bug 2911: Acknowledgements are not working without an expiry time
  * Bug 2878: process-check-result Button is visible even when user isn't allowed to use it
  * Bug 2850: Link to acknowledgements is wrong in the timeline
  * Bug 2841: Wrong menu height when switching back from mobile layout
  * Bug 2806: Wrong service state count in hostgroup overview
  * Bug 2805: Response from the Icinga 2 API w/ an empty result set leads to exception
  * Bug 2801: Wrong help text for the director in the icingacli
  * Bug 2784: Module and gravatar images are not served with their proper MIME type
  * Bug 2776: Defaults not respected when acknowledging problems
  * Bug 2767: Monitoring module: Config field protected vars not updated after zeroing config.ini
  * Bug 2728: Gracefully handle invalid Icinga 2 API response types
  * Bug 2718: Hide check attempt for hard states in history views
  * Bug 2716: Web 2 doesn't detect the browser time zone if the time zone offset is negative
  * Bug 2714: icingacli module disable fails on consecutive calls
  * Bug 2695: Macros cannot be used for a navigation item's url-port
  * Bug 2684: [dev.icinga.com #14027] Translation module should not write absolute path to .po files
  * Bug 2683: [dev.icinga.com #14025] Translation module should remove temp files
  * Bug 2661: [dev.icinga.com #13651] Don't offer the Icinga 2 API as transport if PHP cURL is missing
  * Bug 2660: [dev.icinga.com #13649] Make the Icinga 2 API the default command transport
  * Bug 2656: [dev.icinga.com #13627] Wrong count of handled critical service in the hover text
  * Bug 2645: [dev.icinga.com #13539] Improve error handling and validation of multiple LDAP URIs
  * Bug 2598: [dev.icinga.com #12977] Adding an empty user backend fails
  * Bug 2545: [dev.icinga.com #12640] MSSQL ressource not working
  * Bug 2523: [dev.icinga.com #12410] Click on Host in Service Grid can cause "Invalid Filter" error
  * Bug 2519: [dev.icinga.com #12330] Filter editor may show wrong values after searching
  * Bug 2509: [dev.icinga.com #12295] group_name_attribute should be "sAMAccountName" by default
* Wed Oct 04 2017 ecsos@opensuse.org
- make package compatible to php7
* Sun Aug 20 2017 ecsos@opensuse.org
- change spec to use php7 also
* Sat May 27 2017 ecsos@opensuse.org
- fix build error for Tumbleweed
* Wed Feb 22 2017 ecsos@opensuse.org
- rename package icingacli to icingaweb-icingacli
  and make icingacli as Recommends
* Tue Jan 24 2017 ecsos@opensuse.org
- update to 2.4.1
  + Bugfixes
  * Bug 2651: [dev.icinga.com #13607] Displayed times messed up in Icinga Web 2.4.0 w/ PostgreSQL
  * Bug 2654: [dev.icinga.com #13615] Setup wizard: Not possible to setup Icinga Web 2 with an external database
  * Bug 2663: [dev.icinga.com #13691] Hook::all() is broken on CLI
  * Bug 2669: [dev.icinga.com #13735] Setup wizard: Progress bar isn't shown correctly, if setup is at finish step
  * Bug 2681: [dev.icinga.com #13957] Support failover API command transport configuration
  * Bug 2686: Granular module permissions do not work for hooks
  * Bug 2687: Update URLs to icinga.com, remove wiki & update to GitHub
* Wed Dec 14 2016 ecsos@opensuse.org
- update to 2.4.0-2
  + Bugfixes
  * RPM: Fix specfile
  * RPM: Update revision
  * CSS: Reset line-height in the button mixin
- update to 2.4.0
  + Feature
  * Feature 12598 (Authentication & Authorization): Support nested AD groups for Roles and not just login
  * Feature 11809 (Authentication & Authorization): Test and document multiple LDAP-URIs separated by space in LDAP ressources
  * Feature 10616 (Authentication & Authorization): Users w/o administrative permissions should be allowed to change their password
  * Feature 13381 (CLI): Allow to configure the default listen address for the CLI command web serve
  * Feature 11820 (Configuration): Check whether chosen locale is available
  * Feature 11214 (Configuration): Logger: Allow to configure the Syslog Facility
  * Feature 13117 (Framework): Add charset UTF-8 to default content type
  * Feature 12634 (Framework): Possibitlity to fold and unfold filter by click
  * Feature 11198 (Framework): Announce banner
  * Feature 11115 (Framework): Add SSL support to MySQL database resources
  * Feature 8270 (Installation): Add SELinux policy for Icinga Web 2
  * Feature 13187 (Monitoring): Command toolbar in the host and service detail views
  * Feature 12873 (Monitoring): Change default for sticky option of acknowledgements from true to false
  * Feature 12820 (Monitoring): Export detail views to JSON
  * Feature 12766 (Monitoring): Show flapping events in the host and service history views
  * Feature 12764 (Monitoring): Display downtime end even if it hasn't been started yet
  * Feature 12125 (Monitoring): Allow th in plugin output
  * Feature 11952 (Monitoring): Allow changing default of 'sticky' in acknowledgement and other command options
  * Feature 11398 (Monitoring): Send commands over Icinga 2's API
  * Feature 11835 (UI): Add clear button to search field
  * Feature 11792 (UI): Show hint if notifications are disabled globally
  * Feature 11664 (UI): Show git HEAD for modules if available
  * Feature 13461 (Vendor Libraries): Use Icinga's fork of Zend Framework 1 icingaweb2-vendor-zf1
  + Bugfixes
  * Bug 12396 (Authentication & Authorization): Hooks don't respect module permissions
  * Bug 12164 (Authentication & Authorization): REDIRECT_REMOTE_USER not evaluated during external auth
  * Bug 12108 (Authentication & Authorization): assertPermission allows everything for unauthenticated requests
  * Bug 13357 (Configuration): Persistent database resources cannot be made non-persistent
  * Bug 12848 (Configuration): Empty "Protected Custom Variables" falls back to defaults
  * Bug 12655 (Configuration): Permission application/log is not configurable
  * Bug 12170 (Configuration): Adding a DB resource via webinterface requires one to enter a password
  * Bug 10401 (Configuration): LdapUserGroupBackendForm: user_* settings not purged
  * Bug 9804 (Configuration): Renaming the resource used for the config backend does not update the global configuration
  * Bug 11920 (Dashboard): Add to dashboard: wrong url makes whole dashboard unusable
  * Bug 13387 (Documentation): Can't display documentation of disabled modules
  * Bug 12923 (Framework): Navigation Item name must be of type string or NavigationItem
  * Bug 12852 (Framework): Hosts without any services are hidden from roles with monitoring/filter/objects set
  * Bug 12760 (Framework): Do not log exceptions other than those resulting in a HTTP 500 status-code
  * Bug 12583 (Framework): Unhandled exceptions while handling REST requests will silently drop the http response code
  * Bug 12580 (Framework): REST requests cannot be anonymous
  * Bug 12557 (Framework): Module description cannot be on a single line
  * Bug 12299 (Framework): FilterExpression renders a&!b as a=1&b!=1
  * Bug 12161 (Framework): Icinga Web 2 doesn't set Content-Type
  * Bug 12065 (Framework): IniRepository: update/delete not possible with iterator
  * Bug 11743 (Framework): INI writer must not persist section keys with a null value
  * Bug 11185 (Framework): SummaryNavigationItemRenderer should show worst state
  * Bug 10361 (Framework): Handle E_RECOVERABLE_ERROR
  * Bug 13459 (Installation): Setup: Can't view monitoring config summary with Icinga 2 API as command transport
  * Bug 13467 (JavaScript): renderLayout has  side-effects
  * Bug 13115 (JavaScript): actiontable should not clear active row in case there is no newer one
  * Bug 12541 (JavaScript): Menu not reloaded in case no search is available
  * Bug 12328 (JavaScript): Separate vendor JavaScript libraries w/ semicolons and newlines on import
  * Bug 10704 (JavaScript): JS: Always use the jQuery find method w/ node context when selecting elements
  * Bug 10703 (JavaScript): JS: Don't use var self = this, but var _this = this
  * Bug 11431 (Modules): Modules can't require permission on menu items
  * Bug 10870 (Modules): Refuse erroneous module folder names when enabling the module
  * Bug 13243 (Monitoring): Inconsistent host and service flags
  * Bug 12889 (Monitoring): Timeline broken
  * Bug 12810 (Monitoring): Scheduling a downtime for all services of a host does not work w/ the Icinga 2 API as command transport
  * Bug 12313 (Monitoring): Multi-line strings within host.notes are being displayed as single line
  * Bug 12223 (Monitoring): State not highlighted in plugin output if it contains HTML
  * Bug 12019 (Monitoring): Contact view shows service filters with 'Downtime' even if not set
  * Bug 11915 (Monitoring): Performance data: negative values not handled
  * Bug 11859 (Monitoring): Can't separate between SOFT and HARD states in the history views
  * Bug 11766 (Monitoring): Performance data: Fit label column to show as much text as possible
  * Bug 11744 (Monitoring): Empty user groups are not displayed
  * Bug 10774 (Monitoring): Scheduling downtimes for child hosts doesn't work w/ Icinga 2.x (waiting for Icinga 2)
  * Bug 10537 (Monitoring): Filtering with not-equal on custom variable doesn't show hosts without this cv
  * Bug 7755 (Monitoring): Remove autosubmit in eventgrid
  * Bug 12133 (Navigation): Username and password not being passed in navigation item URLs
  * Bug 12776 (Print & Export): dompdf fails when border-style is set to auto
  * Bug 12723 (Print & Export): Allowed memory size exhausted when exporting the history view to CSV
  * Bug 12660 (QA): Choosing the Icinga theme floods the log with error messages
  * Bug 12774 (UI): Lot's of <span style="visibility:hidden; display:none;"></span> in Output
  * Bug 12134 (UI): Copy and paste: Plugin output contains unicode zero-width space characters
  * Bug 10691 (UI): Closing the detail area does not update the rows selected counter
  * Bug 13095 (Vagrant VM): TicketSalt constant missing
  * Bug 12717 (Vagrant VM): PluginContribDir constant removed during vagrant provisioning
* Fri Jul 15 2016 ecsos@opensuse.org
- add minimum version 1.12.18 to ZendFramwork,
  because of Bug #655: ZF2015-08 breaks binary data
  https://github.com/zendframework/zf1/issues/655
Version: 2.11.4-bp155.1.5
* Thu Jan 26 2023 ecsos <ecsos@opensuse.org>
- Update to 2.11.4
  * Notable Fixes
  - Add/Edit dashlet not possible #4970
  - Custom library path + custom library, without slash in its
    name, results in exception #4971
  - Reflected XSS vulnerability in User Backends config page #4979
    See: https://github.com/Icinga/icingaweb2/milestone/78?closed=1
- Add icingaweb2-additions.tar.gz with source from version 2.11.3
  because upstream has removed packages and etc source dir and files.
  See: https://github.com/Icinga/icingaweb2/pull/4964
* Wed Dec 14 2022 ecsos <ecsos@opensuse.org>
- Update to 2.11.3
  This is a security release.
  * Minor to Medium Vulnerabilities
  - Open Redirects for logged in users #4945
  - SSH Resource Configuration form XSS Bug #4947
  - Dashlets allow the user to run Javascript code #4959
  - Role member suggestion endpoint is reachable for unauthorized
    users #4961
  * The More Usual Dose of Fixes
  - Browser print dialog result broken #4957
  - Shared navigation items are not accessible #4953
  - While using dropdown filter menu it gets closed automatically
    due to autorefresh #4942
* Tue Nov 08 2022 ecsos <ecsos@opensuse.org>
- Update to 2.11.2
  It brings performance improvements and general fixes.
  Most notable of which are that having e.g. notifications disabled
  globally is now visible in the menu again and that the event
  history is grouped by days again.
  See: https://github.com/Icinga/icingaweb2/milestone/76?closed=1
* Thu Jul 07 2022 ecsos <ecsos@opensuse.org>
- Update to 2.11.1
  This update's main focus is to solve the issue that all history
  views didn't work correctly or showed invalid time and dates. (#4853)
* Fri Jul 01 2022 ecsos <ecsos@opensuse.org>
- Update to 2.11.0
  * Enhancements, Some
  - Support for PHP 8.1 #4609
  - Redesign User Menu #4651
  - &showFullscreen suppresses announcements #4596
  * Fixes, More
  - Navigation item filter * not working #4772
  - Objects with a * in the name are not found #4682
  - Theme mode switch disabled on theme with mode support #4744
  * When developers become cleaning maniacs
  - User preferences in INI files not supported anymore #4765
  - mysql: use of utf8 vs utfmb4 #4680
  - Remove Vagrant file and its assets #4762
* Thu Jun 30 2022 ecsos <ecsos@opensuse.org>
- Update to 2.10.3
  This release mainly ensures compatibility with icinga-php-library
  v0.9.0 and Icinga DB Web 1.0.0. Two fixes regarding the theme
  mode support are also included (#4744 and #4835)
* Wed Apr 06 2022 ecsos <ecsos@opensuse.org>
- Update to 2.10.1
  - Clicking anywhere on a list item in the dashboard now opens the
    primary link again, instead of nothing #4710
  - The Check Now and Remove Acknowledgement quick actions in an
    object's detail header are now working again #4711
  - Clicking on the big number in the tactical overview if there
    are UNKNOWN services, shows UNKNOWN services now #4714
  - The contrast of text in the sidebar, while in light mode,
    has been increased #4720
  - A theme without mode support, which is set globally,
    now also prevents users from configuring the mode #4723
- Drop 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch,
  because now in upstream.
* Wed Mar 30 2022 ro@suse.de
- add 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch
  taken from upstream PR 4721 fixing mouseover for list items
  to make checks selectable again
* Thu Mar 24 2022 ecsos <ecsos@opensuse.org>
- Update to 2.10.0
  Release information see: https://github.com/Icinga/icingaweb2/releases
  Fixed issues see: https://github.com/Icinga/icingaweb2/milestone/63?closed=1
* Tue Mar 08 2022 ecsos <ecsos@opensuse.org>
- Update to 2.9.6
  * Security Fixes
    Please check the advisories on GitHub for more details.
  - Path traversal in static library file requests for
    unauthenticated users GHSA-5p3f-rh28-8frw
  - SSH resources allow arbitrary code execution for
    authenticated users GHSA-v9mv-h52f-7g63
  - Unwanted disclosure of hosts and related data, linked to
    decommissioned services GHSA-qcmg-vr56-x9wf
* Mon Nov 22 2021 ecsos <ecsos@opensuse.org>
- Update to 2.9.5
  * This is a hotfix release which fixes the following issues:
  - Some detail views of Icinga Director and other modules are
    broken with Web 2.9.4 #4598
  - Error on skipping LDAP Discovery #4603
* Wed Nov 10 2021 ecsos <ecsos@opensuse.org>
- Update to 2.9.4
  * Broken Preference Configuration
  - Config/Preferences not accessible without config.ini #4504
  - "My Account" broken after Upgrade from 2.8.2 to 2.9.3 #4512
  * Notable Fixes in the UI
  - Proposal for new Feature make comments collapsible #4515
  - new line character is being removed in the plugin output #4522
  * Less Notable But No Less Important Fixes
  - announcements request clears focus #4543
  - js: Fix regression for loading dependent modules for sub-containers #4533
- Changes from 2.9.3
  * Staying remembered on RHEL/CentOS 7 now possible
  - Stay Logged In - Unknown cipher algorithm #4493
  * Missing icons with SLES/OpenSUSE 15
  - Missing fileinfo php extension on SLES/OpenSUSE 15+ #4503
  * Child downtimes for services are now removed automatically
  - If appropriate, set the API parameter all_services for schedule-downtime #4501
- Changes from 2.9.2
  This is a hotfix release. v2.9.1 included a change that wasn't
  compatible with PostgreSQL again. This has been fixed in this
  release. (#4490)
- Changes from 2.9.1
  * Pancakes everywhere
  - Nested custom variables are flattened #4439
  - Disable login orb animation and all orbs for themes #4468
  - SVG chart library doesn't process input as UTF-8 #4462
  * Staying remembered too difficult
  - RememberMe not working with only PostgreSQL #4441
  - RememberMe compatibility with php version 5.6+ #4472
  - RememberMe fails after running the wizard for grants #4434
  * Being picky pays off
  - Datetimepicker not usable by keyboard #4442
  - Close the datepicker automatically #4461
  - Paragraphs in Acknowledge/Downtime not possible #4443
- Changes from 2.9.0
  * Icinga DB
  - We continue our endeavour soon. Icinga Web 2 is still a
    crucial part of it and this update is again required for
    Icinga DB. If you like to participate again, don't forget
    to update Icinga Web 2 as well.
  * Security Fixes
    This release includes two security related fixes. Both were
    published as part of a security advisory on Github. They allow
    the circumvention of custom variable protection rules and
    blacklists as well as a path traversal if the doc module is
    enabled. Please check the respective advisory for details.
  - Custom variable protection and blacklists can be circumvented GHSA-2xv9-886q-p7xx
  - Possible path traversal by use of the doc module GHSA-cmgc-h4cx-3v43
  * RBAC, The Elephant In Icinga Web 2
  - Authorization enhancements #4306
  - Audit View #4336
  - Highlight modules with permissions set inside a role #4241
  * Support for PHP 8
  - Support PHP 8 #4289
  - Raise minimum required PHP version to 7.3 #4397
  * Stay, Be Remembered
  - Implement a "remember me" feature #2495
  * It Does Matter, When
  - Add datetime picker widget #4354
  - Expire Option for Comments #3447
  - Custom defaults for downtime end, comment and duration #4364
* Wed Nov 10 2021 ecsos <ecsos@opensuse.org>
- Update to 2.8.5
  No changelog from upstream.
* Tue Jul 27 2021 ecsos <ecsos@opensuse.org>
- Update to 2.8.4
  - This release only contains a single fix for flattened custom
    variables. #4439
* Mon Jul 12 2021 ecsos <ecsos@opensuse.org>
- Update to 2.8.3
  * Security Fixes
    This release includes two security related fixes.
    Both were published as part of a security advisory on Github.
    They allow the circumvention of custom variable protection
    rules and blacklists as well as a path traversal if the doc
    module is enabled. Please check the respective advisory for
    details.
  - Custom variable protection and blacklists can be circumvented
    GHSA-2xv9-886q-p7xx
  - Possible path traversal by use of the doc module
    GHSA-cmgc-h4cx-3v43
* Fri Nov 27 2020 ecsos <ecsos@opensuse.org>
- Expand README.SUSE.
* Thu Nov 26 2020 ecsos <ecsos@opensuse.org>
- Add missing requires php-curl, php-imagick.
- Add a2enmod mod_php and mod_rewrite at post section.
* Sat Aug 22 2020 ecsos <ecsos@opensuse.org>
- Update to 2.8.2
  Notice: This is a security release.
    It is recommended to immediately upgrade to this release.
  You can find all issues related to this release on the respective
  milestone.
  * Path Traversal Vulnerability
    The vulnerability in question allows an attacker to access
    arbitrary files which are readable by the process running
    Icinga Web 2. Technical details can be found at the
    corresponding CVE-2020-24368 and in the issue below.
  - Possible path traversal when serving static image files #4226
  * Broken Negated Filters with PostgreSQL
    We've also included a small non-security related fix. Searching
    for e.g. servicegroup!=support leads to an error instead of the
    desired result when using a PostgreSQL database.
  - Single negated membership filter fails with PostgreSQL #4196
* Mon Jun 29 2020 ecsos <ecsos@opensuse.org>
- Update to 2.8.1
  * Case Sensitivity Problems
    A fix in v2.8.0 led to users being not able to login if they
    got their username's case wrong. A hostgroup name's case has
    also been incorrectly taken into account despite using a CI
    labelled column in the servicegrid and other lists.
  - Login usernames now case sensitive in 2.8 #4184
  - Case insensitive hostgroup filter in service grid not working
    [#4178]
  * Issues With Numbers
    An attempt to avoid misrepresenting environments in the
    tactical overview had an opposite effect by showing negative
    numbers. Filtering for timestamps in the event history also
    showed no results because our filters couldn't cope with plain
    numbers anymore.
  - Tactical overview showing "-1 pending" hosts #4174
  - Timestamp filters not working correctly in history views
    [#4182]
* Mon Jun 08 2020 ecsos <ecsos@opensuse.org>
- Update to 2.8.0
  * Icinga DB
    It's happening. Yes. Our latest achievement is now available
    for those who are willing to participate in this enormous
    endeavour. Icinga Web 2 is also a crucial part of it and
    accompanies the first release of Icinga DB. If you like to
    participate, don't forget to update Icinga Web 2 as well.
  * Support for PHP 7.4 and MySQL 8
    We also made sure that you won't be disappointed by Icinga Web 2
    if you're running PHP 7.4 or trying to access a MySQL database
    with version 8+. These should pose no issues anymore now. But
    if you still somehow managed to get issues please let us now
    and we'll fix it asap.
  - Exceptions with MySQL 8 #3740
  - Support for PHP 7.4 #4009
  * Find What You Search For
    It's been previously not possible to properly filter for range
    values. This was especially true for custom variables where,
    if you searched for e.g. _host_interfaces>=20, you wouldn't
    find the correct results. If you often copy some values in our
    search fields you may also been a victim of extraneous spaces
    which are now automatically trimmed.
  - Filter: more/less than doesn't seem to working #3974
  - Search object followed by a space finds no results #4002
  * Don't Leave Your Little Sheep Unattended
    It's time again to further restrict your users. It's now
    possible to completely block any access to contacts and
    contactgroups for specific roles. These won't ever see again
    who's notified and who's not. Also, if you are using single
    accounts for a group of people you can now disable password
    changes for those.
  - Prohibit access to contacts and contactgroups #3973
  - Allow to forbid password changes on specific user accounts #3286
  * In and Out, Access Control Done Right
    While we have no burgers but cookies you are nevertheless
    welcome to visit Icinga Web 2. And now you can also successfully
    leave while being externally authenticated and unsuccessfully
    enter while being unable to not add extraneous spaces to your
    username.
  - External logout not working from the navigation dashboard #3995
  - Username with extraneous spaces are not invalid #4030