icingaweb2-2.6.2-bp151.3.8

- update to 2.6.2
  You can find issues and features related to this release on our Roadmap.
  This bugfix release addresses the following topics:
  * Database connections to MySQL 8 no longer fail
  * LDAP connections now have a timeout configuration which defaults to 5 seconds
  * User groups are now correctly loaded for externally authenticated users
  * Filters are respected for all links in the host and service group overviews
  * Fixed permission problems where host and service actions provided by modules were missing
  * Fixed an SQL error in the contact list view when filtering for host groups
  * Fixed time zone (DST) detection
  * Fixed the contact details view if restrictions are active
  * Doc parser and documentation fixes
- Fix security issues:
    boo#1119784 (CVE-2018-18246) and
    boo#1119785 (CVE-2018-18247) and
    boo#1119799 (CVE-2018-18249) and
    boo#1119800 (CVE-2018-18250) and
    boo#1119801 (CVE-2018-18248)

- Use current spec file from upstream.
- Insert missing things from old spec file in new upstream spec file.
- Remove setuid from new upstream spec file for following dirs:
  /etc/icingaweb2,
  /etc/icingaweb/modules,
  /etc/icingaweb2/modules/setup,
  /etc/icingaweb2/modules/translation,
  /var/log/icingaweb2

- Add README.SUSE.

- update to 2.6.1
  - You can find issues and features related to this release on our
    [Roadmap](https://github.com/Icinga/icingaweb2/milestone/51?closed=1).
  - The command audit now logs a command's payload as JSON which fixes
    a [bug](https://github.com/Icinga/icingaweb2/issues/3535)
    that has been introduced in version 2.6.0.

- updatet to 2.6.0
  You can find issues and features related to this release on our Roadmap.
  * Enabling you to do stuff you couldn't before
  - Support for PHP 7.2 added
  - Support for SQLite resources added
  - Login and Command (monitoring) auditing added with the help of a dedicated module
  - Pluginoutput rendering is now hookable by modules which allows to render custom icons, emojis and .. cute kitties :octocat:
  * Avoiding that you miss something
  - It's now possible to toggle between list- and grid-mode for the host- and servicegroup overviews
  - The servicegrid now supports to flip its axes which allows it to be put into a landscape mode
  - Contacts only associated with services are visible now when restricted based on host filters
  - Negated and combined membership filters now work as expected (#2934)
  - A more prominent error message in case the monitoring backend goes down
  - The filter editor doesn't get cleared anymore upon hitting Enter
  * Making your life a bit easier
  - The tactical overview is now filterable and can be safely put into the dashboard
  - It is now possible to register new announcements over the REST Api
  - Filtering for custom variables now works in UTF8 environments
  * Ensuring you understand everything
  - The monitoring health is now beautiful to look at and properly behaves in narrow environments
  - Updated German localization
  - Updated Italian localization
  * Freeing you from unrealiable things
  - Removed support for PHP < 5.6
  - Removed support for persistent database connections
- Drop 0001-Don-t-call-session_start-after-ini_set.patch,
  because now in upstrem

- Update to 2.11.4
  * Notable Fixes
  - Add/Edit dashlet not possible #4970
  - Custom library path + custom library, without slash in its
    name, results in exception #4971
  - Reflected XSS vulnerability in User Backends config page #4979
    See: https://github.com/Icinga/icingaweb2/milestone/78?closed=1
- Add icingaweb2-additions.tar.gz with source from version 2.11.3
  because upstream has removed packages and etc source dir and files.
  See: https://github.com/Icinga/icingaweb2/pull/4964

- Update to 2.11.3
  This is a security release.
  * Minor to Medium Vulnerabilities
  - Open Redirects for logged in users #4945
  - SSH Resource Configuration form XSS Bug #4947
  - Dashlets allow the user to run Javascript code #4959
  - Role member suggestion endpoint is reachable for unauthorized
    users #4961
  * The More Usual Dose of Fixes
  - Browser print dialog result broken #4957
  - Shared navigation items are not accessible #4953
  - While using dropdown filter menu it gets closed automatically
    due to autorefresh #4942

- Update to 2.11.2
  It brings performance improvements and general fixes.
  Most notable of which are that having e.g. notifications disabled
  globally is now visible in the menu again and that the event
  history is grouped by days again.
  See: https://github.com/Icinga/icingaweb2/milestone/76?closed=1

- Update to 2.11.1
  This update's main focus is to solve the issue that all history
  views didn't work correctly or showed invalid time and dates. (#4853)

- Update to 2.11.0
  * Enhancements, Some
  - Support for PHP 8.1 #4609
  - Redesign User Menu #4651
  - &showFullscreen suppresses announcements #4596
  * Fixes, More
  - Navigation item filter * not working #4772
  - Objects with a * in the name are not found #4682
  - Theme mode switch disabled on theme with mode support #4744
  * When developers become cleaning maniacs
  - User preferences in INI files not supported anymore #4765
  - mysql: use of utf8 vs utfmb4 #4680
  - Remove Vagrant file and its assets #4762

- Update to 2.10.3
  This release mainly ensures compatibility with icinga-php-library
  v0.9.0 and Icinga DB Web 1.0.0. Two fixes regarding the theme
  mode support are also included (#4744 and #4835)

- Update to 2.10.1
  - Clicking anywhere on a list item in the dashboard now opens the
    primary link again, instead of nothing #4710
  - The Check Now and Remove Acknowledgement quick actions in an
    object's detail header are now working again #4711
  - Clicking on the big number in the tactical overview if there
    are UNKNOWN services, shows UNKNOWN services now #4714
  - The contrast of text in the sidebar, while in light mode,
    has been increased #4720
  - A theme without mode support, which is set globally,
    now also prevents users from configuring the mode #4723
- Drop 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch,
  because now in upstream.

- add 6498d8b035cbaa287d67a61b3f09310a191a5e10.patch
  taken from upstream PR 4721 fixing mouseover for list items
  to make checks selectable again

- Update to 2.10.0
  Release information see: https://github.com/Icinga/icingaweb2/releases
  Fixed issues see: https://github.com/Icinga/icingaweb2/milestone/63?closed=1

- Update to 2.9.6
  * Security Fixes
    Please check the advisories on GitHub for more details.
  - Path traversal in static library file requests for
    unauthenticated users GHSA-5p3f-rh28-8frw
  - SSH resources allow arbitrary code execution for
    authenticated users GHSA-v9mv-h52f-7g63
  - Unwanted disclosure of hosts and related data, linked to
    decommissioned services GHSA-qcmg-vr56-x9wf

- Update to 2.9.5
  * This is a hotfix release which fixes the following issues:
  - Some detail views of Icinga Director and other modules are
    broken with Web 2.9.4 #4598
  - Error on skipping LDAP Discovery #4603

- Update to 2.9.4
  * Broken Preference Configuration
  - Config/Preferences not accessible without config.ini #4504
  - "My Account" broken after Upgrade from 2.8.2 to 2.9.3 #4512
  * Notable Fixes in the UI
  - Proposal for new Feature make comments collapsible #4515
  - new line character is being removed in the plugin output #4522
  * Less Notable But No Less Important Fixes
  - announcements request clears focus #4543
  - js: Fix regression for loading dependent modules for sub-containers #4533
- Changes from 2.9.3
  * Staying remembered on RHEL/CentOS 7 now possible
  - Stay Logged In - Unknown cipher algorithm #4493
  * Missing icons with SLES/OpenSUSE 15
  - Missing fileinfo php extension on SLES/OpenSUSE 15+ #4503
  * Child downtimes for services are now removed automatically
  - If appropriate, set the API parameter all_services for schedule-downtime #4501
- Changes from 2.9.2
  This is a hotfix release. v2.9.1 included a change that wasn't
  compatible with PostgreSQL again. This has been fixed in this
  release. (#4490)
- Changes from 2.9.1
  * Pancakes everywhere
  - Nested custom variables are flattened #4439
  - Disable login orb animation and all orbs for themes #4468
  - SVG chart library doesn't process input as UTF-8 #4462
  * Staying remembered too difficult
  - RememberMe not working with only PostgreSQL #4441
  - RememberMe compatibility with php version 5.6+ #4472
  - RememberMe fails after running the wizard for grants #4434
  * Being picky pays off
  - Datetimepicker not usable by keyboard #4442
  - Close the datepicker automatically #4461
  - Paragraphs in Acknowledge/Downtime not possible #4443
- Changes from 2.9.0
  * Icinga DB
  - We continue our endeavour soon. Icinga Web 2 is still a
    crucial part of it and this update is again required for
    Icinga DB. If you like to participate again, don't forget
    to update Icinga Web 2 as well.
  * Security Fixes
    This release includes two security related fixes. Both were
    published as part of a security advisory on Github. They allow
    the circumvention of custom variable protection rules and
    blacklists as well as a path traversal if the doc module is
    enabled. Please check the respective advisory for details.
  - Custom variable protection and blacklists can be circumvented GHSA-2xv9-886q-p7xx
  - Possible path traversal by use of the doc module GHSA-cmgc-h4cx-3v43
  * RBAC, The Elephant In Icinga Web 2
  - Authorization enhancements #4306
  - Audit View #4336
  - Highlight modules with permissions set inside a role #4241
  * Support for PHP 8
  - Support PHP 8 #4289
  - Raise minimum required PHP version to 7.3 #4397
  * Stay, Be Remembered
  - Implement a "remember me" feature #2495
  * It Does Matter, When
  - Add datetime picker widget #4354
  - Expire Option for Comments #3447
  - Custom defaults for downtime end, comment and duration #4364

- Update to 2.8.5
  No changelog from upstream.

- Update to 2.8.4
  - This release only contains a single fix for flattened custom
    variables. #4439

- Update to 2.8.3
  * Security Fixes
    This release includes two security related fixes.
    Both were published as part of a security advisory on Github.
    They allow the circumvention of custom variable protection
    rules and blacklists as well as a path traversal if the doc
    module is enabled. Please check the respective advisory for
    details.
  - Custom variable protection and blacklists can be circumvented
    GHSA-2xv9-886q-p7xx
  - Possible path traversal by use of the doc module
    GHSA-cmgc-h4cx-3v43

- Expand README.SUSE.

- Add missing requires php-curl, php-imagick.
- Add a2enmod mod_php and mod_rewrite at post section.

- Update to 2.8.2
  Notice: This is a security release.
    It is recommended to immediately upgrade to this release.
  You can find all issues related to this release on the respective
  milestone.
  * Path Traversal Vulnerability
    The vulnerability in question allows an attacker to access
    arbitrary files which are readable by the process running
    Icinga Web 2. Technical details can be found at the
    corresponding CVE-2020-24368 and in the issue below.
  - Possible path traversal when serving static image files #4226
  * Broken Negated Filters with PostgreSQL
    We've also included a small non-security related fix. Searching
    for e.g. servicegroup!=support leads to an error instead of the
    desired result when using a PostgreSQL database.
  - Single negated membership filter fails with PostgreSQL #4196

- Update to 2.8.1
  * Case Sensitivity Problems
    A fix in v2.8.0 led to users being not able to login if they
    got their username's case wrong. A hostgroup name's case has
    also been incorrectly taken into account despite using a CI
    labelled column in the servicegrid and other lists.
  - Login usernames now case sensitive in 2.8 #4184
  - Case insensitive hostgroup filter in service grid not working
    [#4178]
  * Issues With Numbers
    An attempt to avoid misrepresenting environments in the
    tactical overview had an opposite effect by showing negative
    numbers. Filtering for timestamps in the event history also
    showed no results because our filters couldn't cope with plain
    numbers anymore.
  - Tactical overview showing "-1 pending" hosts #4174
  - Timestamp filters not working correctly in history views
    [#4182]

- Update to 2.8.0
  * Icinga DB
    It's happening. Yes. Our latest achievement is now available
    for those who are willing to participate in this enormous
    endeavour. Icinga Web 2 is also a crucial part of it and
    accompanies the first release of Icinga DB. If you like to
    participate, don't forget to update Icinga Web 2 as well.
  * Support for PHP 7.4 and MySQL 8
    We also made sure that you won't be disappointed by Icinga Web 2
    if you're running PHP 7.4 or trying to access a MySQL database
    with version 8+. These should pose no issues anymore now. But
    if you still somehow managed to get issues please let us now
    and we'll fix it asap.
  - Exceptions with MySQL 8 #3740
  - Support for PHP 7.4 #4009
  * Find What You Search For
    It's been previously not possible to properly filter for range
    values. This was especially true for custom variables where,
    if you searched for e.g. _host_interfaces>=20, you wouldn't
    find the correct results. If you often copy some values in our
    search fields you may also been a victim of extraneous spaces
    which are now automatically trimmed.
  - Filter: more/less than doesn't seem to working #3974
  - Search object followed by a space finds no results #4002
  * Don't Leave Your Little Sheep Unattended
    It's time again to further restrict your users. It's now
    possible to completely block any access to contacts and
    contactgroups for specific roles. These won't ever see again
    who's notified and who's not. Also, if you are using single
    accounts for a group of people you can now disable password
    changes for those.
  - Prohibit access to contacts and contactgroups #3973
  - Allow to forbid password changes on specific user accounts #3286
  * In and Out, Access Control Done Right
    While we have no burgers but cookies you are nevertheless
    welcome to visit Icinga Web 2. And now you can also successfully
    leave while being externally authenticated and unsuccessfully
    enter while being unable to not add extraneous spaces to your
    username.
  - External logout not working from the navigation dashboard #3995
  - Username with extraneous spaces are not invalid #4030

- update to 2.3.4
  + Bugfixes
  * Bug 11267: Links in plugin output don't behave as expected
  * Bug 11348: Host aliases are not shown in detail area
  * Bug 11728: First non whitespace character after comma stripped from plugin output
  * Bug 11729: Sort by severity depends on state type
  * Bug 11737: Zero width space characters destroy state highlighting in plugin output
  * Bug 11796: Zero width space characters may destroy links in plugin output
  * Bug 11831: module.info parsing fails in case it contains newlines that are not part of the module's description
  * Bug 11850: "Add to menu" tab unnecessarily appears in command forms
  * Bug 11871: Colors used in the timeline are not accessible
  * Bug 11883: Delete action on comments and downtimes in list views not accessible because they lack context
  * Bug 11885: Database: Asterisk filters ignored when combined w/ other filters
  * Bug 11910: Web 2 lacks mobile meta tags
  * Fix remote code execution via remote command transport

- Changed spec file to work with SLES 11

- boo#1101357: Fixed missing dependency php-ctype in spec file.

- Backport of fix for PHP 7.2 (upstream git commit dadd2c80f)
  * 0001-Don-t-call-session_start-after-ini_set.patch

- update to 2.5.3
  + Hotfix
  * This is a hotfix release and addresses an issue with frequent
    delays/timeouts when viewing hosts and services in the front-end.
    (https://github.com/Icinga/icingaweb2/milestone/50?closed=1)

- update to 2.5.2
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/49?closed=1)

- update to 2.5.1
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/47?closed=1)

- remove addFilter("permissions-directory-setuid-bit") and
  addFilter("non-standard-gid")

- insert missing requires(pre): user(wwwrun) for Tumbleweed

- fix rpmlint errors, reduce rpmlint warnings

- Remove redundant %clean section. Fix RPM groups.
  Update summaries.

- drop permissions.d and add BuildRequires nagios-rpm-macros >= 14.0
  to remove setBadness in rpmlintrc

- removed php5-Zendframework dependency
- added icingaweb2-vendor-zf1 package

- update to 2.5.0
  + Features
  * You can find issues and features related to this release on our Roadmap
    (https://github.com/Icinga/icingaweb2/milestone/45?closed=1).

- update to 2.4.2
  + Bugfixes
  * Bug 2965: Transport config: Default port not changing upon auto-submit
  * Bug 2926: Wrong order when sorting by host_severity
  * Bug 2923: Number fields should be valid when empty
  * Bug 2919: Fix cached loading of module config
  * Bug 2911: Acknowledgements are not working without an expiry time
  * Bug 2878: process-check-result Button is visible even when user isn't allowed to use it
  * Bug 2850: Link to acknowledgements is wrong in the timeline
  * Bug 2841: Wrong menu height when switching back from mobile layout
  * Bug 2806: Wrong service state count in hostgroup overview
  * Bug 2805: Response from the Icinga 2 API w/ an empty result set leads to exception
  * Bug 2801: Wrong help text for the director in the icingacli
  * Bug 2784: Module and gravatar images are not served with their proper MIME type
  * Bug 2776: Defaults not respected when acknowledging problems
  * Bug 2767: Monitoring module: Config field protected vars not updated after zeroing config.ini
  * Bug 2728: Gracefully handle invalid Icinga 2 API response types
  * Bug 2718: Hide check attempt for hard states in history views
  * Bug 2716: Web 2 doesn't detect the browser time zone if the time zone offset is negative
  * Bug 2714: icingacli module disable fails on consecutive calls
  * Bug 2695: Macros cannot be used for a navigation item's url-port
  * Bug 2684: [dev.icinga.com #14027] Translation module should not write absolute path to .po files
  * Bug 2683: [dev.icinga.com #14025] Translation module should remove temp files
  * Bug 2661: [dev.icinga.com #13651] Don't offer the Icinga 2 API as transport if PHP cURL is missing
  * Bug 2660: [dev.icinga.com #13649] Make the Icinga 2 API the default command transport
  * Bug 2656: [dev.icinga.com #13627] Wrong count of handled critical service in the hover text
  * Bug 2645: [dev.icinga.com #13539] Improve error handling and validation of multiple LDAP URIs
  * Bug 2598: [dev.icinga.com #12977] Adding an empty user backend fails
  * Bug 2545: [dev.icinga.com #12640] MSSQL ressource not working
  * Bug 2523: [dev.icinga.com #12410] Click on Host in Service Grid can cause "Invalid Filter" error
  * Bug 2519: [dev.icinga.com #12330] Filter editor may show wrong values after searching
  * Bug 2509: [dev.icinga.com #12295] group_name_attribute should be "sAMAccountName" by default

- make package compatible to php7

- change spec to use php7 also

- fix build error for Tumbleweed

- rename package icingacli to icingaweb-icingacli
  and make icingacli as Recommends

- update to 2.4.1
  + Bugfixes
  * Bug 2651: [dev.icinga.com #13607] Displayed times messed up in Icinga Web 2.4.0 w/ PostgreSQL
  * Bug 2654: [dev.icinga.com #13615] Setup wizard: Not possible to setup Icinga Web 2 with an external database
  * Bug 2663: [dev.icinga.com #13691] Hook::all() is broken on CLI
  * Bug 2669: [dev.icinga.com #13735] Setup wizard: Progress bar isn't shown correctly, if setup is at finish step
  * Bug 2681: [dev.icinga.com #13957] Support failover API command transport configuration
  * Bug 2686: Granular module permissions do not work for hooks
  * Bug 2687: Update URLs to icinga.com, remove wiki & update to GitHub

- update to 2.4.0-2
  + Bugfixes
  * RPM: Fix specfile
  * RPM: Update revision
  * CSS: Reset line-height in the button mixin
- update to 2.4.0
  + Feature
  * Feature 12598 (Authentication & Authorization): Support nested AD groups for Roles and not just login
  * Feature 11809 (Authentication & Authorization): Test and document multiple LDAP-URIs separated by space in LDAP ressources
  * Feature 10616 (Authentication & Authorization): Users w/o administrative permissions should be allowed to change their password
  * Feature 13381 (CLI): Allow to configure the default listen address for the CLI command web serve
  * Feature 11820 (Configuration): Check whether chosen locale is available
  * Feature 11214 (Configuration): Logger: Allow to configure the Syslog Facility
  * Feature 13117 (Framework): Add charset UTF-8 to default content type
  * Feature 12634 (Framework): Possibitlity to fold and unfold filter by click
  * Feature 11198 (Framework): Announce banner
  * Feature 11115 (Framework): Add SSL support to MySQL database resources
  * Feature 8270 (Installation): Add SELinux policy for Icinga Web 2
  * Feature 13187 (Monitoring): Command toolbar in the host and service detail views
  * Feature 12873 (Monitoring): Change default for sticky option of acknowledgements from true to false
  * Feature 12820 (Monitoring): Export detail views to JSON
  * Feature 12766 (Monitoring): Show flapping events in the host and service history views
  * Feature 12764 (Monitoring): Display downtime end even if it hasn't been started yet
  * Feature 12125 (Monitoring): Allow th in plugin output
  * Feature 11952 (Monitoring): Allow changing default of 'sticky' in acknowledgement and other command options
  * Feature 11398 (Monitoring): Send commands over Icinga 2's API
  * Feature 11835 (UI): Add clear button to search field
  * Feature 11792 (UI): Show hint if notifications are disabled globally
  * Feature 11664 (UI): Show git HEAD for modules if available
  * Feature 13461 (Vendor Libraries): Use Icinga's fork of Zend Framework 1 icingaweb2-vendor-zf1
  + Bugfixes
  * Bug 12396 (Authentication & Authorization): Hooks don't respect module permissions
  * Bug 12164 (Authentication & Authorization): REDIRECT_REMOTE_USER not evaluated during external auth
  * Bug 12108 (Authentication & Authorization): assertPermission allows everything for unauthenticated requests
  * Bug 13357 (Configuration): Persistent database resources cannot be made non-persistent
  * Bug 12848 (Configuration): Empty "Protected Custom Variables" falls back to defaults
  * Bug 12655 (Configuration): Permission application/log is not configurable
  * Bug 12170 (Configuration): Adding a DB resource via webinterface requires one to enter a password
  * Bug 10401 (Configuration): LdapUserGroupBackendForm: user_* settings not purged
  * Bug 9804 (Configuration): Renaming the resource used for the config backend does not update the global configuration
  * Bug 11920 (Dashboard): Add to dashboard: wrong url makes whole dashboard unusable
  * Bug 13387 (Documentation): Can't display documentation of disabled modules
  * Bug 12923 (Framework): Navigation Item name must be of type string or NavigationItem
  * Bug 12852 (Framework): Hosts without any services are hidden from roles with monitoring/filter/objects set
  * Bug 12760 (Framework): Do not log exceptions other than those resulting in a HTTP 500 status-code
  * Bug 12583 (Framework): Unhandled exceptions while handling REST requests will silently drop the http response code
  * Bug 12580 (Framework): REST requests cannot be anonymous
  * Bug 12557 (Framework): Module description cannot be on a single line
  * Bug 12299 (Framework): FilterExpression renders a&!b as a=1&b!=1
  * Bug 12161 (Framework): Icinga Web 2 doesn't set Content-Type
  * Bug 12065 (Framework): IniRepository: update/delete not possible with iterator
  * Bug 11743 (Framework): INI writer must not persist section keys with a null value
  * Bug 11185 (Framework): SummaryNavigationItemRenderer should show worst state
  * Bug 10361 (Framework): Handle E_RECOVERABLE_ERROR
  * Bug 13459 (Installation): Setup: Can't view monitoring config summary with Icinga 2 API as command transport
  * Bug 13467 (JavaScript): renderLayout has  side-effects
  * Bug 13115 (JavaScript): actiontable should not clear active row in case there is no newer one
  * Bug 12541 (JavaScript): Menu not reloaded in case no search is available
  * Bug 12328 (JavaScript): Separate vendor JavaScript libraries w/ semicolons and newlines on import
  * Bug 10704 (JavaScript): JS: Always use the jQuery find method w/ node context when selecting elements
  * Bug 10703 (JavaScript): JS: Don't use var self = this, but var _this = this
  * Bug 11431 (Modules): Modules can't require permission on menu items
  * Bug 10870 (Modules): Refuse erroneous module folder names when enabling the module
  * Bug 13243 (Monitoring): Inconsistent host and service flags
  * Bug 12889 (Monitoring): Timeline broken
  * Bug 12810 (Monitoring): Scheduling a downtime for all services of a host does not work w/ the Icinga 2 API as command transport
  * Bug 12313 (Monitoring): Multi-line strings within host.notes are being displayed as single line
  * Bug 12223 (Monitoring): State not highlighted in plugin output if it contains HTML
  * Bug 12019 (Monitoring): Contact view shows service filters with 'Downtime' even if not set
  * Bug 11915 (Monitoring): Performance data: negative values not handled
  * Bug 11859 (Monitoring): Can't separate between SOFT and HARD states in the history views
  * Bug 11766 (Monitoring): Performance data: Fit label column to show as much text as possible
  * Bug 11744 (Monitoring): Empty user groups are not displayed
  * Bug 10774 (Monitoring): Scheduling downtimes for child hosts doesn't work w/ Icinga 2.x (waiting for Icinga 2)
  * Bug 10537 (Monitoring): Filtering with not-equal on custom variable doesn't show hosts without this cv
  * Bug 7755 (Monitoring): Remove autosubmit in eventgrid
  * Bug 12133 (Navigation): Username and password not being passed in navigation item URLs
  * Bug 12776 (Print & Export): dompdf fails when border-style is set to auto
  * Bug 12723 (Print & Export): Allowed memory size exhausted when exporting the history view to CSV
  * Bug 12660 (QA): Choosing the Icinga theme floods the log with error messages
  * Bug 12774 (UI): Lot's of <span style="visibility:hidden; display:none;"></span> in Output
  * Bug 12134 (UI): Copy and paste: Plugin output contains unicode zero-width space characters
  * Bug 10691 (UI): Closing the detail area does not update the rows selected counter
  * Bug 13095 (Vagrant VM): TicketSalt constant missing
  * Bug 12717 (Vagrant VM): PluginContribDir constant removed during vagrant provisioning

- add minimum version 1.12.18 to ZendFramwork,
  because of Bug #655: ZF2015-08 breaks binary data
  https://github.com/zendframework/zf1/issues/655