nagios-4.5.4-bp160.1.3

- update to 4.5.4
  * Fix inconsistent links for 'View {Trends,Alert Histogram} For
  This {Host,Service}' (Mauricio Faria de Oliveira)
  * Fix broken links from removing AngularJS pages in 4.5.3 (Dylan Anderson)

- update to 4.5.3
  * Update jQuery (#960) (Dylan Anderson)
  * Remove pages using outdated AngularJS framework (#960) (Dylan Anderson)
  * Fix html encoding of some ascii characters (#813) (Dylan Anderson)
  * Updated several page links to use 'nofollow' (#965) - (Griffin Westerman)

- update to 4.5.2
  * Fix handling of timeperiods w/ downtime availability calculations
    in the Availability CGI report (Sebastian Wolf)
  * Fix build when compiling against musl libc (#952) (Sebastian Wolf)
  * Fix downtime comment using current time instead of the downtime's
    entry time (#910) (Dylan Anderson)

- update to 4.5.1
  * Fix text rendering in Configuration -> Command Expansion when the
    command ends in whitespace
    (Thanks Joran LEREEC for reporting this issue)
- from 4.5.0
  Note: this release is backward-compatible, but does include updates
  to the header files.
  If you are using any NEB modules in your monitoring solution, you will
  need to recompile them with the new nagios-4.5.0 headers to avoid
  segmentation faults.
  ENHANCEMENTS
  * Add event_handler_period configuration option to hosts and services (#913)
  * Add external commands CHANGE_HOST_EVENT_HANDLER_TIMEPERIOD
    and CHANGE_SVC_EVENT_HANDLER_TIMEPERIOD (#913)
  * Added support for separating your build directory from your
    source directory (#867)
- from older versions:
  * Fix missing macros when running performance data commands (#904)
  * Fix broken logo images in status pages (regression from 4.4.12) (#917)
  * Clean up most compiler warnings on GCC and clang (#901)
  * Fix incorrect HTML entity escaping in CGIs (#907, #902)
  * Fix issue where predictive dependency checks were not being scheduled for services (#908)
  * Fix several typos (#898, #884)
  * Fix incorrect error message in preflight check (#865)
  * Fix use-after-free in qh_deregister_handler (#866)
  * Fix memory leak in qh_deregister_handler (#866)
  * Fix mismatched host/service behavior when changing from SOFT to HARD state (#891)
  * Minor performance improvements in CGI utility functions (#866)
  * Fix memory leak in nagiostats.c when using -c, -s, -d, or -D multiple times (#888)
  * Improve service scheduling at startup (#887)
  * Fixed check_attempts remaining high during a HARD service recovery (#837)
  * Fixed memory leak in NERD (#872)
  * Fixed crash when checking for updates using SSL
- removed patches:
  * nagios-4.1.0-add_KOHANNA.conf - not supported any longer
  * nagios-fix_encoding_trends.cgi.patch - fixed upstream
- refreshed patches:
  * nagios-disable_phone_home.patch - disable page tour in cgi.cfg
  * nagios-random_data.patch - rebase
  * nagios-4.0.6-remove-date-time.patch - rebase
  * nagios-4.4.3-enable-ppc64le.patch - rebase
  * nagios-output-length.patch - rebase
- removed scripts and configs:
  * nagios-exec-start-post - obsolete (fixes bsc#1202929)
  * nagios-exec-start-pre  - obsolete (fixes bsc#1202929)
  * nagios_systemd         - integrated in nagios.service
  * nagios-4.1.0-add_KOHANNA.conf - unsupported
- updated nagios.service
  * use correct commandline options
  * add ExecStopPost to remove the command file
  * get rid of EnvironmentFile
- reduce amount of rpmlintrc exceptions
- use service file for downloading the sources
- require procps (ps) for building
- recommend traceroute (for WAP -> statuswml.cgi & traceroute.cgi)
- Nagios plugins can be found under http://nagios-plugins.org/ now.
- use /run/nagios instead of /var/run/nagios as tmp-dir
- create and own /run/nagios as ghost directory
- substitute the distribution path names more general in nagios.cfg
- use symlink to /sbin/service for rcnagios instead of adjusted startup file
- package readme file for exfoliation theme
- package nagios-qh.rb (Query Handler interface example) in nagios-contrib
- run check macro and test the shipped nagios.cfg

- Use %patch -P N instead of deprecated %patchN.

- remove some old rpmlintrc entries
- remove old (< 12.0) SUSE macros from spec file
- nagios-dch and nagios-contrib can be noarch
- use autopatch macro
- set right permission and ownership for /var/log/nagios/config.err
  even if this file is just a ghost file in RPM
- use /run/nagios instead of /var/run/nagios for pid file
- get rid of really old (SLE9) fix for nagios command group (was
  group www at that time). Since SLE10, we use and own group
  (nagcmd) instead. As we do not support to migrate from SLE9 to
  SLE11 and beyond directly, this migration should have been done
  long time ago already

- Do not provide user/group symbols and actually stop generating
  those users/groups alltogether. The package system-user-nagios is
  taking care of the user setup.

- provide user(nagios), group(nagios), group(wwwrun), user(nagcmd)
  bsc#1219600

- do not change ownership of resource_file (/etc/nagios/resource.cfg)
  during (re-)start: nagios does not have enough permissions to do
  it anyway.
  Fixes bsc#1192316 - thanks to Kai Lappalainen

- 4.4.7 - 2022-04-14
  FIXES
  * Fixed checkboxes in jsonquery.html (#778) (Rfferrao87)
  * Added SSL support for version update check (Sebastian Wolf)
  * Note: NEB modules using the priority/scheduling queues in libnagios may need to update headers due to symbol conflicts with OpenSSL.
  * Fixed XSS in homepage when displaying update check results (Sebastian Wolf)
  * Fixed allocation error in getcgi.c (#820) (Ariadne Conill)
  * Fixed Error: NULL variable for lines of spaces in resource.cfg (#814) (Ralf Herrmann)
  * Fixed crash when handling large check output (#825, #828) (Kilvador)
  * Update packaging instructions for RPM/EPEL (#850) (T.J. Yang)
  * Include packaging instructions for DEB (#842) (Catfriend1)
  * Fixed CGI object processing when names end in \ (#819) (Sebastian Wolf)
  * $SERVICEPROBLEMID$ now accessible when notifications are sent (#688) (Sebastian Wolf)

- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * nagios-archive.service
  * nagios.service

- new nagios-exec-start-post script to fix bsc#1003362

- fix nagios_upgrade.sh writing to log file in user controlled
  directory (bsc#1182398). The nagios_upgrade.sh script writes the
  logfile directly below /var/log/

- 4.4.6
  * Fixed Map display in Internet Explorer 11 (#714)
  * Fixed duplicate properties appearing in statusjson.cgi (#718)
  * Fixed NERD not building when enabled in ./configure (#723)
  * Fixed build process when using GCC 10 (#721)
  * Fixed postauth vulnerabilities in histogram.js, map.js, trends.js
  (CVE-2020-13977, bsc#1172794)
  * When using systemd, configuration will be verified before
  reloading (#715)
  * Fixed HARD OK states triggering on the maximum check attempt (#757)

- fix boo#1156309, CVE-2019-3698 : Symbolic Link (Symlink) following
  vulnerability in the cronjob allows local attackers to cause cause
  DoS or potentially escalate privileges by winning a race.
- enhance systemd service: check nagios config before reloading
- enable build for SLE11 by excluding some special macros and
  directories via 'sles_version != 11' condition
- add nagios-archive.service and nagios-archive.timer as replacement
  for the script in cron.weekly: no need for cron on systemd systems
- run set_permissions and verifyscript for /etc/cron.weekly on those
  distributions that need it
- enhance rpmlint: ignore empty htpasswd file
- enable php apache module and not php5 on newer distributions
- try to harden the rcnagios script

- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
  shortcut through the -mini flavors.

- 4.4.5
  * Reverted changes related to #625 due to CPU load issues
  * Partially reverted changes for #647 due to CPU load issues
  * Fixed "Quick Search" so that leading/trailing whitespace doesn't affect output (#681) (Sebastian Wolf)
  * Fixed build issues on non-RPM-based platforms (#617) (T.J. Yang)
- 4.4.4
  * Fixed log rotation logic to not repeatedly schedule rotation on a DST change (#610, #626) (Jaroslav Jindrak & Sebastian Wolf)
  * Fixed $SERVICEPROBLEMID$ to be reset after service recovery (#621) (Sebastian Wolf)
  * Fixed defunct worker processes appearing after nagios was reloaded (#441, #620) (Sebastian Wolf)
  * Fixed main nagios thread to release nagios.qh on a closed connection (#635) (Sebastian Wolf)
  * Fixed semicolon escaping to remove prepended backslash (\) (#643) (Sebastian Wolf)
  * Fixed 'Checks of this host have been disabled' message showing on passive-only hosts (#632) (Vojtěch Širůček & Sebastian Wolf)
  * Fixed last_hard_state showing the current hard state when service status is brokered (#633) (Sebastian Wolf)
  * Fixed long plugin output (>8KB) occasionally getting truncated (#625) (Sebastian Wolf)
  * Fixed check scheduling for objects with large check_intervals and small timeperiods (#647) (Sebastian Wolf)
  * Fixed SOFT recoveries sending when services had HARD recovery some time after host recovery (#651) (Sebastian Wolf)
  * Fixed incorrect permissions on debugging builds of FreeBSD (#420) (Sebastian Wolf)
  * Fixed NEB callback lists being partially orphaned when multiple modules subscribe to one callback (#590) (Sebastian Wolf)
  * Fixed memory leaks in run_async_service_check(), run_async_host_check() when checks are brokered (#664) (Sebastian Wolf)
  * Fixed potential XSS in main.php, map.php (#671, #672) (Jak Gibb)
  * Removed NEB brokering for nagios daemonization, since daemonization occurs before NEB initialization (#591) (Sebastian Wolf)

- compile with -ffat-lto-objects to prevent build failure

- Add /etc/cron.weekly to filelist, as this is now part of cron,
  which we don't want to require

- revert setting of sbindir back to nagios_cgidir

- update to 4.4.3
  * Fixed services sending recovery emails when they recover if host in
  down state (#572) (Scott Wilkerson)
  * Fixed a make error when building on the aarch64 architecture (#598)
  (Gareth Randall)
  * Fixed --with-cgibindir and --with-webdir to actually set values given
  (#585) (lawsontyler)
  * Fixed soft recovery states for services (#575) (Jake Omann)
  * Fixed XSS vulnerability in Alert Summary report (CVE-2018-18245, boo#1119832)
  (Jake Omann)
  * Fixed services in soft states sometimes not switching into hard states
  (#576) (Jake Omann)
  * Fixed last_state_change to update when a state goes from soft -> hard
  state (#592) (Jake Omann)
  * Fixed Map link always being set to undefined host and don't show link
  for Nagios Process root note (#539) (Jake Omann)
  * Fixed notifications sending when services went into hard state on a
  down or unreachable host (#584) (Jake Omann)
  * Fixed log_host_retries not logging the host soft state checks (#599)
  (Jake Omann)
  * Fixed stalking_options N option to properly log only when a
  notification is actually sent (#604) (Jake Omann)
  * Fixed issue with service status totals being zero when
  servicegroup=all on servicegroup status page (#579) (Jake Omann)
  * Fixed escalation notifications logic and recovery notifications not
  going out (#582) (Jake Omann)
  * Fixed not finding child index causing duplicate hosts showing in the
  Map (#471) (Jake Omann)
  * Fixed Map configuration popup checkboxes not working and Root Node
  not populating (#543) (Jake Omann)
  * Fixed cleanup and deinit of neb modules on reload (#573) (Jake Omann)
- rebase nagios-4.2.2-enable-ppc64le.patch (allow ppc64le builds in
  contrib Makefile) to:
  nagios-4.4.3-enable-ppc64le.patch

- install /var/spool/nagios setgid nagcmd so external applications
  like the webinterface can issue commands to nagios (boo#1028975)

- update to 4.4.2
  * Fix comment data being duplicated after a `service nagios reload`
  or similar (#549) (Bryan Heden)
  * Fix check_interval and retry_interval not changing at the
  appropriate times (#551) (Scott Wilkerson)
  * Fixed passive checks sending recovery email when host was
  previously UP (#552) (Scott Wilkerson)
  * Fixed flapping comments duplication on nagios reload (#554)
  (Christian Jung)
  * Fix for CVE-2018-13441, CVE-2018-13458, CVE-2018-13457 null
  pointer dereference (Trevor McDonald) (boo#1101293, boo#1101289, boo#1101290)
  * Fixed syntax error in file: default-init.in (#558) (Christian Zettel)
  * Reset current notification number and state flags when the host recovers,
  reset all service variables when they recover fixes (#557) (Scott Wilkerson)
  * Fixed wrong counting of service status totals when showing
  servicegroup details (#548) (Christian Zettel, Bryan Heden)
  * Fixed avail.cgi not printing CSV output when checkbox is checked
  (for any type: host/service/hostgroup/servicegroup) (#570) (Bryan Heden)
  * Fixed nagios not logging SOFT state changes after 1 (Scott Wilkerson)
  4.4.1 - 2018-06-25
  * Revert some macro->kvvec changes causing problems when
  `enable_environment_macros` was enabled (Bryan Heden)
  * Adjust `process_macro_r` function logic so that it handles
  macros properly (Bryan Heden)
  * Fix spec file for systemd (Karsten Weiss, Fr3dY, Bryan Heden)
  * Fix bug where `ssize_t` typedef to int on some systems (Bryan Heden)
  4.4.0 - 2018-06-19
  ENHANCEMENTS
  * new status for check dependencies (John Frickson)
  * Allow more flexible requirements for comments (John Frickson)
  * Add a `statusCRITICALACK` class for the status column (John Frickson)
  * CSV output based on groups (all options) (John Frickson)
  * New Macro(s) to generate URL for host / service object to be
  used in notifications (John Frickson)
  * New Macro(s) to determine if host/service notifications are
  enabled (#419) (Bryan Heden)
  * New Macro(s) for obtaining the host/service notification
  periods (#350) (Bryan Heden)
  * enable_page_tour interface option (Bryan Heden)
  * Code cleanups in important sections (Workers, Handling Results) (Bryan Heden)
  * Automatic mail program detection (with same /bin/mail failback) (Bryan Heden)
  * Incorporated [autoconf-macros](https://github.com/NagiosEnterprises/autoconf-macros)
  into Core (Bryan Heden)
  * Lots of enhancements/additions to configure/make process. (Bryan Heden)
  + Moved all files to startup/
  + Added upstart job
  * Added system limit detection (RLIMIT_NPROC) to check for anticipated
  fork() failures (#434) (Bryan Heden)
  * Added stalking on notifications (`N` or `notifications` option when
  specifying `stalking_options`) (#342) (Bryan Heden)
  * Added automatic `systemctl daemon-reload` and `initctl reload-configuration`
  where applicable on `make install-init` (Bryan Heden)
  * Added case-insentive command submission. (#373) (Bryan Heden)
  * Enabled `check_external_commands` by default (Bryan Heden)
  FIXES
  * Command line macro detection skips potential macros with no ending
  dollar sign (Bryan Heden, Jake Omann)
  * Fixed a lockup condition sometimes encountered on shutdown or restart (Aaron Beck)
  * Fixed negative time offset calculations computing incorrectly sometimes (bbeutel)
  * Fixed reloads causing defunct (zombie) processes (#441) (Bryan Heden)
  * Fixed wait3(), wait4() implementations (replaced with waitpid()) (#326) (Bryan Heden)
  * Fixed additive inheritance not testing for duplicates in
  hosts/services/(+escalations) (#392) (Bryan Heden)
  * Fixed very very (around 600k chars or greater) large plugin
  output crashing Nagios (#432) (Bryan Heden)
  * Fixed first_notification_delay not beeing calculated from
  last_hard_state_change (#425) (Christian Zettel)
  * Fixed duplicate downtime ID occuring from downtimes in retention
  file (#506) (Franz [feisenko])
  * Fixed segfault when navbarsearch was used in status.cgi for something
  other than a host (#489) (Bryan Heden)
  * Fixed some miscellaneous ./configure issues on Solaris (Bryan Heden, Troy Lea)
  * Fixed "Locate host on map" link (#496) (Troy Lea)
  * Fixed service groups defined with unknown service members
  (that aren't first in the list) not erroring out (#500) (Bryan Heden)
  * Fixed tac.cgi to have consistent behavior with the other cgis (#481)
  (Bryan Heden, Matt Capra)
  * Fixed clear_host/service_flapping command logic to broker/notify
  properly (#525) (Bryan Heden, Karsten Weiss)
- removed upstreamed patches:
  + nagios-fix_spurious_dollar_signs_added_to_command_lines.patch
  + nagios-4.3.4-fix_memleak_4.3.3.diff
- refreshed patches:
  + nagios-4.0.6-remove-date-time.patch
  + nagios-4.1.0-add_KOHANNA.conf
  + nagios-4.2.2-enable-ppc64le.patch
  + nagios-disable_phone_home.patch
  + nagios-fix_encoding_trends.cgi.patch
  + nagios-output-length.patch
  + nagios-random_data.patch

- fix setting default values in nagios-exec-start-pre

- remove unused xorg-x11-devel BuildRequires

- fix upstream issue #455, memleak introduced with 4.3.3
  nagios-4.3.4-fix_memleak_4.3.3.diff

- update to 4.1.0 fixed boo#939829 already, mentioned here just
  for reference

- fix a possible symlink attack for files/dirs created by root
  fixes CVE-2016-8641 (bsc#1011630 and bsc#1018047)
- remove the pre-configured administrative account with fixed
  password from the htpasswd file and provide an empty one instead
  (fixes boo#961115 - CVE-2016-0726)

- Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468)

- Do not introduce new RPM group just for nagios-contrib.
  Use established Development/Tools/Other instead.

- update to 4.3.4
  * Improved config file parsing (Mark Felder)
  * Fixed configure script to check for existence of /run for lock
    file (in regards to CVE-2017-12847, Bryan Heden)
  * Use absolute paths when deleting check results files (Emmanuel Dreyfus)
  * Add sanity checking in reassign_worker (sq5bpf)
  * xodtemplate.c wrong option-deprecation code warning (alex2grad / John Frickson)
  * On-demand host check always use cached host state (John Frickson)
  * 'á' causes Serivce Status Information to not be displayed (John Frickson)
  * New Macro(s) to generate URL for host / service object (John Frickson)
  * Fix minor map issues (Troy Lea)
  * Fix lockfile issues (Bryan Heden)
  * Switch order of daemon_init and drop_priveleges (CVE-2017-12847, Bryan Heden)
  * Add an OpenRC init script (Michael Orlitzky)
- only require insserv on older SUSE distributions

- update to 4.3.2
  FIXED
  * Every 15sec /var/log/messages is flooded with
    "nagios: set_environment_var" (John Frickson)
  * Changed release date to ISO format (yyyy-mm-dd) (John Frickson)
  * `make all` fails if unzip is not installed (John Frickson)
  * Quick Search no longer allows search by Alias (John Frickson)
  * flexible downtime on a service immediately turns off notifications
    (John Frickson)
  * Fix to allow url_encode to be called twice (Z. Liu)
  * Update timeperiods.cfg.in (spelling) (Parth Laxmikant Kolekar)
  * Spelling fixes (Josh Soref)
  * Vent command pipe before remove to avoid deadlocks on
    writing end (Kai Kunstmann)
  * CGI utility cgiutil.c does not process relative config file
    path names properly (John Frickson)
  * xdata/xodtemplate.c bug in option-deprecation code (John Frickson)
  * Wildcard searching causes service status links to not work properly
    (John Frickson)
  * Quick search with no hits shows a permission denied error (John Frickson)
  * Setting a service as its own parent is not caught by the sanity
    checker (-v) and causes a segfault (John Frickson)
- removed nagios-4.3.1-remove-flooding-messages.patch (fixed upstream)

- fix upstream issue #337: remove debugging messages:
  nagios-4.3.1-remove-flooding-messages.patch

- Update to 4.3.1
  SECURITY FIXES
  * Fix for CVE-2016-6209 - The "corewindow" parameter (as in
    http://localhost/nagios?corewindow=www.somewhere.com) has been disabled by
    default. See the UPGRADING document for how to enable it. (John Frickson)
  FIXES
  * Service hard state generation and host hard or soft down status (John Frickson)
  * Comments are duplicated through Nagios reload (John Frickson)
  * host hourly value is incorrectly dumped as json boolean (John Frickson)
  * Bug - Quick Search no longer allows search by IP (John Frickson)
  * Config: status_update_interval can not be set to 1 (John Frickson)
  * Check attempts not increasing if nagios is reloaded (John Frickson)
  * nagios hangs on reload while sending external command to cmd file (John Frickson)
  * Feature Request: return code xxx out of bounds - include message as well (John Frickson)
  * Fix early event scheduling (pmalek / John Frickson)
  * on-demand host checks triggered by service checks cause attempt number increments (fredericve)
  * Service notification not being send when host is in soft down state (John Frickson)
  * configure does not error if no perl installed on CentOS 7 (John Frickson)
  * failed passive requests leave .ok files in checkresults dir (caronc)
  * Services don't show in status.cgi if "noheader" specified (John Frickson)
  * Standardized check interval config file names (John Frickson)
  * "Event Log" (showlog.cgi) could not open log file (John Frickson)
  * "nagios_check_command" has been deprecated since v3.0. Last vestiges
    removed (John Frickson)
  ENHANCEMENTS
  * Added new flag to cgi.cfg: tac_cgi_hard_only to show only HARD
    states (John Frickson)
  * Add broker-event for the end of a timed event (NEBTYPE_TIMEDEVENT_END) (John Frickson)
  * There is no Macro to retrieve addresses of hostgroup members
    (now $HOSTGROUPMEMBERADDRESSES$) (John Frickson)
  * Add "Page Tour" videos to several of the core web pages (John Frickson)
  * Added a login page, and a `Logoff` links (John Frickson)
  * On the status map, the host name will be colored if services are
    not all OK. (John Frickson)
  * Added "Clear flapping state" command on host and services
    detail pages. (John Frickson)
  * User-entered comment now displays below generated comment for
    downtime (John Frickson)
- refreshed patches

- update to 4.2.4
  SECURITY FIXES
  * Fixed another root privilege escalation (CVE-2016-9566) Thanks for
    bringing this to our attention go to Dawid Golunski
    (http://legalhackers.com).

- update to 4.2.3
  SECURITY FIXES
  * Fixed a root privilege escalation (CVE-2016-8641) (John Frickson)
  FIXES
  * external command during reload doesn't work (John Frickson)
  * Nagios provides no error condition as to why it fails on the
    verify for serviceescalation (John Frickson)
  * No root group in FreeBSD and Apple OS X (John Frickson)
  * jsonquery.html doesn't display scheduled_time_ok correctly (John Frickson)
  * daemon_dumps_core=1 has no effect on Linux when Nagios
    started as root (John Frickson)
  * Configuration check in hostgroup - misspelled hostname does
    not error (John Frickson)
  * contacts or contact_groups directive with no value should not
    be allowed (John Frickson)
  * Compile 64-bit on SPARC produces LD error (John Frickson)
  * HOSTSTATEID returns 0 even if host does not exist (John Frickson)
  * Submitting UNREACHABLE passive result for host sets it as DOWN
    if the host has no parents (John Frickson)
  * nagios: job XX (pid=YY): read() returned error 11 (changed from
    LOG_ERR to LOG_NOTICE) (John Frickson)
  * Fix for quick search not showing services if wildcard used
    (John Frickson)

- use faster find variants

- allow ppc64le builds in contrib Makefile:
  nagios-4.2.2-enable-ppc64le.patch

- update to 4.2.2
  SECURITY
  + There was a fix to vulnerability CVE-2008-4796 in the 4.2.0 release
    on August 1, 2016. The fix was apparently incomplete, as there was
    still a problem. However, we are now getting all RSS feeds using AJAX
    calls instead of the (outdated) MagpieRSS package. Thanks for bringing
    this to our attention go to Dawid Golunski (http://legalhackers.com).
  ENHANCEMENTS
  + Update status.c to display passive check icon for hosts when
    passive checks are enabled and actives disabled
  FIXES
  + Fix permissions for Host Groups reports (status.cgi)
  + Service Parents does not appear to be functioning as intended
  + Availability report mixes up scheduled and unscheduled warning percentages
  + Invalid values for saved_stamp in comput_subject_downtime_times()
  + Remove deprecated ?framespacing?
  + The nagios tarball contains two identical jquery copies
  + extinfo.cgi does not set content-type (most cgi?s don?t)
  + Timeperiods are corrupted by external command CHANGE_SVC_CHECK_TIMEPERIOD
  + Quick search doesn?t show hosts without services (service status detail page)
  + In host/services details view, if exactly 100 entries would not show last one
  + nagios host URL parameter for NEW map doesn`t work ? Network Map for All Hosts
  + next_problem_id is improperly initialized
  + Passive problems not showing as ?unhandled?
  + September reported as Sept instead of Sep
  + Notifications are not sent for active alerts after scheduled downtime ends
  + Nagios 4.2.0 not working on Solaris
  + install-exfoliation and install-classicui don?t work FreeBSD and Mac OS X
  + Updated makefile to delete some no-longer-needed files

- update to 4.2.1
  FIXES
  + Fix undefined variable php error (John Frickson)
  + Links on the sidebar menu under 'Problems' are indented too far
  + Using $ARGn$ Macros in perfdata (John Frickson)
  + using a wildcard in search returns service status total all zero's
  + read_only does not take priority (deppy)
  + Running nagios -v on 4.2.0 takes 90+ seconds (John Frickson)
  + Missing Image for Host and Service State Trends in Availability Report
  + Maintain non-persistent comments through reload (John Frickson)
  + Servicegroup availability report ignores includesoftstates in
    service report links (PriceChild)
  + error: format not a string literal and no format arguments (Karsten Weiss)
- ignore rpmlint warnings about tmpfile creating/listing: this is
  handled, but not properly detected by rpmlnt

- update to 4.2.0
  SECURITY FIXES
  + Fixed vulnerability CVE-2008-4796 (John Frickson)
  + Fixed vulnerability CVE-2013-4214 (John Frickson)
  + web interface vulnerable to Cross-Site Request Forgery attacks
  ENHANCEMENTS
  + Increase socket queue length for listen()
  + Added host name to the website page title (leres / John Frickson)
  + Added additional icons for NetBSD and SuSE (John Frickson)
  + The new Status Map will now use cgi.cfg options (John Frickson)
    default_statusmap_layout will default to "6" for the new map
  + The new Status Map will now show some valid values in the
    popup for "Nagios Process" (John Frickson)
  FIXES
  + Network outage view without access to all hosts (John Frickson)
  + Core workers looping (John Frickson)
  + service query returns duplicate host_name and description
    fields in the returned data (John Frickson)
  + HTML output of plug-ins is parsed in wrong way => webgui
    unusable (John Frickson)
  + Command worker fails to handle SIGPIPE
  + "View Status" links under "Map" broken in Nagios Core
    Version 4.1.1 (John Frickson)
  + Can't send big buffer - wproc: Core Worker seems to be choked
  + Too big CPU load on FreeBSD and other systems using poll() interface
  + Flexible downtime recorded as unscheduled downtime (John Frickson)
  + Service Flexible downtimes produce 1 notification before entering
  + Once you "set flap_detection_enabled 0" it should remove flapping
    state from the host/services page (John Frickson)
  + New map doesn't finish loading if a logo image is not found
  + Extraneous Div end tag in map.html (Scott Wilkerson)
  + Issue with "Problems" section (John Frickson)
  + Status Map icons and online/offline status dots disappear in IE11
  + New network map overlays the nagios process with objects
  + Added Default-Start and Default-Stop to the init script
  + Compile / logging issues with BSD 6
  + Related to above, Fixed a lot of incorrectly handled
    time_t's in *printf's
  + New map not working for RU locale (actually, most locales)
  + Replaced all instances of signal() with sigaction() + blockig
  + UTF-8 characters like german ä are not processed properly by
    function url_encode (John Frickson)
  + nagios worker processes can hog CPU (huxley / John Frickson)
  + custom time periods that include special characters were not
    being handled in reports (John Frickson)
  + Fixed init script to wait up to 90 seconds then kill the
    nagios process (John Frickson)
  + No Host Groups results in wrong error message (John Frickson)
  + Setup Nagios users to view specific host is not working in the
    new network map (John Frickson)
  + statusjson.cgi fails glibc realloc truncate response output (John Frickson)
  + Report Time Period does not work if an @ character is in
    the timeperiod name (John Frickson)
  + State History does not use actual plugin long_output (John Frickson)
  + Time period corruption (xoubih)
  + Tactical Overview - Disabled Flap Detection Link (John Frickson)
- add /var/run/nagios as ghost directory

- Fix nagios-www: keep nagios-www-dch from owning html files shipped with
  Nagios.
- Remove unused NAGIOSDCH apache flag.

- Update to 4.1.1
  FIXES
  * CGI Could not read object configuration data (broken by error in 4.1.0)
  * exclude (!) not working (broken by mis-applied fix for 4.1.0)
- Dropped patch nagios-issue_71.patch (included in sources)

- Add nagios-issue_71.patch
  * Fixes "CGI Could not read object configuration data" (boo#944102)