"Fossies" - the Fresh Open Source Software Archive

Member "icingaweb2-2.11.4/CHANGELOG.md" (26 Jan 2023, 90334 Bytes) of package /linux/www/icingaweb2-2.11.4.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field. See also the latest Fossies "Diffs" side-by-side code changes report for "CHANGELOG.md": 2.11.3_vs_2.11.4.

A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.

Icinga Web 2 Changelog

Please make sure to always read our Upgrading documentation before switching to a new version.

What’s New

What’s New in Version 2.11.4

You can find all issues related to this release on our Roadmap.

Notable Fixes

What’s New in Version 2.11.3

Notice: This is a security release. It is recommended to upgrade immediately.

You can find all issues related to this release on our Roadmap.

Minor to Medium Vulnerabilities

In late November we received multiple security vulnerability reports. They are listed below in order of severity where you can also find further notes:

The More Usual Dose of Fixes

What’s New in Version 2.11.2

You can find all issues related to this release on our Roadmap.

It brings performance improvements and general fixes. Most notable of which are that having e.g. notifications disabled globally is now visible in the menu again and that the event history is grouped by days again.

What’s New in Version 2.11.1

You can find all issues related to this release on our Roadmap.

This update’s main focus is to solve the issue that all history views didn’t work correctly or showed invalid time and dates. (#4853)

What’s New in Version 2.11.0

You can find all issues related to this release on our Roadmap.

Enhancements, Some

Many of you were waiting for it: PHP 8.1 Support. This means that Icinga Web should be available soon on e.g. Ubuntu 22.04. You’ll also notice that we changed the sidebar, as the user menu went to the very bottom of it. With it moved the less frequently used menu entries (system and configuration) to a section that pops up by hovering over the :gear: icon. We did that in order to prepare an area where we can add further functionality in the future. Oh, and announcements are now visible in fullscreen mode. :upside_down_face:

Fixes, More

There are also bug fixes of course. The first mentioned here is one we fixed accidentally, as by adding support for PHP 8.1 we avoided a common PHP quirk responsible for it. If you have a host or service with an asterisk in the name, it will show up correctly in the detail view now. There was also a remaining issue with the theme mode selection in the user preferences which is fixed now.

When developers become cleaning maniacs

Usually I write a short note at the start of release notes to make you read the upgrading documentation. This time however, a more prominent hint is required. We’ve removed so much (legacy) stuff, anyone tasked with upgrading is obliged to read the upgrading documentation. The changes mentioned below only provide a glimpse at it.

What’s New in Version 2.10.1

It’s a rather small update this time without any critical bugs. :tada: So let’s get straight to the fixes:

What’s New in Version 2.10.0

You can find all issues related to this release on our Roadmap.

Please make sure to also check the respective upgrading section in the documentation.

The Appearance of Dark and Light

We have already spoken a lot about the theme mode support that we were working on for some time now. It was planned for v2.9.0, but in respect of many modules and themes out there we gave it the deserved attention. Below is a glimpse of what this looks like.

Icinga Web 2 Theme Mode Preview

Custom Variables Shown Unaltered – Or not

Icinga Web 2 had some bad habits when displaying custom variables in the UI. We’ve driven out the last one regarding names now. Uppercase characters are now shown as such. What Icinga Web 2 stopped doing though, can now be accomplished by modules. A new hook that enables modules to influence the rendering of custom variables has been introduced.

Surprising Beauty in Exported Places

Anyone who already attempted to export a list of services to PDF has seen the degradation of details in recent years. Be it images, icons, colors or the general layout. We simply reached a technical limit with the builtin PDF export. That is why we made Icinga PDF Export. Icinga Web 2 has now a much enhanced compatibility with it. Exporting a list of services while Icinga PDF Export is set up, will now lead to a much better looking result.

What’s New in Version 2.9.6

Notice: This is a security release. It is recommended to upgrade immediately.

Security Fixes

This release includes three security related fixes. The first is a path traversal issue that affects installations of v2.9.0 and above. Another one allows admins to run arbitrary PHP code just by accessing the UI. The last one may disclose unwanted details to restricted users. Please check the advisories on GitHub for more details.

What’s New in Version 2.9.5

This is a hotfix release which fixes the following issues:

What’s New in Version 2.9.4

You can also find all issues related to this release on our Roadmap.

Broken Preference Configuration

The preferences configuration broke with the release of v2.9 in some cases. Previously it was possible to access this and the general configuration without any configuration at all on disk. This is now possible again. The preferences of some users, which have a theme of a disabled module enabled, also showed an error. This doesn’t happen anymore now.

Notable Fixes in the UI

For a long time now, comments in lists had the bad habit to spread erratically if their content was large. They’re limited to two lines now in lists and are still shown in full glory in their respective detail area. While talking of lines… Plugin output with subsequent empty lines erroneously showed only one of them. This is now fixed.

Less Notable But No Less Important Fixes

We are actually very committed to provide a good experience for restricted users. So I’m happy to tell you that a nasty bug is fixed that resulted in the focus being lost randomly. Third party integrations are also important to us, hence I’m happy that this release fixes an issue where module specific JavaScript didn’t load properly. Are you happy now?

What’s New in Version 2.9.3

You can also find the issues related to this release on our Roadmap.

Staying remembered on RHEL/CentOS 7 now possible

RHEL/CentOS 7 still relies on OpenSSL v1.0.2 by default. A change in v2.9.1 resulted in an error in combination with this when ticking Stay Logged In during authentication. Staying logged in now works fine also on this platform.

Missing icons with SLES/OpenSUSE 15

If you’re running Icinga Web 2 Version 2.9.x on a SLES/OpenSUSE 15.x, you may have noticed some missing icons in the UI. This is due to a missing PHP extension fileinfo. By upgrading to this release using packages, this dependency will now be installed automatically.

Child downtimes for services are now removed automatically

With Icinga v2.13, Icinga Web 2 will now make sure that service downtimes that were created automatically are also removed automatically. This will only work for downtimes you create with the All Services option after upgrading to this release. It will not work for downtimes created with earlier versions of Icinga Web 2.

What’s New in Version 2.9.2

This is a hotfix release. v2.9.1 included a change that wasn’t compatible with PostgreSQL again. This has been fixed in this release. (#4490)

What’s New in Version 2.9.1

You can find all issues related to this release on our Roadmap.

Please make sure to also check the respective upgrading section in the documentation.

This release is accompanied by the minor releases v2.7.6 and v2.8.4 which include the fix for the flattened custom variables.

Pancakes everywhere

One of the security fixes included in v2.7.5, v2.8.3 and v2.9.0 went rampant and let you see similarities between custom variables and pancakes. These are gone now. Also, the login allowed some users to bake pancakes on their CPUs. However, we’d still recommend not to. What we do recommend, is to use graphical details to ease recognition. A pancake 🥞 in performance data labels for example.

Staying remembered too difficult

We all have sometimes difficulties remembering people we rarely meet. Especially obvious is this on those that slip through because they don’t do the same things we do. With v2.9.0 this has happened for PostgreSQL, PHP v5.6-v7.0 and setup wizard users. Now they get their deserved attention, and Icinga Web 2 will remember them just like all others.

Being picky pays off

A custom datetime picker was introduced with v2.9.0. It had it’s issues, but we didn’t anticipate that much headwind. After careful reconsideration, we chose to only show the custom datetime picker for Firefox and IE users. Other browsers have their own capable enough native implementation which, in Chrome’s case, may even be superior. If it is now used, it also closes automatically and doesn’t swallow unrelated key presses.

What’s New in Version 2.9.0

You can find all issues related to this release on our Roadmap.

Please make sure to also check the respective upgrading section in the documentation.

This release is accompanied by the minor releases v2.7.5 and v2.8.3 which include the security fixes mentioned below.

Icinga DB

We continue our endeavour soon. Icinga Web 2 is still a crucial part of it and this update is again required for Icinga DB. If you like to participate again, don’t forget to update Icinga Web 2 as well.

Security Fixes

This release includes two security related fixes. Both were published as part of a security advisory on Github. They allow the circumvention of custom variable protection rules and blacklists as well as a path traversal if the doc module is enabled. Please check the respective advisory for details.

RBAC, The Elephant In Icinga Web 2

Role Based Access Control, for the non-initiated. I’ll make it short: Permission refusals, Role inheritance, Privilege Audit. Icinga DB will also solve the long-standing issue #2455 and also allows #3349 and #3550. I’ve also written a blog post about this very topic: https://icinga.com/blog/2021/04/07/web-access-control-redefined/

Support for PHP 8

PHP 8 is released and with Icinga Web 2.9 it will now (hopefully) work flawlessly. We also took the chance to prepare to drop the support of some legacy PHP versions. We now require PHP 7.3 at a minimum and all versions below that will not be supported anymore with the release of v2.11.

Stay, Be Remembered

Have you ever been disappointed that Icinga Web 2 always forgets you after closing your browser? This is in your hands now! Just tick the new checkbox on the login screen and Icinga Web 2 doesn’t forget your presence anymore. Unless of course the administrator or you on a different device clears your session.

It Does Matter, When

Browsers are bad when it’s about date and time inputs. (I’m looking at you Mozilla!) Now we’ve given our hopes up and use a specifically invented solution to show you a date and time picker throughout every browser. With Icinga v2.13 onwards you will also be able to use this when defining an expiry date for comments! Though, you might not necessarily use it that often once you’ve configured new custom defaults for downtime endings.

What’s New in Version 2.8.2

Notice: This is a security release. It is recommended to immediately upgrade to this release.

You can find all issues related to this release on the respective milestone.

Path Traversal Vulnerability

The vulnerability in question allows an attacker to access arbitrary files which are readable by the process running Icinga Web 2. Technical details can be found at the corresponding CVE-2020-24368 and in the issue below.

Broken Negated Filters with PostgreSQL

We’ve also included a small non-security related fix. Searching for e.g. servicegroup!=support leads to an error instead of the desired result when using a PostgreSQL database.

What’s New in Version 2.8.1

You can find all issues related to this release on the respective milestone.

Case Sensitivity Problems

A fix in v2.8.0 led to users being not able to login if they got their username’s case wrong. A hostgroup name’s case has also been incorrectly taken into account despite using a CI labelled column in the servicegrid and other lists.

Issues With Numbers

An attempt to avoid misrepresenting environments in the tactical overview had an opposite effect by showing negative numbers. Filtering for timestamps in the event history also showed no results because our filters couldn’t cope with plain numbers anymore.

What’s New in Version 2.8.0

You can find all issues related to this release on our Roadmap.

Icinga DB

It’s happening. Yes. Our latest achievement is now available for those who are willing to participate in this enormous endeavour. Icinga Web 2 is also a crucial part of it and accompanies the first release of Icinga DB. If you like to participate, don’t forget to update Icinga Web 2 as well.

Support for PHP 7.4 and MySQL 8

We also made sure that you won’t be disappointed by Icinga Web 2 if you’re running PHP 7.4 or trying to access a MySQL database with version 8+. These should pose no issues anymore now. But if you still somehow managed to get issues please let us now and we’ll fix it asap.

Find What You Search For

It’s been previously not possible to properly filter for range values. This was especially true for custom variables where, if you searched for e.g. _host_interfaces>=20, you wouldn’t find the correct results. If you often copy some values in our search fields you may also been a victim of extraneous spaces which are now automatically trimmed.

Don’t Leave Your Little Sheep Unattended

It’s time again to further restrict your users. It’s now possible to completely block any access to contacts and contactgroups for specific roles. These won’t ever see again who’s notified and who’s not. Also, if you are using single accounts for a group of people you can now disable password changes for those.

In and Out, Access Control Done Right

While we have no burgers (but cookies!) you are nevertheless welcome to visit Icinga Web 2. And now you can also successfully leave while being externally authenticated and unsuccessfully enter while being unable to not add extraneous spaces to your username.

Changes in Packaging and Dependencies

Valid for distributions:

Discontinued Package Updates

Icinga Web 2 v2.8+ is not supported on these platforms:

Please consider an upgrade of your central Icinga system to a newer distribution release.

icinga.com provides an overview about currently supported distributions.

What’s New in Version 2.7.3

This is a hotfix release and fixes the following issue:

What’s New in Version 2.7.2

You can find all issues related to this release on our Roadmap.

Less Smoky Database Servers

The release of v2.7.1 introduced a change which revealed an inefficient part of our database queries. We made some general optimizations on our queries and changed the way we utilize them in some views. The result are faster response times by less work for the database server.

Anarchism Infested Dashboards

Recent history already showed signs of anarchism. (Pun intended) A similar mindset now infested default dashboards which appeared in a different way than before v2.7.0. We taught their dashlets a lesson and order has been reestablished as previously.

Solitary Downtimes

We improved the host and service distinction with v2.7.0. The downtimes list however got confused by this and didn’t knew anymore how to combine multiple downtimes. If you now instruct the list to select multiple downtimes this works again as we removed the confusing parts.

What’s New in Version 2.7.1

You can find all issues related to this release on our Roadmap.

Usually we try to include only bugs in minor-releases. Sorry, bug-fixes, of course. But thanks to @winem_ we have also a little enhancement this time: Links in comments, notes, etc. are now highlighted as such.

Nobody’s Perfect, Not Even Developers

We knew it. We saw it coming. And forgot about it. Some views, especially histories, showed an anarchic behavior since v2.7.0. The change responsible for this has been undone and history’s order is reestablished now.

Restrictions Gone Wild Cagey

A fix unfortunately caused restrictions using wildcards to show no results anymore. This is now solved and such restrictions are as permissive as ever.

What’s New in Version 2.7.0

You can find issues related to this release on our Roadmap.

Icinga’s Amazingness Spreads Further

All the Japanese and Ukrainian monitoring enthusiasts can now appreciate our web-frontend in their native tongue. Being so late to the party is also of their advantage, though. Because they can adjust their dashboard without worrying it gets broke with the next update. (All other admins with non-english users, please have a look at our upgrading documentation)

Modules - Bonus Functionality Unleashed

With this release module developers got additional ways to customize Icinga Web 2. Whether you ever wanted to hook into a configuration form’s handling, to perform your very own Ajax requests or enhance our multi-select views with fancy graphs. All is possible now.

UI - Your Daily Routine and Incident Management, Enhanced

Users with color deficiencies now have a built-in theme to ease navigating within Icinga Web 2. Also, our forms got a long overdue re-design and now look less boring. Though, the best of all features is that clicking while holding the Ctrl-key now actually opens a new browser tab! Lost comments? No more. Defining an expiry date again? No more!

Stay Focused - More Room for More Important Stuff

Some of you know that some checks tend to produce walls of text or measure (too) many interfaces. Now, plugin output and performance data will collapse if they exceed a certain height. If necessary they can of course be expanded and keep that way across browser restarts. The same is also true for the sidebar. (Though, this one stays collapsed)

Markdown - Tables, Lists and Emphasized Text The Easy Way

Since we now have the possibility to collapse large content dynamically, we allow you to add entire wiki pages to hosts and services. Though, if you prefer to use a real wiki to maintain those (what we’d strongly suggest) it’s now easier than ever before to link to it. Copy url, paste url, submit comment, Done.

Things You Have Missed Previously

The tactical overview, our fancy pie charts, is now the very first result when you search something in the sidebar. If you’ll see two entirely green circles there, relax. Also overdue or unreachable checks are now appropriately marked in list views and the service grid now allows you to switch between everything or problems only.

Authorization - Knowing and Controlling What’s Going On

Roles can now be even more tailored to users since the introduction of a new placeholder. This placeholder allows to use a user’s name in restrictions. Things like _service_responsible_person=$user:local_name$ are now possible. The audit log now receives failed login-attempts, that’s been made possible since hooks can now run for anonymous users.

See also the audit module which got an update and is required for #3856 to work.

What’s New in Version 2.6.3

You can find issues related to this release on our Roadmap.

PHP 7.3

Now supported. :tada:

LDAP - Community contributions, that’s the spirit

With the help of our users we’ve finally fixed the issue that defining multiple hostnames and enabling STARTTLS has never properly worked. Also, they’ve identified that defining multiple hostnames caused a customized port not being utilized and fixed it themselves.

There has also a rare case been fixed that caused no group members being found in case object classes had a different casing than what we expected. (Good news for all the non-OpenLdap and non-MSActiveDirectory users)

We take care about your data even better now

With this are newlines and HTML entities (such as  ) in plugin output and custom variables meant. Sorry if I’ve teased some data security folks now. :innocent:

You’ve wondered how you got into a famous blue police box?

Don’t worry, not only you and the european union are sometimes unsure what’s the correct time.

UI - The portal to your monitoring environment, improved

The collapsible sidebar introduced with v2.5 has been plagued by some issues since then. They’re now fixed. Also, the UI should now flicker less and properly preserve the scroll position when interacting with action links. (This also allows the business process module to behave more stable when using drag and drop in large configurations.)

Corrected things we’ve broke recently

That’s due to preemptive changes to protect you from bad individuals. Unfortunately this meant that some unforeseen side-effects appeared after the release of v2.6.2. These are now fixed.

Though, if you’ve faced issue #3705 you still need to take manual action (if not already done) as the provided fix does only prevent further occurrences of the resulting error. The required changes involve the transformation of all real newlines in Icinga Web 2’s INI files to literal \n or \r\n sequences. (Files likely having such are the roles.ini and announcements.ini)

What’s New in Version 2.6.2

You can find issues and features related to this release on our Roadmap.

This bugfix release addresses the following topics:

What’s New in Version 2.6.1

You can find issues and features related to this release on our Roadmap.

The command audit now logs a command’s payload as JSON which fixes a bug that has been introduced in version 2.6.0.

What’s New in Version 2.6.0

You can find issues and features related to this release on our Roadmap.

Enabling you to do stuff you couldn’t before

Avoiding that you miss something

Making your life a bit easier

Ensuring you understand everything

Freeing you from unrealiable things

What’s New in Version 2.5.3

You can find issues and features related to this release on our Roadmap.


A fix for an issue introduced with v2.5.2 that prevented service-only contacts from appearing in the UI resulted in long database response times and has been reverted.

What’s New in Version 2.5.2

You can find issues and features related to this release on our Roadmap.

UI Changes

The sidebar’s search behaviour has been changed so that it does only react to user-input after the user stopped typing. Also, the cursor does not jump to the end of form-inputs anymore in case of an auto-refresh. We’ve also fixed an issue that caused custom icons to be inverted when placed in the sidebar. Last but not least, the header now expands its width beyond the 3840px mark and single dashlets do not show a horizontal scrollbar anymore.

PHP7 MSSQL Compatibility

Support for Microsoft’s sqlsrv extension has been added. Also, it’s now possible to setup MSSQL resources in the front-end using the dblib extension.

Proper Error Responses

An issue introduced with v2.5.1 has been resolved where some errors (especially HTTP 404 Not Found) were masked by another subsequent error.

Broken LDAP Group Memberships

An issue introduced with v2.5.1 has been resolved where users with a domain in their name were not associated with any LDAP groups.

Monitoring Module

Issuing a check using the “Check Now” action now properly causes a check being made by Icinga 2 even if outside the timeperiod. (Note: This issue was only present if using the Icinga 2 Api as command transport.)

Login/Logout Expandability

It’s now possible for modules to provide hooks for the user authorization. This for example allows to transparently authenticate users in third-party applications such as Grafana.

What’s New in Version 2.5.1

You can find issues and features related to this release on our Roadmap.

Besides many other bug fixes, Icinga Web 2 v2.5.1 fixes an issue where it was no longer possible to filter by host custom variables in service related views. Also, this release introduces detail views for the event history and improved upgrading docs. Furthermore, this version censors sensitive information (e.g. LDAP passwords) in exception stack traces.

What’s New in Version 2.5.0

You can find issues and features related to this release on our Roadmap.

Raised PHP Version Dependency

Icinga Web 2 now requires at least PHP 5.6.

UI Changes

The style of the login screen and menu have been changed. Also, the menu of Icinga Web 2 is now collapsible. Browser tabs will not auto-refresh if they are inactive. Users are now allowed to change the default pagination limit via their preferences.

Domain-aware Authentication for Active Directory and LDAP Backends

If there are multiple AD/LDAP authentication backends with distinct domains, you are now able to make Icinga Web 2 aware of the domains. This can be done by configuring each AD/LDAP backend’s domain. You can also use the GUI for this purpose. Please read our documentation for more information about this feature.

Changes in Packaging and Dependencies

Valid for distributions:

Discontinued Package Updates

For the following distributions Icinga Web 2 won’t be updated past 2.4.x anymore:

Please think about replacing your central Icinga system to a newer distribution release.

Also see packages.icinga.com for the currently supported distributions.

What’s New in Version 2.4.2


What’s New in Version 2.4.1

Our public repositories and issue tracker have been migrated to GitHub.


What’s New in Version 2.4.0



What’s New in Version 2.3.4/2.3.3


What’s New in Version 2.3.2



What’s New in Version 2.3.1


What’s New in Version 2.3.0



What’s New in Version 2.2.0



What’s New in Version 2.1.1



What’s New in Version 2.1.0



What’s New in Version 2.0.0


Upgrading to Icinga Web 2 2.0.0

Icinga Web 2 installations from package on RHEL/CentOS 7 now depend on php-ZendFramework which is available through the EPEL repository. Before, Zend was installed as Icinga Web 2 vendor library through the package icingaweb2-vendor-zend. After upgrading, please make sure to remove the package icingaweb2-vendor-zend.

Icinga Web 2 version 2.0.0 requires permissions for accessing modules. Those permissions are automatically generated for each installed module in the format module/. Administrators have to grant the module permissions to users and/or user groups in the roles configuration for permitting access to specific modules. In addition, restrictions provided by modules are now configurable for each installed module too. Before, a module had to be enabled before having the possibility to configure restrictions.

The instances.ini configuration file provided by the monitoring module has been renamed to commandtransports.ini. The content and location of the file remains unchanged.

The location of a user’s preferences has been changed from config-dir/preferences/username.ini to config-dir/preferences/username/config.ini. The content of the file remains unchanged.



What’s New in Version 2.0.0-rc1




  1. ^↩︎