Package: icinga / 1.13.4-2

Metadata

Package Version Patches format
icinga 1.13.4-2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
50_cgi.cfg debianize.patch | (download)

sample-config/cgi.cfg.in | 15 15 + 0 - 0 !
1 file changed, 15 insertions(+)

 debianize cgi.cfg.
51_commands.cfg debianize.patch | (download)

sample-config/template-object/commands.cfg.in | 195 0 + 195 - 0 !
1 file changed, 195 deletions(-)

 debianize commands.cfg.
52_icinga.cfg debianize.patch | (download)

sample-config/icinga.cfg.in | 72 27 + 45 - 0 !
1 file changed, 27 insertions(+), 45 deletions(-)

 debianize icinga.cfg.
70_fix_eventhandler_paths.patch | (download)

contrib/eventhandlers/distributed-monitoring/obsessive_svc_handler | 2 1 + 1 - 0 !
contrib/eventhandlers/distributed-monitoring/submit_check_result_via_nsca | 4 2 + 2 - 0 !
contrib/eventhandlers/redundancy-scenario1/handle-master-host-event | 4 2 + 2 - 0 !
contrib/eventhandlers/redundancy-scenario1/handle-master-proc-event | 4 2 + 2 - 0 !
4 files changed, 7 insertions(+), 7 deletions(-)

 fix eventhandler paths.
95_fix_db_upgrade.patch | (download)

module/idoutils/db/pgsql/upgrade/pgsql-upgrade-1.3.0.sql | 18 0 + 18 - 0 !
module/idoutils/db/pgsql/upgrade/pgsql-upgrade-1.5.0.sql | 1 0 + 1 - 0 !
2 files changed, 19 deletions(-)

 fix db upgrade.
96_jquery_compat.patch | (download)

html/js/menu.js | 13 8 + 5 - 0 !
1 file changed, 8 insertions(+), 5 deletions(-)

 fix jquery compatibility.
 Bug#831332 icinga-cgi-bin: fix menu hiding (jquery 1.11 incompatibility)
 .
 icinga-cgi-bin in Debian Sid, Ubuntu Yakkety (and Ubuntu Xenial) is
 affected by an upstream bug where the left-hand menu in the Classic
 icinga web interface disappears immediately after the page finishes
 loading. Upstream has provided a fix and in my testing this resolves the
 issue (which is due to current code incompatibilty with jQuery versions
 in Debian and Ubuntu).
99_CVE 2015 8010.patch | (download)

cgi/avail.c | 325 134 + 191 - 0 !
cgi/cgiutils.c | 196 89 + 107 - 0 !
cgi/cmd.c | 326 146 + 180 - 0 !
cgi/config.c | 128 51 + 77 - 0 !
cgi/extinfo.c | 154 73 + 81 - 0 !
cgi/getcgi.c | 138 65 + 73 - 0 !
cgi/histogram.c | 281 117 + 164 - 0 !
cgi/history.c | 173 82 + 91 - 0 !
cgi/notifications.c | 190 81 + 109 - 0 !
cgi/outages.c | 72 39 + 33 - 0 !
cgi/showlog.c | 233 97 + 136 - 0 !
cgi/status.c | 264 122 + 142 - 0 !
cgi/statusmap.c | 201 102 + 99 - 0 !
cgi/summary.c | 264 106 + 158 - 0 !
cgi/tac.c | 81 39 + 42 - 0 !
cgi/trends.c | 313 141 + 172 - 0 !
include/getcgi.h | 17 15 + 2 - 0 !
17 files changed, 1499 insertions(+), 1857 deletions(-)

 fix xxs vulnerability in pagination and export links.
 Sorry guys. Due to my bad programming skills I introduced a
 XSS vulnerability in Classic-UI with the CSV export link and
 pagination feature. The functions parsed QUERY_STRING from
 the environment without properly sanitizing it.
 .
 The getcgivars() function got a bit reworked. Once the
 QUERY_STRING is read and parsed the content survives the
 whole lifetime of the cgi execution and gets freeĆ¢<80><99>d at
 the end. This way we can always build urls from valid parsed
 cgi params.
 .
 I wonder why I haven't done this earlier.
 .
 Also the url param parsing in every cgi was updated and
 hopefully everything works as bevor.
spelling errors.patch | (download)

Changelog | 2 1 + 1 - 0 !
base/checks.c | 2 1 + 1 - 0 !
base/icingastats.c | 26 13 + 13 - 0 !
cgi/cgiutils.c | 2 1 + 1 - 0 !
cgi/cmd.c | 2 1 + 1 - 0 !
cgi/history.c | 2 1 + 1 - 0 !
cgi/notifications.c | 2 1 + 1 - 0 !
cgi/showlog.c | 2 1 + 1 - 0 !
html/docs/de/icinga-web-api.html | 4 2 + 2 - 0 !
html/docs/de/sample-cgi.html | 2 1 + 1 - 0 !
html/docs/de/tuning.html | 2 1 + 1 - 0 !
html/docs/en/cachedchecks.html | 2 1 + 1 - 0 !
html/docs/en/configmain.html | 2 1 + 1 - 0 !
html/docs/en/icinga-web-api.html | 4 2 + 2 - 0 !
html/docs/en/sample-cgi.html | 2 1 + 1 - 0 !
html/docs/en/tuning.html | 4 2 + 2 - 0 !
module/idoutils/src/db.c | 2 1 + 1 - 0 !
module/idoutils/src/dbhandlers.c | 24 12 + 12 - 0 !
module/idoutils/src/dbqueries.c | 26 13 + 13 - 0 !
sample-config/cgi.cfg.in | 2 1 + 1 - 0 !
xdata/xodtemplate.c | 4 2 + 2 - 0 !
21 files changed, 60 insertions(+), 60 deletions(-)

 fix spelling errors.
 * Agressive  -> Aggressive
 * deamon     -> daemon
 * occuring   -> occurring
 * trucating  -> truncating
 * preceeding -> preceding
 * occured    -> occurred
 * occure     -> occur
 * Unkown     -> Unknown
53_jquery ui.patch | (download)

cgi/cgiutils.c | 7 5 + 2 - 0 !
html/menu.html.in | 16 9 + 7 - 0 !
include/cgiutils.h | 19 9 + 10 - 0 !
3 files changed, 23 insertions(+), 19 deletions(-)

 fixing jquery ui paths for the debian installation
pgsql upgrade 1.13.0.patch | (download)

module/idoutils/db/pgsql/upgrade/pgsql-upgrade-1.13.0.sql | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 fix database upgrade to 1.13.0.
 error encountered processing /usr/share/dbconfig-common/data/icinga-idoutils/upgrade/pgsql/1.13.0:
 ERROR: constraint "uq_servicedependencies" of relation "icinga_servicedependencies" does not exist