En

Nagios官网安全更新(2021-01-13)

来源:Nagios官网 发布日期:2021-01-13 阅读次数:4545 评论:0

基本信息

发布日期:2021-01-13(官方当地时间)

更新类型:安全更新

更新版本:5.8.0

感知时间:2021-01-14 01:53:46

风险等级:未知

情报贡献:TSRC

更新标题

安全更新

更新详情

Added Migrate Server utility to Admin section to migrate Nagios Core systems to Nagios XI -JO,SAW
Added new Configuration Snapshots page with ability to see raw diffs between configuration changes that have been applied -JO
Added services tab into Host Status Details page to see service status without leaving the page -JO
Added ability to deploy agents from the Auto Discovery tool and show if agents have been deployed to hosts that are discovered -JO
Added Microsoft 365 Config Wizard -LG
Added Linux Server Legacy Config Wizard that uses NRPE -LG
Added notification options to Scheduled Backups to notify via email when backups succeed or if they fail -JO
Added ease of use enhancements to the New Password input and Email User New Password checkbox in the Edit Users page -JO
Added Scheduled Reports History tab to My Scheduled Reports page and Report Managment section to view reports ran and the status -JO
Added ability to send URL parameters to PUT API config endpoints in case a parameter cannot be passed via the URL path -JO
Added support for deploying agents on Windows machines (if openssh server is enabled and configured) via Deploy Agents -JO
Updated Rapid Response page sizing on mobile devices -JO
Updated Linux Server Config Wizard to use NCPA instead of NRPE -LG
Updated NDO to version 3.0.5 -JO,SAW
Updated Highcharts to version 7.2.2 for bug fixes -JO
Fixed Scheduled Backup logging so it logs output and errors directly into the scheduledbackups.log file when backups are ran -JO
Fixed issue with the coreuiproxy not properly working with URL encoded strings [TPS#15381] -JO
Fixed Scheduled Reporting logging file (/usr/local/nagiosxi/var/scheduledreporting.log) not being created by default -JO
Fixed Bulk Modifications Tool to properly apply check_command on host/services that do not have one [TPS#15385] -JO
Fixed Bulk Modifications Tool logging output not showing the proper host/service names in the audit log [TPS#15384] -JO
Fixed issue with forward slashes in name/definition of object configs in Nagios BPI [TPS#15356] -JO
Fixed service selection dropdown from changing sizes in Graph Explorer's Multistacked graph tab [TPS#15368] -JO
Fixed issue with Auto Discovery not having Actions buttons if a running job finishes before moving off or refreshing the page -JO
Fixed theme/CSS issue with column sizes on large screens -JO
Fixed Ansible package installation on Ubuntu 18.04 LTS systems -JO
Fixed 2FA causing issues with the Core username/password authentication .htaccess file [TPS#15401] -JO
Fixed API endpoints config/host and config/service to make host_name and config_name values case sensitive -JO
Fixed changing timezone in EL8 systems not restarting php-fpm which causes php to have the wrong timezone until restarted -JO
Fixed issue with system/commands when using multiple command IDs [TPS#15408] -JO,SS
Fixed security vulnerability where PNP's PHP templates were accessible from the interface -JO
Fixed stored XSS security vulnerability in My Tools page (thanks Matthew Aberegg) -JO
Fixed security vulnerability in Manage Plugins upload when using convert line endings option (CVE-2020-35578) (thanks Haboob Team) -JO
Fixed styling on Rapid Response page when using a trial enterprise license -JO
Fixed serial number for self signed SSL generated when selecting SSL option during install -JO
Fixed sysstat cron job cpu stats on newer versions of iostat in CentOS/RHEL systems -JO,DC
Fixed XSS security vulnerability in Nagios BPI config IDs (thanks Matt Aberegg) -JO
Fixed XSS security vulnerability in views url (thanks Matt Aberegg) -JO
Fixed issue with Bulk Modifications Tool when removing a free variable where relationships would not show -JO
Fixed XSS security vulnerability in SSH Terminal page (thanks Nipun Gupta of Cloudfuzz) -JO

软件描述

Nagios是一款开源的免费网络监视工具,能有效监控Windows、Linux和Unix的主机状态,交换机路由器等网络设备,打印机等

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入