Upstream changelog:
Changes from 4.3.6 -> 4.3.7 (13 Dec 2011)
=========================================
* rev 6803
* Fix acknowledge CGI (broken in 4.3.6)
* Fix broken uptime calculation for systems reporting "1 day"
* Workaround Solaris breakage in the LFS-support detection
* Fix/add links to the HTML man-page index.
* Fix "Stop after" value not being shown on the "info" page.
* Fix broken alert texts when using FORMAT=SMS
* Fix wrong description of xymondboard CRITERIA in xymon(1)
* Fix missing columnname in analysis.cfg(5) DS example
* Fix missing space in output from disk IGNORE rules in
xymond_client --dump-config
* Fix overwrite of xymon-apache.conf when upgrading
* Fix installation so it does not remove include/directory
lines from configuration files.
* Add client/local/ directory for custom client script
Changes from 4.3.5 -> 4.3.6 (5 Dec 2011)
========================================
* rev 6788
* Optionally choose the color for the "cpu" status when it goes
non-green due to uptime or clock offset.
* Allow for "include" and "directory" in combo.cfg and protocols.cfg
* New INTERFACES definition in hosts.cfg to select which network
interfaces are tracked in graphs.
* New access control mechanism for some CGI scripts returning
host-specific information. Access optionally checked against
an Apache-style "group" file (see xymonwebaccess(5) CGI manpage).
* New "vertical" page-definitions (vpage, vsubpage,vsubparent)
for listing hosts across and tests down on a page.
* Fix hostlist CGI crash when called with HTTP "HEAD"
* Fix svcstatus CGI crash when called with non-existing hostname
* Fix "ackinfo" updates being cleared when host hits a
DOWNTIME period.
* Fix compile-errors on Solaris due to network libraries
not being included.
* Fix "logrotate" messages not being sent to some channels.
* Fix problem with loading the hosts.cfg file.
* STATUSLIFETIME now provides the default time a status is valid (in xymond).
* Critical systems view: Use priority 99 for un-categorised priorities
(imported from NK tags) and show this as 'No priority' on the webpage.
* useradm CGI: Sort usernames
* New xymond module - xymond_distribute - can forward
administrative commands (drop, rename, disable, enable)
from one Xymon server to another.
* New tool: appfeed CGI provides data for the Android "xymonQV" app
by Darrik Mazey.
adjust Makefile to avoid/fix problems found by dholland
Upstream changelog:
Changes from 4.3.4 -> 4.3.5 (9 Sep 2011)
========================================
* rev 6754
* Fix crash in CGI generating the "info" status column.
* Fix broken handling of IGNORE for log-file analysis.
* Fix broken clean-up of obsolete cookies (no user impact).
* Devmon RRD handler: Fix missing initialisation, which
might cause crashes of the RRD handler.
* Fix crashes in xymond caused by faulty new library for
storing cookies and host-information.
* Fix memory corruption/crash in xymond caused by logging
of multi-source statuses.
* New "delayred" and "delayyellow" definitions for a host
can be used to delay change to a yellow/red status for
any status column (replaces the network-specific "badFOO"
definitions).
* analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to
select hosts by the group/group-only/group-except text.
* New HOSTDOCURL setting in xymonserver.cfg. Replaces the
xymongen "--docurl" and "--doccgi" options, and is used
by all tools.
* xymond_history option to control location of PID file.
* Critical Systems view: Optionally show eventlog for the
hosts present on the CS view.
* Critical Systems view: Multiple --config options can
now be used, to display critical systems from multiple
configurations on one page.
* Detailed status display: Speedup by no longer having to
load the hosts.cfg file.
* xymongen and xymonnet: Optionally load the hosts.cfg
from xymond instead of having to read the file.
Changes from 4.3.3 -> 4.3.4 (1 Aug 2011)
========================================
* rev 6722
* Fix crashes and data corruption in Xymon worker modules
(xymond_client, xymond_rrd etc) after handling large
messages.
* Fix xymond lock-up when renaming/deleting hosts
* Fix xymond cookie lookup mechanism
* Webpages: Add new HOSTPOPUP setting to control what values from
hosts.cfg are displayed as a "comment" to the hostname (either
in pop-up's or next to the hostname).
* Fix xymond_client crash if analysis.cfg contains invalid configuration
entries, e.g. expressions that do not compile.
* Fix showgraph CGI crash when legends contain colon.
* xymonnet: Include hostname when reporting erroneous test-spec
* CGI utils: Multiple potential security fixes involving buffer-
overruns when generating responses.
* CGI utils: Fix crash when invoked with HTTP "HEAD"
* CGI utils: Fix crashes on 64-bit platforms due to missing prototype
of "basename()" function.
* svcstatus CGI: Dont crash if history log is not a file.
* Critical systems view CGI: Cross-site scripting fix
* Fix recovery-messages for alerts sent to a GROUP
* RRD "memory" status handler now recognizes the output from the
bb-xsnmp.pl module (for Cisco routers).
* Web templates modified so the menu CSS can override the default
body CSS.
* Acknowledge web page now allows selecting minutes/hours/days
* Enable/Disable webpage enhanced, so when selecting multiple hosts
the "Tests" column only lists the tests those hosts have.
Changes from 4.3.2 -> 4.3.3 (6 May 2011)
========================================
* rev6684
* SECURITY FIX: Some CGI parameters were used to construct
filenames of historical logfiles without being sanitized,
so they could be abused to read files on the webserver.
* SECURITY FIX: More cross-site scripting vulnerabilities.
* Remove extra "," before "History" button on status-view
* Critical view: Shring priority-column to 10% width
* hosts.cfg loader: Check for valid IP spec (nibbles in
0-255 range). Large numbers in a nibble were accepted,
triggering problems when trying to ping the host.
* Alert macros no longer limited to 8kB
+ fixes cross-site scripting vulnerabilities (SA44036)
+ contains a lot of filename cleanup work (no more bb and hobbit)
please read upgrade-to-430.txt when upgrading from a previous pkg
(see also the install message)
