Overview Repositories Revisions Requests Users Attributes Meta

Revisions of zabbix

亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 8) 
- update to 6.0.33
- this version fixes CVE-2024-36461 and CVE-2024-22114
- New Features and Improvements
  + ZBXNEXT-9000 Changed query table for ASM disk group metrics in Oracle Database plugin and
    Oracle by ODBC template Agent Templates
  + ZBXNEXT-9217 Added AWS Lambda by HTTP template Templates
  + ZBXNEXT-9293 Updated max supported MySQL version to 9.0 Proxy Server
  + ZBXNEXT-8657 Updated Zabbix health templates with new visualization Templates
  + ZBXNEXT-9143 Added index on auditlog recordsetid Server
  + ZBXNEXT-9081 Added Small Computer System Interface (SCSI) device type support to Zabbix agent 2 Smart plugin Agent
  + ZBXNEXT-6445 Added recovery expression for fuzzytime triggers in Linux and Windows templates,
    removed fuzzytime triggers from active agent templates Templates
  + ZBXNEXT-9201 Updated max supported MySQL version to 8.4 Proxy Server
  + ZBXNEXT-9225 Updated max supported TimescaleDB version to 2.15 Server
  + ZBXNEXT-9226 Updated max supported MariaDB version to 11.4 Proxy Server
  + ZBXNEXT-8868 Added discovery and template for Azure VM Scale Sets Templates
  
- Bug Fixes
  + BX-24947 Fixed PHP runtime errors while processing frontend notifications Frontend
  + ZBX-24824 Improved loadable plugin connection broker Agent
  + ZBX-24583 Fixed inability to export/import web scenario with digest authentication API
  + ZBX-23905 Fixed double scroll in script dialogs Frontend
  + ZBX-18767 Fixed word breaks in flexible text input fields and trigger expressions Frontend
  + ZBX-24909 Fixed resolving of macro functions in the "Item value" widget Frontend
  + ZBX-24859 Fixed JavaScript in S3 buckets discovery rule Templates
  + ZBX-24617 Fixed hardcoded region in AWS by HTTP template Templates
  + ZBX-24524 Fixed "New values per second" statistic to include dependent items in calculation Proxy Server
  + ZBX-24821 Made 'execute_on' value being recorded in audit only for shell scripts Server
  + ZBX-23312 Fixed discovery edit form being saved incorrectly after dcheck update Frontend
  + ZBX-24773 Fixed duplicate item preprocessing in Kubernetes Kubelet by HTTP template Templates
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 7)
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 6) 
- Backported fixes of CVE-2024-22114:
  + ZBX-25015
    [DEV-3729] removed unused variable
    	* 0004-.S.-DEV-3729-removed-unused-variable.patch
    [DEV-3729] fixed status.get response to return empty data for non super administrator user
    	* 0003-.S.-DEV-3729-fixed-status.get-response-to-return-emp.patch
    [DEV-3729] fixed code style; updated server data retrieval to be available only for super admins
    	* 0002-.F.-DEV-3729-fixed-code-style-updated-server-data-re.patch
    [DEV-3729] fixed information exposure in System information widget for users without proper permissions 
    	* 0001-.F.-DEV-3729-fixed-information-exposure-in-System-in.patch
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 5) 
  + ZBX-25018  
    [DEV-3755] fixed memory leak when destroying js environment with global variables linked to C structures
        * 0006-.PS.-DEV-3755-fixed-memory-leak-when-destroying-js-e.patch    
    [DEV-3755] removed automatic this object pushing to stack when attaching native data to js object
        * 0005-.PS.-DEV-3755-removed-automatic-this-object-pushing-.patch
    [DEV-3755] removed debug logging
        * 0004-.PS.-DEV-3755-removed-debug-logging.patch
    [DEV-3755] replaced js object mapping by hardcoded property with mapping by object heap pointer
        * 0003-.PS.-DEV-3755-replaced-js-object-mapping-by-hardcode.patch
    [DEV-3755] fixed memory leak when embedded native object retrieval failed in method accepting parameters
        * 0002-.PS.-DEV-3755-fixed-memory-leak-when-embedded-native.patch
    [DEV-3755] removed direct pointer access in custom javascript objects, added instanceof checks when 
    accessing embedded C pointers from custom js objects
        * 0001-.PS.-DEV-3755-removed-direct-pointer-access-in-custo.patch
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 4) 
  + ZBX-25018   
     [DEV-3755] fixed memory leak when destroying js environment with global variables linked to C structures
     [DEV-3755] removed automatic this object pushing to stack when attaching native data to js object
     [DEV-3755] removed debug logging
     [DEV-3755] replaced js object mapping by hardcoded property with mapping by object heap pointer
     [DEV-3755] fixed memory leak when embedded native object retrieval failed in method accepting parameters
     [DEV-3755] removed direct pointer access in custom javascript objects, added instanceof checks when 
     accessing embedded C pointers from custom js objects
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 3)
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 2) 
- Backported fixes of CVE-2024-36461:
  + ZBX-25018   [DEV-3755] added js security tests
                [DEV-3755] fixed memory leak when destroying js environment with global variables linked to C structures
                [DEV-3755] removed automatic this object pushing to stack when attaching native data to js object
                [DEV-3755] removed debug logging
                [DEV-3755] replaced js object mapping by hardcoded property with mapping by object heap pointer
                [DEV-3755] fixed memory leak when embedded native object retrieval failed in method accepting parameters
                [DEV-3755] removed direct pointer access in custom javascript objects, added instanceof checks when 
                accessing embedded C pointers from custom js objects
亚聃 范's avatar 亚聃 范 (fanyadan) committed (revision 1)
Displaying all 8 revisions
openSUSE Build Service is sponsored by
Places