Releasing Icinga DB Web v1.1.3 and a IPL security release

by | Aug 6, 2024

Today we’re announcing the general availability of Icinga DB Web v1.1.3 as well as a vulnerability fix for the Icinga PHP Library (IPL) in version 0.14.1.

You can find all issues related to Icinga DB Web on its Roadmap. The fixed vulnerability is covered here.

Icinga DB Web

Disappearing Content

With the previous patch release we limited plugin output in lists to 1000 characters and in object details to 10000 characters. We did this to reduce the risk of long output crashing a browser’s tab. Though, it seems some of you have less forgiving browsers or the need to manually sift through huge amounts of SNMP metrics. Either way, you can now change the default limit in object details. Check out the documentation. Another – rather unexpected – effect this change had, was that it caused some hosts and services to disappear from lists! This was due to HTML in output being cut in half and the browser (being smart about it) merging it with Icinga DB Web’s own markup. Our CSS didn’t account for this of course, hiding the resulting overflow.

  • Plugin Output limited too much #1017
  • filtered views behave random after update #1012

Showing Respect to different Groups

We have several different types of objects in Icinga. Each has its own overview in Icinga DB Web. But some, especially groups, we didn’t pay enough attention recently. Compared to the monitoring module for example, host- and service-group filters are only now preserved while you navigate away. This has the beneficial side-effect that their details are now filterable like any other list. Both of these plus the contact and contact group overview, are now also navigable by keyboard (with the arrow keys) again, this got broke with v1.1.

  • Filtered Hostgroups and Servicegroups: Click on hostgroup shows all hosts instead of filtered hosts #1027
  • Fix keyboard navigation in item tables #1038

Broken Cubes

A change regarding custom variable filters in v1.1.2 caused Icinga Cube to not being able to render cubes based on them. This is fixed.
  • Filter for custom variable in role results in broken query in cube module with icingadb-web #1020

Icinga PHP Library

Just a few months ago, we had to disclose a CSRF vulnerability in Icinga Director. This caused us to put our other products to the test. Unfortunately, this revealed another case in one of our libraries. While the severity of this is way less severe than that of the Icinga Director (which isn’t affected by this!), we still encourage you to upgrade as soon as possible. By upgrading Icinga DB Web to v1.1.3, you will automatically upgrade the IPL as well.

 

You May Also Like…

Releasing Icinga Director v1.11.2

Releasing Icinga Director v1.11.2

We are pleased to announce the release of Icinga Director version 1.11.2, which addresses several important bug fixes...

Releasing Icinga Web v2.12.2

Releasing Icinga Web v2.12.2

Today we’re announcing the general availability of Icinga Web v2.12.2. You can find all issues related to this release...

Subscribe to our Newsletter

A monthly digest of the latest Icinga news, releases, articles and community topics.