openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of ZoneMinder

buildservice-autocommit accepted request 1067522 from

Eric Schirra (ecsos) about 1 year ago (revision 121)

baserev update by copy to link target

Eric Schirra (ecsos) committed about 1 year ago (revision 120)

- Update to 1.36.33
  - Sanitise attr input in FilterTerm to prevent SQL Injection. Fixes GHSA-222j-wh8m-xjrx
  - Add object-src CSP directive to help prevent XSS
  - db: Add helper for escaping strings and use it on username retrieved from jwt to prevent SQL injection
  - use detaintPath on modal to prevent including other files instead of real modals
  - Check for valid date in minTime and maxTime to prevent SQL attack
  - Introduce check_datetime function to validate dates
  - Attempt to sanitize daemon and arguments before executing commands to prevent executing other programs.
  - Use validCardinal on MonitorId when creating snapshots to prevent executing other commands
  - Adjust size of text inputs MonitorName and Source Path Filters to match chosen inputs
  - test for existence of username in session to prevent error outputs when using AUTH_RELAY=plain
  - Move actions process to after the unauth check to prevent actions happening when unathentication
  - Fix detaintPath not stripping sequences like ..././
  - Escape <> in log messages to prevent html shenanigans. Fixes [#3596]
  - Don't start the statusCmdQuery on streaming start, because it is used when doing still updates.
    If we start it too fast, zms may not have started yet, causing errors in logs about zms
  - Set a short expiry 1min and set the cookie name to include the filter so that each 
    and every filter gets it;s own pagination saved. Fixes [#3510]
  - Use reload instead of restart on zone save
  - Add reload to monitor zmcControl
  - Stop streams when clicking cancel/Save so that we don't log errors trying to access a dead zms. Fixes [#3643]
  - Adding :80 to address is not worthy of an Error log, fixes warnings in logs from various PTZ scripts
  - Add a sleeping flag so that when we get sigterm, we can just exit instead of returning to the sleep.
    Speeds up zoneminder shutdown
  - fix format endtime on events list on watch view
  - Include command line in debug output when generating images
  - Fix missing/corrupted pre-alarm frames in recording. Fixes #3656
  - Remove test for Enabled on monitor. Motion detection being disabled has nothing to do with manual triggering. Fixes [#3657]
  - Allow viewing of events whose Monitor[Function]=None
  - Remove stripslashes when saving config values. The values in REQUEST have not been escaped,

buildservice-autocommit accepted request 1065527 from

Eric Schirra (ecsos) over 1 year ago (revision 119)

baserev update by copy to link target

Eric Schirra (ecsos) committed over 1 year ago (revision 118)

Eric Schirra (ecsos) committed over 1 year ago (revision 117)

Eric Schirra (ecsos) committed over 1 year ago (revision 116)

Eric Schirra (ecsos) committed over 1 year ago (revision 115)

- Let Leap use php8 also.
- Remove BuildRequires of php%%{php_major}-* because not need to build.

Eric Schirra (ecsos) committed over 1 year ago (revision 114)

buildservice-autocommit accepted request 1060961 from

Eric Schirra (ecsos) over 1 year ago (revision 113)

baserev update by copy to link target

Eric Schirra (ecsos) committed over 1 year ago (revision 112)

Eric Schirra (ecsos) committed over 1 year ago (revision 111)

Eric Schirra (ecsos) committed over 1 year ago (revision 110)

Eric Schirra (ecsos) committed over 1 year ago (revision 109)

- Let Tumbleweed use php8.

buildservice-autocommit accepted request 1036806 from

Eric Schirra (ecsos) over 1 year ago (revision 108)

baserev update by copy to link target

Eric Schirra (ecsos) committed over 1 year ago (revision 107)

- Update to 1.36.32
  - More properly fix the alarm status api changing. The previous
    hack broke doing alarm on/off.
  - fix handle of SQL generation of IN array when array is empty.
    Just always return false.
  - Fix test for null in Object::find
  - Make inputs on filter action table 100%
  - Fix Warning when monitor is not visible
  - Switch to utf8mb4 to support 4 byte unicode Fixes [#3514]
  - Make search input the same size as other toolbar elements
  - Remove deprecated CAMBOZOLA references
  - Update Monitor symlinking, improving deleting old link when changing name
  - Fix zone deleting and fix an extra comma in default coordinates
  - Add libswscale6 and libswresample4 dependencies for ubuntu kinetic
  - Remove return type from session class methods. not supported
    in php5.4. Fixes breakage on centos7. Fixes [#3622]
  - Fix recalculating Event Disk Space a second time when updating.
  - Set xhrFields: withCredentials: true so that we send cookies with
    our streaming xhr requests so that we pick up new auth hashes
  - Add Access-Control-Allow-Credentials: true so that we can pass
    cookies along with xhr requests.
  - Add Cause, Notes and EndDateTime to available columns in events
    list on watch view
  - Make button on Filter Debug modal be Close instead of Cancel
  - Handle empty but defined REQUEST[action]
  - replace php Memcached with Apc on Fedora
  - Allow MonitorName as default sort field as well as Monitor
  - Try out just using connkey as the semaphore key instead of ftok
    in ajax streaming requests
  - Turn back on error_reporting, just don't display the error in json ajax requests.

buildservice-autocommit accepted request 1029682 from

Eric Schirra (ecsos) over 1 year ago (revision 106)

baserev update by copy to link target

Eric Schirra (ecsos) committed over 1 year ago (revision 105)

Eric Schirra (ecsos) committed over 1 year ago (revision 104)

- Update to 1.36.31
  - Fix failed login due to remoteAddr not being populated in
    session after regeneration
  - Use REQUEST instead of SESSION to store the post login redirect
    because we clear the session on login. Fixes [#3517]
  - Turn off logging of deprecation notices so that we work with php8.2
- Update to 1.26.30
  - Test for definition of ZM_LOG_INJECT. We don't include the 
    config when not logged in. So it won't be defined and an error
    will be logged
  - Fix saving from the function modal (and other modals)
  - left align option value column
  - when a config value is overridden via *.conf files,
    put up a warning/explanation on the options view
  - Turn failure to send into a debug instead of warn. When running
    under fpm etc we may not get SIGPIPE.
  - Move relevant code out of includes/actions/auth.php into
    includs/auth.php. Fixes inability to login using GET method.
  - Don't panic if no font file found. We seem to be able to 
    continue without it.
  - Rework session handling to fix breakage with php8.2. Please
    note that php 8.2 still completely breaks a ton of our code.
    Do not upgrade to php8.2 and expect ZoneMinder to work.

buildservice-autocommit accepted request 1010253 from

Eric Schirra (ecsos) over 1 year ago (revision 103)

baserev update by copy to link target

Eric Schirra (ecsos) committed over 1 year ago (revision 102)

- Update to 1.36.29
  - update web/ajax.log.php to contents from master.
    Fixes errors causing log view to not work. Fixes [#3606]
  - use ajax() instead of getJSON so that we can specify no timeouts..
    This prevents log queries from stacking up overloading the db
  - Check for definition of CAMBOZOLA defines. The purpose is just
    to ease running the 1.36 UI against a 1.37 database.
  - Added option ZM_AUTH_CASE_INSENSITIVE_USERNAMES to match mixed
    case Usernames to lower case usernames in database [#3516]
  - Move LIBAVCODEC_VERSION_CHECK so that it is defined when the
    include files are under ffmpeg. Maybe fixes build with 5.1.2?
  - Test for matches[operator]. Fixes [#3607]

Displaying revisions 1 - 20 of 121

Places

Revisions of ZoneMinder

Places