File icingaweb2.changes of Package icingaweb2

Fri Nov 27 15:03:40 UTC 2020 - ecsos <>


Thu Nov 26 09:26:13 UTC 2020 - ecsos <>

- Add missing requires php-curl, php-imagick.
- Add a2enmod mod_php and mod_rewrite at post section.

Sat Aug 22 15:00:54 UTC 2020 - ecsos <>

- Update to 2.8.2
  Notice: This is a security release. 
          It is recommended to immediately upgrade to this release.

  You can find all issues related to this release on the respective 

  * Path Traversal Vulnerability
    The vulnerability in question allows an attacker to access 
    arbitrary files which are readable by the process running 
    Icinga Web 2. Technical details can be found at the 
    corresponding CVE-2020-24368 and in the issue below.

    - Possible path traversal when serving static image files #4226

  * Broken Negated Filters with PostgreSQL
    We've also included a small non-security related fix. Searching
    for e.g. servicegroup!=support leads to an error instead of the
    desired result when using a PostgreSQL database.

    - Single negated membership filter fails with PostgreSQL #4196

Mon Jun 29 12:39:00 UTC 2020 - ecsos <>

- Update to 2.8.1
  * Case Sensitivity Problems
    A fix in v2.8.0 led to users being not able to login if they
    got their username's case wrong. A hostgroup name's case has
    also been incorrectly taken into account despite using a CI 
    labelled column in the servicegrid and other lists.
    - Login usernames now case sensitive in 2.8 #4184
    - Case insensitive hostgroup filter in service grid not working
  * Issues With Numbers
    An attempt to avoid misrepresenting environments in the 
    tactical overview had an opposite effect by showing negative
    numbers. Filtering for timestamps in the event history also 
    showed no results because our filters couldn't cope with plain
    numbers anymore.
    - Tactical overview showing "-1 pending" hosts #4174
    - Timestamp filters not working correctly in history views

Mon Jun  8 13:22:08 UTC 2020 - ecsos <>

- Update to 2.8.0
  * Icinga DB
    It's happening. Yes. Our latest achievement is now available
    for those who are willing to participate in this enormous
    endeavour. Icinga Web 2 is also a crucial part of it and 
    accompanies the first release of Icinga DB. If you like to 
    participate, don't forget to update Icinga Web 2 as well.
  * Support for PHP 7.4 and MySQL 8
    We also made sure that you won't be disappointed by Icinga Web 2
    if you're running PHP 7.4 or trying to access a MySQL database
    with version 8+. These should pose no issues anymore now. But
    if you still somehow managed to get issues please let us now 
    and we'll fix it asap.
    - Exceptions with MySQL 8 #3740
    - Support for PHP 7.4 #4009
  * Find What You Search For
    It's been previously not possible to properly filter for range
    values. This was especially true for custom variables where, 
    if you searched for e.g. _host_interfaces>=20, you wouldn't 
    find the correct results. If you often copy some values in our 
    search fields you may also been a victim of extraneous spaces
    which are now automatically trimmed.
    - Filter: more/less than doesn't seem to working #3974
    - Search object followed by a space finds no results #4002
  * Don't Leave Your Little Sheep Unattended
    It's time again to further restrict your users. It's now 
    possible to completely block any access to contacts and 
    contactgroups for specific roles. These won't ever see again
    who's notified and who's not. Also, if you are using single
    accounts for a group of people you can now disable password
    changes for those.
    - Prohibit access to contacts and contactgroups #3973
    - Allow to forbid password changes on specific user accounts #3286
  * In and Out, Access Control Done Right
    While we have no burgers but cookies you are nevertheless
    welcome to visit Icinga Web 2. And now you can also successfully
    leave while being externally authenticated and unsuccessfully
    enter while being unable to not add extraneous spaces to your
    - External logout not working from the navigation dashboard #3995
    - Username with extraneous spaces are not invalid #4030

Fri May 22 16:58:45 UTC 2020 - Lars Vogdt <>

- update to 2.8.0~rc1
  * fixed exceptions with MySQL 8 #3740
  * fixed support for PHP 7.4 #4009
  * Filter: more/less than doesn't seem to working #3974
  * Search object followed by a space finds no results #4002
  * Prohibit access to contacts and contactgroups #3973
  * Allow to forbid password changes on specific user accounts #3286
  * External logout not working from the navigation dashboard #3995
  * Username with extraneous spaces are not invalid #4030
- use /usr/share/bash-completion/completions/ instead of 
  /etc/bash_completion.d/ for icingacli

Fri Oct 18 09:02:43 UTC 2019 -

- Update to 2.7.3
  This is a hotfix release and fixes the following issue:
  - Servicegroups for roles with filtered objects not available #3983

Wed Oct 16 08:22:14 UTC 2019 -

- Update to 2.7.2
  You can find all issues related to this release on our Roadmap.
  * Less Smoky Database Servers
    The release of v2.7.1 introduced a change which revealed an 
    inefficient part of our database queries. We made some general 
    optimizations on our queries and changed the way we utilize 
    them in some views. The result are faster response times by 
    less work for the database server.
    - Consuming more CPU resources since upgraded to 2.7.1 #3928
  * Anarchism Infested Dashboards
    Recent history already showed signs of anarchism. (Pun intended) 
    A similar mindset now infested default dashboards which appeared
    in a different way than before v2.7.0. We taught their dashlets
    a lesson and order has been reestablished as previously.
    - Recently Recovered Services in dashboard Current Incidents
      seems out of order #3931
  * Solitary Downtimes
    We improved the host and service distinction with v2.7.0. The 
    downtimes list however got confused by this and didn't knew 
    anymore how to combine multiple downtimes. If you now instruct
    the list to select multiple downtimes this works again as we 
    removed the confusing parts.
    - Selection of multiple downtimes fails #3920

Sat Aug 24 16:21:55 UTC 2019 -

- Update to 2.7.1
  You can find all issues related to this release on our Roadmap.
  * Sneaky Solution for Sneaky Links
    Usually we try to include only bugs in minor-releases. Sorry, 
    bug-fixes, of course. But thanks to @winem_ we have also a 
    little enhancement this time: Links in comments, notes, etc. 
    are now highlighted as such.
    - Highlight links in the notes of an object #3888
  * Nobody's Perfect, Not Even Developers
    We knew it. We saw it coming. And forgot about it. Some views, 
    especially histories, showed an anarchic behavior since v2.7.0.
    The change responsible for this has been undone and history's 
    order is reestablished now.
    - Default sort rules no longer work in 2.7.0 #3891
  * Restrictions Gone Wild Cagey
    A fix unfortunately caused restrictions using wildcards to show
    no results anymore. This is now solved and such restrictions 
    are as permissive as ever.
    - Wildcard filters in chains broken #3886

Tue Jul 30 22:31:29 UTC 2019 -

- Update to 2.7.0
  You can find issues related to this release on our Roadmap.
  * Icinga's Amazingness Spreads Further
    All the Japanese and Ukrainian monitoring enthusiasts can now 
    appreciate our web-frontend in their native tongue. Being so 
    late to the party is also of their advantage, though. Because 
    they can adjust their dashboard without worrying it gets broke 
    with the next update. (All other admins with non-english users,
    please have a look at our upgrading documentation)
    - Add Japanese language support #3776
    - Add Ukrainian language support #3828
    - Don't translate pane and dashlet names in configs #3837
  * Modules - Bonus Functionality Unleashed
    With this release module developers got additional ways to 
    customize Icinga Web 2. Whether you ever wanted to hook into 
    a configuration form's handling, to perform your very own Ajax
    requests or enhance our multi-select views with fancy graphs. 
    All is possible now.
    - Allow to hook into a configuration form's handling #3862
    - Allow to fully customize click and submit handling #3794
    - Integrate DetailviewExtension into multi-select views #3304
  * UI - Your Daily Routine and Incident Management, Enhanced
    Users with color deficiencies now have a built-in theme to ease
    navigating within Icinga Web 2. Also, our forms got a long 
    overdue re-design and now look less boring. Though, the best of
    all features is that clicking while holding the Ctrl-key now 
    actually opens a new browser tab! Lost comments? No more. 
    Defining an expiry date again? No more!
    - Add colorblind theme #3743
    - Improve the look of forms #3416
    - Make ctrl-click open new tab #3723
  * Stay Focused - More Room for More Important Stuff
    Some of you know that some checks tend to produce walls of text
    or measure (too) many interfaces. Now, plugin output and 
    performance data will collapse if they exceed a certain height.
    If necessary they can of course be expanded and keep that way 
    across browser restarts. The same is also true for the sidebar.
    (Though, this one stays collapsed)
    - Persistent Collapsible Containers #3638
    - Collapsible plugin output #3870
    - Collapsed sidebar should stay collapsed #3682
  * Markdown - Tables, Lists and Emphasized Text The Easy Way
    Since we now have the possibility to collapse large content 
    dynamically, we allow you to add entire wiki pages to hosts and
    services. Though, if you prefer to use a real wiki to maintain 
    those (what we'd strongly suggest) it's now easier than ever 
    before to link to it. Copy url, paste url, submit comment,Done.
    - Make notes, comments and announcements markdown aware #3814
    - Transform any URL in a Comment to a clickable Link #3441
    - Support relative links in plugin output #2916
  * Things You Have Missed Previously
    The tactical overview, our fancy pie charts, is now the very 
    first result when you search something in the sidebar. 
    If you'll see two entirely green circles there, relax. 
    Also overdue or unreachable checks are now appropriately marked
    in list views and the service grid now allows you to switch 
    between everything or problems only.
    - Add tactical overview to global search #3845
    - Servicegrid: Add toggle to show problems only #3871
    - Make overdue/unreachable checks better visible #3860
  * Authorization - Knowing and Controlling What's Going On
    Roles can now be even more tailored to users since the 
    introduction of a new placeholder. This placeholder allows to
    use a user's name in restrictions. 
    Things like _service_responsible_person=$user:local_name$ are 
    now possible. The audit log now receives failed login-attempts,
    that's been made possible since hooks can now run for anonymous
    - Allow roles to filter for the currently logged in user #3493
    - Add possibility to disable permission checks for hooks #3849
    - Send failed login-attempts to the audit log #3856
  See also the audit module which got an update and is required for
  #3856 to work.

Thu Apr 25 10:37:29 UTC 2019 - Martin Liška <>

- update to 2.6.3
  You can find issues related to this release on our Roadmap.
  * PHP 7.3
    - Now supported. tada
  * LDAP - Community contributions, that's the spirit
    With the help of our users we've finally fixed the issue that 
    defining multiple hostnames and enabling STARTTLS has never 
    properly worked. Also, they've identified that defining 
    multiple hostnames caused a customized port not being utilized 
    and fixed it themselves.
    There has also a rare case been fixed that caused no group 
    members being found in case object classes had a different
    casing than what we expected. (Good news for all the 
    non-OpenLdap and non-MSActiveDirectory users)
    - LDAP connection fails with multiple servers using STARTTLS 
    - LDAPS authentication ignores custom port setting #3713
    - LDAP group members not found #3650
  * We take care about your data even better now
    With this are newlines and HTML entities (such as &nbsp;) in 
    plugin output and custom variables meant.
    Sorry if I've teased some data security folks now. innocent
    - Newlines in plugin output disappear #3662
    - Windows path separators are converted to newlines in custom 
      variables #3636
    - HTML entities in plugin output are not resolved if no other 
      HTML is there #3707
  * You've wondered how you got into a famous blue police box?
    Don't worry, not only you and the european union are sometimes
    unsure what's the correct time.
    - Set client timezone on DB connection #3525
    - Ensure a valid default timezone is set in any case #3747
    - Fix that the event detail view is not showing times in 
      correct timezone #3660
  * UI - The portal to your monitoring environment, improved
    The collapsible sidebar introduced with v2.5 has been plagued 
    by some issues since then. They're now fixed. Also, the UI 
    should now flicker less and properly preserve the scroll 
    position when interacting with action links. (This also allows
    the business process module to behave more stable when using 
    drag and drop in large configurations.)
    - Collapsible Sidebar Issues #3187
    - Fix title when closing right column #3654
    - Preserve scroll position upon form submits #3661
  * Corrected things we've broke recently
    That's due to preemptive changes to protect you from bad 
    individuals. Unfortunately this meant that some unforeseen
    side-effects appeared after the release of v2.6.2. 
    These are now fixed.
    - Multiline values in ini files broken #3705
    - PHP ini parser doesn't strip trailing whitespace #3733
    - Escaped characters in INI values are not unescaped #3648
    - Though, if you've faced issue #3705 you still need to take 
      manual action (if not already done) as the provided fix does 
      only prevent further occurrences of the resulting error. The
      required changes involve the transformation of all real 
      newlines in Icinga Web 2's INI files to literal \n or \r\n
      sequences. (Files likely having such are the roles.ini and 

Wed Nov 21 12:33:40 UTC 2018 -

- update to 2.6.2
  You can find issues and features related to this release on our Roadmap.
  This bugfix release addresses the following topics:
  * Database connections to MySQL 8 no longer fail
  * LDAP connections now have a timeout configuration which defaults to 5 seconds
  * User groups are now correctly loaded for externally authenticated users
  * Filters are respected for all links in the host and service group overviews
  * Fixed permission problems where host and service actions provided by modules were missing
  * Fixed an SQL error in the contact list view when filtering for host groups
  * Fixed time zone (DST) detection
  * Fixed the contact details view if restrictions are active
  * Doc parser and documentation fixes
- Fix security issues:
      boo#1119784 (CVE-2018-18246) and
      boo#1119785 (CVE-2018-18247) and
      boo#1119799 (CVE-2018-18249) and
      boo#1119800 (CVE-2018-18250) and
      boo#1119801 (CVE-2018-18248)

Wed Nov 21 12:17:42 UTC 2018 -

- Use current spec file from upstream.
- Insert missing things from old spec file in new upstream spec file.
- Remove setuid from new upstream spec file for following dirs: 

Wed Sep 26 10:39:55 UTC 2018 -


Sat Aug 11 09:16:05 UTC 2018 -

- update to 2.6.1
  - You can find issues and features related to this release on our 
  - The command audit now logs a command's payload as JSON which fixes 
    a [bug]( 
    that has been introduced in version 2.6.0.

Sat Jul 28 22:17:03 UTC 2018 -

- updatet to 2.6.0
  You can find issues and features related to this release on our Roadmap.
  * Enabling you to do stuff you couldn't before
    - Support for PHP 7.2 added
    - Support for SQLite resources added
    - Login and Command (monitoring) auditing added with the help of a dedicated module
    - Pluginoutput rendering is now hookable by modules which allows to render custom icons, emojis and .. cute kitties :octocat:
  * Avoiding that you miss something
    - It's now possible to toggle between list- and grid-mode for the host- and servicegroup overviews
    - The servicegrid now supports to flip its axes which allows it to be put into a landscape mode
    - Contacts only associated with services are visible now when restricted based on host filters
    - Negated and combined membership filters now work as expected (#2934)
    - A more prominent error message in case the monitoring backend goes down
    - The filter editor doesn't get cleared anymore upon hitting Enter
  * Making your life a bit easier
    - The tactical overview is now filterable and can be safely put into the dashboard
    - It is now possible to register new announcements over the REST Api
    - Filtering for custom variables now works in UTF8 environments
  * Ensuring you understand everything
    - The monitoring health is now beautiful to look at and properly behaves in narrow environments
    - Updated German localization
    - Updated Italian localization
  * Freeing you from unrealiable things
    - Removed support for PHP < 5.6
    - Removed support for persistent database connections
- Drop 0001-Don-t-call-session_start-after-ini_set.patch,
  because now in upstrem
Mon Jul 16 19:39:30 UTC 2018 -

- boo#1101357: Fixed missing dependency php-ctype in spec file.

Tue May 22 20:47:34 UTC 2018 -

- Backport of fix for PHP 7.2 (upstream git commit dadd2c80f)
  * 0001-Don-t-call-session_start-after-ini_set.patch

Fri Apr 27 15:48:12 UTC 2018 -

- update to 2.5.3
  + Hotfix
    * This is a hotfix release and addresses an issue with frequent
      delays/timeouts when viewing hosts and services in the front-end.

Fri Apr 27 15:46:52 UTC 2018 -

- update to 2.5.2
  + Features
    * You can find issues and features related to this release on our Roadmap

Thu Jan 25 16:41:52 UTC 2018 -

- update to 2.5.1
  + Features
    * You can find issues and features related to this release on our Roadmap

Fri Jan 12 08:13:34 UTC 2018 -

- remove addFilter("permissions-directory-setuid-bit") and

Thu Jan 11 11:42:39 UTC 2018 -

- insert missing requires(pre): user(wwwrun) for Tumbleweed

Mon Jan  8 11:18:07 UTC 2018 -

- fix rpmlint errors, reduce rpmlint warnings

Tue Dec 26 13:58:32 UTC 2017 -

- Remove redundant %clean section. Fix RPM groups.
  Update summaries.

Mon Dec 11 11:46:24 UTC 2017 -

- drop permissions.d and add BuildRequires nagios-rpm-macros >= 14.0
  to remove setBadness in rpmlintrc

Wed Dec 06 14:36:52 UTC 2017 -

- removed php5-Zendframework dependency
- added icingaweb2-vendor-zf1 package

Wed Dec 06 12:17:52 UTC 2017 -

- update to 2.5.0
  + Features
    * You can find issues and features related to this release on our Roadmap

Wed Oct 18 12:09:52 UTC 2017 -

- update to 2.4.2
  + Bugfixes
    * Bug 2965: Transport config: Default port not changing upon auto-submit
    * Bug 2926: Wrong order when sorting by host_severity
    * Bug 2923: Number fields should be valid when empty
    * Bug 2919: Fix cached loading of module config
    * Bug 2911: Acknowledgements are not working without an expiry time
    * Bug 2878: process-check-result Button is visible even when user isn't allowed to use it
    * Bug 2850: Link to acknowledgements is wrong in the timeline
    * Bug 2841: Wrong menu height when switching back from mobile layout
    * Bug 2806: Wrong service state count in hostgroup overview
    * Bug 2805: Response from the Icinga 2 API w/ an empty result set leads to exception
    * Bug 2801: Wrong help text for the director in the icingacli
    * Bug 2784: Module and gravatar images are not served with their proper MIME type
    * Bug 2776: Defaults not respected when acknowledging problems
    * Bug 2767: Monitoring module: Config field protected vars not updated after zeroing config.ini
    * Bug 2728: Gracefully handle invalid Icinga 2 API response types
    * Bug 2718: Hide check attempt for hard states in history views
    * Bug 2716: Web 2 doesn't detect the browser time zone if the time zone offset is negative
    * Bug 2714: icingacli module disable fails on consecutive calls
    * Bug 2695: Macros cannot be used for a navigation item's url-port
    * Bug 2684: [ #14027] Translation module should not write absolute path to .po files
    * Bug 2683: [ #14025] Translation module should remove temp files
    * Bug 2661: [ #13651] Don't offer the Icinga 2 API as transport if PHP cURL is missing
    * Bug 2660: [ #13649] Make the Icinga 2 API the default command transport
    * Bug 2656: [ #13627] Wrong count of handled critical service in the hover text
    * Bug 2645: [ #13539] Improve error handling and validation of multiple LDAP URIs
    * Bug 2598: [ #12977] Adding an empty user backend fails
    * Bug 2545: [ #12640] MSSQL ressource not working
    * Bug 2523: [ #12410] Click on Host in Service Grid can cause "Invalid Filter" error
    * Bug 2519: [ #12330] Filter editor may show wrong values after searching
    * Bug 2509: [ #12295] group_name_attribute should be "sAMAccountName" by default

Wed Oct  4 10:40:54 UTC 2017 -

- make package compatible to php7

Sun Aug 20 17:57:01 UTC 2017 -

- change spec to use php7 also

Sat May 27 08:27:00 UTC 2017 -

- fix build error for Tumbleweed

Wed Feb 22 12:03:46 UTC 2017 -

- rename package icingacli to icingaweb-icingacli 
  and make icingacli as Recommends

Tue Jan 24 17:19:52 UTC 2017 -

- update to 2.4.1
  + Bugfixes
    * Bug 2651: [ #13607] Displayed times messed up in Icinga Web 2.4.0 w/ PostgreSQL
    * Bug 2654: [ #13615] Setup wizard: Not possible to setup Icinga Web 2 with an external database
    * Bug 2663: [ #13691] Hook::all() is broken on CLI
    * Bug 2669: [ #13735] Setup wizard: Progress bar isn't shown correctly, if setup is at finish step
    * Bug 2681: [ #13957] Support failover API command transport configuration
    * Bug 2686: Granular module permissions do not work for hooks
    * Bug 2687: Update URLs to, remove wiki & update to GitHub

Wed Dec 14 22:40:51 UTC 2016 -

- update to 2.4.0-2
  + Bugfixes
    * RPM: Fix specfile
    * RPM: Update revision
    * CSS: Reset line-height in the button mixin

- update to 2.4.0
  + Feature
    * Feature 12598 (Authentication & Authorization): Support nested AD groups for Roles and not just login
    * Feature 11809 (Authentication & Authorization): Test and document multiple LDAP-URIs separated by space in LDAP ressources
    * Feature 10616 (Authentication & Authorization): Users w/o administrative permissions should be allowed to change their password
    * Feature 13381 (CLI): Allow to configure the default listen address for the CLI command web serve
    * Feature 11820 (Configuration): Check whether chosen locale is available
    * Feature 11214 (Configuration): Logger: Allow to configure the Syslog Facility
    * Feature 13117 (Framework): Add charset UTF-8 to default content type
    * Feature 12634 (Framework): Possibitlity to fold and unfold filter by click
    * Feature 11198 (Framework): Announce banner
    * Feature 11115 (Framework): Add SSL support to MySQL database resources
    * Feature 8270 (Installation): Add SELinux policy for Icinga Web 2
    * Feature 13187 (Monitoring): Command toolbar in the host and service detail views
    * Feature 12873 (Monitoring): Change default for sticky option of acknowledgements from true to false
    * Feature 12820 (Monitoring): Export detail views to JSON
    * Feature 12766 (Monitoring): Show flapping events in the host and service history views
    * Feature 12764 (Monitoring): Display downtime end even if it hasn't been started yet
    * Feature 12125 (Monitoring): Allow th in plugin output
    * Feature 11952 (Monitoring): Allow changing default of 'sticky' in acknowledgement and other command options
    * Feature 11398 (Monitoring): Send commands over Icinga 2's API
    * Feature 11835 (UI): Add clear button to search field
    * Feature 11792 (UI): Show hint if notifications are disabled globally
    * Feature 11664 (UI): Show git HEAD for modules if available
    * Feature 13461 (Vendor Libraries): Use Icinga's fork of Zend Framework 1 icingaweb2-vendor-zf1
  + Bugfixes
    * Bug 12396 (Authentication & Authorization): Hooks don't respect module permissions
    * Bug 12164 (Authentication & Authorization): REDIRECT_REMOTE_USER not evaluated during external auth
    * Bug 12108 (Authentication & Authorization): assertPermission allows everything for unauthenticated requests
    * Bug 13357 (Configuration): Persistent database resources cannot be made non-persistent
    * Bug 12848 (Configuration): Empty "Protected Custom Variables" falls back to defaults
    * Bug 12655 (Configuration): Permission application/log is not configurable
    * Bug 12170 (Configuration): Adding a DB resource via webinterface requires one to enter a password
    * Bug 10401 (Configuration): LdapUserGroupBackendForm: user_* settings not purged
    * Bug 9804 (Configuration): Renaming the resource used for the config backend does not update the global configuration
    * Bug 11920 (Dashboard): Add to dashboard: wrong url makes whole dashboard unusable
    * Bug 13387 (Documentation): Can't display documentation of disabled modules
    * Bug 12923 (Framework): Navigation Item name must be of type string or NavigationItem
    * Bug 12852 (Framework): Hosts without any services are hidden from roles with monitoring/filter/objects set
    * Bug 12760 (Framework): Do not log exceptions other than those resulting in a HTTP 500 status-code
    * Bug 12583 (Framework): Unhandled exceptions while handling REST requests will silently drop the http response code
    * Bug 12580 (Framework): REST requests cannot be anonymous
    * Bug 12557 (Framework): Module description cannot be on a single line
    * Bug 12299 (Framework): FilterExpression renders a&!b as a=1&b!=1
    * Bug 12161 (Framework): Icinga Web 2 doesn't set Content-Type
    * Bug 12065 (Framework): IniRepository: update/delete not possible with iterator
    * Bug 11743 (Framework): INI writer must not persist section keys with a null value
    * Bug 11185 (Framework): SummaryNavigationItemRenderer should show worst state
    * Bug 10361 (Framework): Handle E_RECOVERABLE_ERROR
    * Bug 13459 (Installation): Setup: Can't view monitoring config summary with Icinga 2 API as command transport
    * Bug 13467 (JavaScript): renderLayout has  side-effects
    * Bug 13115 (JavaScript): actiontable should not clear active row in case there is no newer one
    * Bug 12541 (JavaScript): Menu not reloaded in case no search is available
    * Bug 12328 (JavaScript): Separate vendor JavaScript libraries w/ semicolons and newlines on import
    * Bug 10704 (JavaScript): JS: Always use the jQuery find method w/ node context when selecting elements
    * Bug 10703 (JavaScript): JS: Don't use var self = this, but var _this = this
    * Bug 11431 (Modules): Modules can't require permission on menu items
    * Bug 10870 (Modules): Refuse erroneous module folder names when enabling the module
    * Bug 13243 (Monitoring): Inconsistent host and service flags
    * Bug 12889 (Monitoring): Timeline broken
    * Bug 12810 (Monitoring): Scheduling a downtime for all services of a host does not work w/ the Icinga 2 API as command transport
    * Bug 12313 (Monitoring): Multi-line strings within host.notes are being displayed as single line
    * Bug 12223 (Monitoring): State not highlighted in plugin output if it contains HTML
    * Bug 12019 (Monitoring): Contact view shows service filters with 'Downtime' even if not set
    * Bug 11915 (Monitoring): Performance data: negative values not handled
    * Bug 11859 (Monitoring): Can't separate between SOFT and HARD states in the history views
    * Bug 11766 (Monitoring): Performance data: Fit label column to show as much text as possible
    * Bug 11744 (Monitoring): Empty user groups are not displayed
    * Bug 10774 (Monitoring): Scheduling downtimes for child hosts doesn't work w/ Icinga 2.x (waiting for Icinga 2)
    * Bug 10537 (Monitoring): Filtering with not-equal on custom variable doesn't show hosts without this cv
    * Bug 7755 (Monitoring): Remove autosubmit in eventgrid
    * Bug 12133 (Navigation): Username and password not being passed in navigation item URLs
    * Bug 12776 (Print & Export): dompdf fails when border-style is set to auto
    * Bug 12723 (Print & Export): Allowed memory size exhausted when exporting the history view to CSV
    * Bug 12660 (QA): Choosing the Icinga theme floods the log with error messages
    * Bug 12774 (UI): Lot's of <span style="visibility:hidden; display:none;"></span> in Output
    * Bug 12134 (UI): Copy and paste: Plugin output contains unicode zero-width space characters
    * Bug 10691 (UI): Closing the detail area does not update the rows selected counter
    * Bug 13095 (Vagrant VM): TicketSalt constant missing
   * Bug 12717 (Vagrant VM): PluginContribDir constant removed during vagrant provisioning

Fri Jul 15 21:04:17 UTC 2016 -

- add minimum version 1.12.18 to ZendFramwork, 
  because of Bug #655: ZF2015-08 breaks binary data

Sat Jun 25 14:02:17 UTC 2016 -

- update to 2.3.4
  + Bugfixes
    * Bug 11267: Links in plugin output don't behave as expected
    * Bug 11348: Host aliases are not shown in detail area
    * Bug 11728: First non whitespace character after comma stripped from plugin output
    * Bug 11729: Sort by severity depends on state type
    * Bug 11737: Zero width space characters destroy state highlighting in plugin output
    * Bug 11796: Zero width space characters may destroy links in plugin output
    * Bug 11831: parsing fails in case it contains newlines that are not part of the module's description
    * Bug 11850: "Add to menu" tab unnecessarily appears in command forms
    * Bug 11871: Colors used in the timeline are not accessible
    * Bug 11883: Delete action on comments and downtimes in list views not accessible because they lack context
    * Bug 11885: Database: Asterisk filters ignored when combined w/ other filters
    * Bug 11910: Web 2 lacks mobile meta tags
    * Fix remote code execution via remote command transport

Mon May 30 14:03:12 UTC 2016 -

- Changed spec file to work with SLES 11

Tue May 10 21:05:09 UTC 2016 -

- update to 2.3.2
  + Feature
    * Feature 11629: Simplified event-history date and time representation
  + Bugfixes
    * Fix a privilege escalation issue in the monitoring module for authenticated users
    * Bug 10486: Menu rendering fails when no monitoring backend was configured
    * Bug 10847: Warn about illogical dates
    * Bug 10848: Can't change items per page if filter is in modify state
    * Bug 11392: Can't configure monitoring backend via the web interface when no monitoring backend was configured

Mon Apr 18 09:50:12 UTC 2016 -

- update to 2.3.1
  + Bugfixes
    * Bug 11598: Invalid SQL queries for PostgreSQL

- changes from 2.3.0
  + Features
    * Feature 10887: lib: Provide User::getRoles()
    * Feature 10965: Roles: Restrict visibility of custom variables
    * Feature 11404: Add is_reachable filter column to host and service data views
    * Feature 11485: lib/LDAP: Support scopes base and one
    * Feature 11495: Support data URIs in href
    * Feature 11529: Don't offer command disable notifications /w expire time if backend is Icinga 2
  + Bugfixes
    * Bug 9386: Improve order of documentation chapters
    * Bug 10820: Style problems with long plugin output lines
    * Bug 11078: Can't remove default dashboards
    * Bug 11099: Mobile menu icon is mispositioned
    * Bug 11128: Menu stops refreshing when there is text in the search field
    * Bug 11145: Pagination compontents should not float around
    * Bug 11171: Icinga Web 2 tries to load an ifont which results in 404
    * Bug 11245: icingacli monitoring list --problems throws an exception
    * Bug 11264: Cannot execute queries while other unbuffered queries are active
    * Bug 11277: external auth with PHP internal webserver still buggy
    * Bug 11279: Restrict access to Applicationlog
    * Bug 11299: Icon images no longer prepend img/icons
    * Bug 11391: External auth reads REMOTE_USER from process environment instead of request
    * Bug 11414: Doc module does not render images with relative path
    * Bug 11465: Stylesheet remains unchanged when module CSS/LESS files have been changed
    * Bug 11489: lib/LDAP: ordering does explicitly set fields
    * Bug 11490: lib/LDAP: LdapUtils::explodeDN replace deprecated use of eval in preg_replace
    * Bug 11516: Accessibility: Focus in Tactical Overview barely visible
    * Bug 11558: Missing ) in the documentation
    * Bug 11568: Docs: Global permissions table is broken

Tue Apr  5 15:01:39 UTC 2016 -

- update to 2.2.0
  + Features
    * Feature 8487: Number headings in the documentation module
    * Feature 8963: Feature commands in the multi select views
    * Feature 10654: Render links in acknowledgements, comments and downtimes
    * Feature 11062: Allow style classes in plugin output
    * Feature 11238: Puppet/Vagrant: Install mod_ssl and forward port 443
  + Bugfixes
    * Bug 7350: Tabs are missing if JS is disabled
    * Bug 9800: Debian packaging: Ship translation module w/ the icingaweb2 package and install its config.ini
    * Bug 10173: Failed commands give no useful error any more
    * Bug 10251: Icinga Web 2 fails to run with PHP7
    * Bug 10277: Special characters are incorrectly escaped for tooltips in the service grid
    * Bug 10289: Doc module: Headers are cut off when clicking on TOC links
    * Bug 10309: Move auth backend configuration to app config
    * Bug 10310: Monitoring details: information/action ordering
    * Bug 10362: Debian packaging: Separate package for CLI missing
    * Bug 10366: Text plugin output treated as HTML in too many occasions
    * Bug 10369: Accessibility: Focus not visible and lost after refresh
    * Bug 10397: Users with no permissions can check multiple services
    * Bug 10442: Edit user control should be more prominent
    * Bug 10469: "Remove Acknowledgement" text missing in multi-select views
    * Bug 10506: HTTP basic auth request is sent when using Kerberos authentication with Apache2 and mod_php
    * Bug 10625: Return local date and time when lost connection to the web server
    * Bug 10640: Respect protected_variables in nested custom variables too
    * Bug 10778: Filters in the host group and service group overview not applied to state links
    * Bug 10786: Whitespace characters are ignored in the plugin output in list views
    * Bug 10805: Setup Wizard: Obsolete PHP sockets requirement
    * Bug 10856: Benchmark is not rendered on many pages
    * Bug 10871: Get rid of padding in controls
    * Bug 10878: Dashboards different depending on username casing
    * Bug 10881: Move iframe from modules to framework
    * Bug 10917: Event grid tiles: The filter column "from" is not allowed here
    * Bug 10918: Error on logout when using external authentication
    * Bug 10921: icingacli monitoring list --format=csv throws error
    * Bug 11000: Change license header to only reflect a file's year of creation/initial commit
    * Bug 11008: Wobbling spinners
    * Bug 11021: Global default theme is not applied while not authenticated
    * Bug 11032: Fix icon_image size and provide a CSS class for theming
    * Bug 11039: Misleading tooltip in Tactical Overview
    * Bug 11051: Preferences and navigation items stored in INI files rely on case sensitive usernames
    * Bug 11073: Active row is flickering on refresh
    * Bug 11091: Custom navigation items: URL is not escaped/encoded
    * Bug 11100: Comments are always persistent
    * Bug 11114: Validate that a proper root DN is set for LDAP resources
    * Bug 11117: Vendor: Update dompdf to version 0.6.2
    * Bug 11119: icingacli shows ugly exception when unable to access the config directory
    * Bug 11120: icingacli: command and action shortcuts have been broken
    * Bug 11126: Invalid cookie value in cookie icingaweb2-tzo
    * Bug 11142: LDAP User Groups backend group_filter
    * Bug 11143: Layout: Tabs should be left-aligned
    * Bug 11151: Having basic authentication on the webserver but not in Icinga Web 2 causes Web 2 to require basic auth
    * Bug 11168: Debian packaging: Don't patch HTMLPurifier loading and install HTMLPurifier*.php files from the library/vendor root
    * Bug 11187: Session cookie: Path too broad and unset secure flag on HTTPS
    * Bug 11197: Menu items without url should ignore the target configuration
    * Bug 11260: Scheduling downtimes through the API not working

- changes from 2.1.1
  + Features
    * Feature 10488: Use _ENV variables with built-in PHP webserver
    * Feature 10705: Theming
    * Feature 10898: Winter theme
  +  Bugfixes
    * Bug 9685: Deprecate Module::registerHook() in favor of Hook::provideHook()
    * Bug 9957: Sort hosts and services by last state change
    * Bug 10123: CSS loading may fail w/ mkdir(): File exists in FileCache.php
    * Bug 10126: setup config directory --config should use mkdir -p instead of mkdir()
    * Bug 10166: library/vendor/HTMLPurifier tree is incorrectly unpacked
    * Bug 10170: Link to service downtimes from multiple selected services includes host downtimes aswell
    * Bug 10338: Debian: Failed to open stream HTMLPurifier/HTMLPurifier.php
    * Bug 10603: Line breaks are not respected in acknowledgements, comments and downtimes
    * Bug 10658: SUSE packages have the wrong dependencies
    * Bug 10659: LDAP group members are shown with their DN and membership registration does not work
    * Bug 10670: State not highlighted in plugin output
    * Bug 10671: Auto-focus the username field on the login page
    * Bug 10683: lib/CLI command web serve: rename variable basedir to something meaningful
    * Bug 10702: Host- and Service-Actions configured in Web 2 do not resolve any macros
    * Bug 10749: XHR application-state requests pollute the URL if not authenticated
    * Bug 10771: Login shows "Anmelden........" upon login with the german locale
    * Bug 10781: LoggingConfigForm.php complains about whitespace but checks with /^[^\W]+$/
    * Bug 10790: "Problems - Service Grid" does not work with host names that contain only digits
    * Bug 10884: Tabs MUST throw an exception when activating an inexistant tab
    * Bug 10886: "impacted" container is no longer fading out
    * Bug 10892: Wrong mask for FileCache's temp directory

- changes from 2.1.0
  + Features
    * Feature 10613: Extend and simplify Hook api
  + Bugfixes
    * Bug 8713: Invalid filter "host_name=*(test)*", unexpected ) at pos 17
    * Bug 8999: Navigation and search bar is not available using a small width
    * Bug 10229: Dashboard requests do not refresh the session
    * Bug 10268: Unhandled services in the hosts overview list don't stand out
    * Bug 10287: Redirect after login no longer working
    * Bug 10288: The order for the limit links is incorrect
    * Bug 10292: Hovered links in hover menu are unreadable
    * Bug 10293: Hover menu is missing it's arrow for menu entries providing badges
    * Bug 10295: Reset static line-height on body
    * Bug 10296: Scrolling to the bottom of the page does not load more events
    * Bug 10299: Badges are overridden by menu text
    * Bug 10301: Format helpers like timeSince are polluted with text-small
    * Bug 10303: Zooming in, or having another layout destroys the hover menu
    * Bug 10304: Cannot access a host's customvars for service actions
    * Bug 10305: Hover menu arrow color no longer fits background color
    * Bug 10316: Not all Servicegroups / Hostgroups are shown
    * Bug 10317: Event history style broken
    * Bug 10319: Recursive sharing navigation items doesn't work.
    * Bug 10321: Module iframe doesn't show website with parameters as a single column
    * Bug 10328: ZendFramework packages missing for SLES12
    * Bug 10359: Charset option not passed thru PDO adapter
    * Bug 10364: PostgreSQL queries apply LOWER() on selected columns
    * Bug 10367: Broken user- and group-management
    * Bug 10389: Host overview: vsprintf(): Too few arguments
    * Bug 10402: LdapUserGroupBackend: user_base_dn not used from UserBackend
    * Bug 10419: Swapped icon image order in service header
    * Bug 10490: Unhandled service counter in the hosts overview shows incorrect values
    * Bug 10533: Form notifications of type information are green
    * Bug 10567: Member user name used for basedn when querying usergroup members
    * Bug 10597: Empty PDO charset option is invalid
    * Bug 10614: Class loader: hardcode module and Zend prefixes
    * Bug 10623: Acknowledging multiple selected objects erroneous

- add set_permission and verify_permissions in spec
- add permissions to /etc/permissions.d
- fix some rpmlint-warnings
- add rpmlintrc
- remove if statements for deprecated suseversion 
- comment out requires for not existing packages zend-db-adapter-pdo-mysql,

Sat Oct 31 21:59:11 UTC 2015 -

- enable env, php5 and rewrite in apache on new installations

Thu Oct 15 22:01:02 UTC 2015 -

- initial version 2.0.0, based on upstream spec file
openSUSE Build Service is sponsored by