[pkg-nagios-changes] [Git][nagios-team/nagvis][upstream] New upstream version 1.9.47
Bas Couwenberg (@sebastic)
gitlab at salsa.debian.org
Fri May 23 14:13:00 BST 2025
Bas Couwenberg pushed to branch upstream at Debian Nagios Maintainer Group / nagvis
Commits:
d0378701 by Bas Couwenberg at 2025-05-23T15:09:07+02:00
New upstream version 1.9.47
- - - - -
8 changed files:
- ChangeLog
- share/server/core/classes/CoreAuthorisationHandler.php
- share/server/core/classes/GlobalMapCfg.php
- share/server/core/classes/ViewMapAddModify.php
- share/server/core/defines/global.php
- share/server/core/functions/html.php
- share/server/core/functions/nagvisErrorHandler.php
- share/server/core/sources/dynmap.php
Changes:
=====================================
ChangeLog
=====================================
@@ -1,3 +1,10 @@
+1.9.47
+ * FIX: Don't show complete backtrace if crashing. Now the backtrace is being logged to the apache error log
+ * FIX: Fix potential XSS via WYSIWYG editor. Now the option to edit these such elements is moved to a specific
+ permission and only administrators can use this editor per default. (CVE-2024-47090)
+ * FIX: Fix possible livestatus injection via dynmaps (CVE-2024-38866) (#398 Thanks to Shortfinga)
+ (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L)
+
1.9.46
* Feature: add option to verify session cookie via curl. Before when having allow_url_fopen
disabled, NagVis was not able to verify the session cookie. Now you can use curl to verify
=====================================
share/server/core/classes/CoreAuthorisationHandler.php
=====================================
@@ -53,6 +53,7 @@ class CoreAuthorisationHandler {
'createObject' => 'edit',
'deleteObject' => 'edit',
'addModify' => 'edit',
+ 'editHtml' => 'edit',
),
'Overview' => Array(
'getOverviewRotations' => 'view',
=====================================
share/server/core/classes/GlobalMapCfg.php
=====================================
@@ -800,7 +800,7 @@ class GlobalMapCfg {
if(isset($params['source_file']))
unset($params['source_file']);
$param_values = $this->paramsToString($params);
- $cacheFile = cfg('paths','var').'source-'.$this->name.'.cfg-'.$param_values.'-'.$this->isView.'-'.CONST_VERSION.'.cache';
+ $cacheFile = cfg('paths','var').'source-'.$this->name.'.cfg-'.sha1($param_values.'-'.$this->isView.'-'.CONST_VERSION).'.cache';
$CACHE = new GlobalFileCache(array(), $cacheFile);
// 2a. Check if the cache file exists
=====================================
share/server/core/classes/ViewMapAddModify.php
=====================================
@@ -116,6 +116,11 @@ class ViewMapAddModify {
$perm_user = get_checkbox('perm_user');
$show_dialog = false;
+ global $AUTHORISATION;
+ if(!$AUTHORISATION->isPermitted('Map', 'editHtml', '*')) {
+ throw new NagVisException(l('Cannot edit HTML. Please contact your administrator'));
+ }
+
// Modification/Creation?
// The object_id is known on modification. When it is not known 'type' is set
// to create new objects
=====================================
share/server/core/defines/global.php
=====================================
@@ -23,7 +23,7 @@
*****************************************************************************/
// NagVis Version
-define('CONST_VERSION', '1.9.46');
+define('CONST_VERSION', '1.9.47');
// Set PHP error handling to standard level
// Different levels for php versions below 5.1 because PHP 5.1 reports
=====================================
share/server/core/functions/html.php
=====================================
@@ -271,6 +271,11 @@ function textarea($name, $default = '', $class = '', $style = '') {
if (submitted($form_name))
$default = post($name, $default);
+ global $AUTHORISATION;
+ if(!$AUTHORISATION->isPermitted('Map', 'editHtml', '*')) {
+ echo '<b>Cannot edit HTML. Please contact your administrator.</b>';
+ return;
+ }
// plain <textarea>
echo '<textarea id="textarea_'.$name.'" name="'.$name.'"'.$class.$style.'>'.escape_html($default).'</textarea>'.N;
=====================================
share/server/core/functions/nagvisErrorHandler.php
=====================================
@@ -37,7 +37,9 @@ function nagvisException($OBJ) {
echo $OBJ;
} else {
echo "Error (".get_class($OBJ)."): ".$OBJ->getMessage();
- var_dump(debug_backtrace());
+ echo "<br>";
+ echo "For more information check the apache error log.";
+ error_log(print_r(debug_backtrace(), true));
}
die();
=====================================
share/server/core/sources/dynmap.php
=====================================
@@ -7,7 +7,7 @@ function dynmap_get_objects($MAPCFG, $p) {
$objects = array();
$type = $p['dynmap_object_types'];
- $filter = str_replace('\n', "\n", $p['dynmap_object_filter']);
+ $filter = preg_replace('/(\\\\n)+/', "\n", $p['dynmap_object_filter']);
foreach($MAPCFG->getValue(0, 'backend_id') AS $backend_id) {
$ret = $_BACKEND->getBackend($backend_id)->getObjects($type, '', '', $filter);
// only use the internal names
View it on GitLab: https://salsa.debian.org/nagios-team/nagvis/-/commit/d03787019fb5eb6155a2d1492f5ea8969b627870
--
View it on GitLab: https://salsa.debian.org/nagios-team/nagvis/-/commit/d03787019fb5eb6155a2d1492f5ea8969b627870
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-changes/attachments/20250523/efdfd10b/attachment-0001.htm>
More information about the pkg-nagios-changes
mailing list