Please also see the release announcement on our blog: https://icinga.com/blog/2024/02/08/security-updates-for-icinga-director/
Security
- Configuration is susceptible to CSRF (GHSA-3mwp-5p5v-j6q3)
UI
- FIX: Data fields are now suggested for service templates without a check command (#2815, #2826)
- FIX: Unsetting a parent host or service of a dependency is now correctly stored (no issue)
- FIX: The activity log now avoids a bug in PHP introduced with version 8.1.25 (#2828)
Internals
- FIX: UserGroup creation failed since v1.10.0 (#2784)
- FIX: Hostgroup names consisting only of digits are now correctly handled (#2821)
- FIX: Improved compatibility with PHP 8.1 and 8.2 (#2819, #2827)
- FIX: The parent host or service of a dependency can now be reliably referenced by custom variable (#2289)
- FIX: Services in service sets are now fully restored once a removed set is restored (#1065)
Integrations
- FIX: Icinga DB integration now works even if the monitoring module is not available (#2635)
- FIX: Conformity with the content security policy introduced with Icinga Web v2.12 (#2845)
Fixed issues
- You can find issues and feature requests related to this release on our roadmap