吴昊博客原创Cacti新版系列教程:https://blog.whsir.com/post-4617.html
Cacti1.2.17更新日志:
安全性更新 #4019: SQL注入漏洞修复
安全性更新 #4022: 解决CVE-2020-35701
安全性更新 #4035: HTML表单处理存在XSS
问题: CLI脚本不允许最大运行时间
问题: 规范化user_admin.php和user_group_admin之间的钩子
问题 #1052: 夏令时结束未能正确处理时区
问题 #3392: 允许插件自定义设备列表页面
问题 #3879: 图形创建时不会提示自定义字段
问题 #3908: 使用cmd轮询器时script_server.php崩溃,修改从命令行调用
问题 #3936: 编辑从聚合图创建的图可能会失败
问题 #3945: 如果时区和系统不匹配,CSV导出时显示NaN的日期
问题 #3969: SNMPv3 密码字段未正确限制数据库字段的大小
问题 #3976: 字体颜色被覆盖导致显示问题
问题 #3977: 使用upgrade_database.php升级数据库时可能会失败
问题 #3978: 显示图树时没有正确处理输入验证
问题 #3981: 缺少API包含导致自动化运行时错误
问题 #3985: 在数据库中排序规则错误
问题 #3988: 当默认snmp选项设置为none时,自动化会引发错误
问题 #3990: 在技术支持下,没有显示php信息
问题 #3999: 数据库发送凭据前使用无密码选项
问题 #4001: 使Cacti支持php8
问题 #4002: 轮询器离线后可能无法恢复
问题 #4005: 查看实时图形时,报参数错误
问题 #4008: 由于未设置变量导致轮询器性能大幅下降
问题 #4009: 确保i18n使用的数字格式函数一致
问题 #4021: 增加最大设备线程数
问题 #4031: 过滤器可能无法正常使用
问题 #4033: 操作图标更改为与管理UI一致
问题 #4036: 在自动化发现过程中,空值可能会引发错误
问题 #4038: 创建图表提示输入
问题 #4042: 保存性能选项时,RRD 更新可能会被禁用
问题 #4043: 当存在大量存档表时,Boost可能会变得无响应
问题 #4049: 允许datatecuk对标准用户隐藏敏感的图形信息
问题 #4050: 当显示表转换脚本时,示例路径可能显示不正确
问题 #4056: 将“Show Exceptions”复选框重命名为“Only Show Exceptions”
问题 #4060: 当试图获取客户端地址时,stevenseeley可能会返回不正确的信息
问题 #4061: 日期格式修复
问题 #4066: 启用Boost来利用多个进程
问题 #4067: 使用图形缩放功能时禁用BOOST图像缓存
问题 #4068: 在查看图形时,可以忽略单个图形的大小
问题 #4070: 当RRDfile缺少数据源时,汇总数据可能无法计算
问题 #4073: 当图形失去焦点时,缩放功能可能会失败
问题 #4074: 实时图像并不总是遵循已定义的格式
问题 #4075: 设置LDAP身份验证时,LDAP设置会导致混乱
问题 #4076: MariaDB文档指向的链接已经挂了
问题 #4077: 如果用户没有分配权限并尝试登录,则会发生循环重定向
问题 #4079: 检查当前时间戳时,使用CURRENT_TIMESTAMP变量替换mysql函数用法
问题 #4080: Cacti正则表达式搜索不引用表达式
问题 #4082: RRDtool版本检测不适用于RRDproxy设置
问题 #4083: RRDCleaner不支持RRDproxy
问题 #4086: $spikekill_templates行为对大系统性能造成影响
问题 #4092: 在大型系统上,数据库将用完多个表的auto_increment变量
问题 #4095: 查看插件页面时,图标有时可能会错位
问题 #4098: 图形和数据源列表在大型的系统上可能会变得无响应
问题 #4100: 查看用户管理员时,有时可以看到'Division by zero'错误
问题 #4105: 允许管理员定义批量步行重复大小
问题 #4109: 实时绘图有时会导致历史数据的空白
问题 #4110: 图形变量不能正确解析导致日志文件中的错误
问题 #4116: 过多的数据库调用,导致Cacti 0.8.x升级到Cacti 1.x非常缓慢
问题 #4117: 如果命令行参数包含反斜杠,脚本服务器将发生错误
问题 #4119: 隐式刷新不启用(取决于操作系统),这会导致脚本服务器结果问题
问题 #4121: 如果ou过多或过滤器嵌套过多,则无法配置LDAP搜索过滤器
问题 #4122: 当出现无效操作时,自动化会导致SQL语法错误
问题 #4125: 在完成安装向导时,有时会看到内部服务器错误
问题 #4126: 删除损坏的图有时也会导致删除有效的图
问题 #4127: 更新树时,图表标题计算过于频繁导致无响应
问题 #4130: 在大型系统上,由于大量数据源,图形创建会出现无响应
问题 #4131: 一个设计缺陷导致在大型系统上导入新的图形模板会很慢
问题 #4134: MIB缓存并不总是像Kveri期望的那样工作
问题 #4135: 在大型的Cacti系统上,编辑数据模板很慢
问题 #4136: 在命令行修复数据库时,不存在跳过表检查和强制数据源修复的选项
问题 #4141: 异常长的注释在查看图表时不会自动换行,也没有出现在这个CHANGELOG条目中
问题 #4143: 检测孤儿图时防止一些误报情况
问题 #4147: 使用混合轮询周期时,轮询器项的计算速度太快
问题 #4148: 确保仙人掌日志视图的自动刷新工作一致
问题 #4149: 确保实用程序在离线模式下显示正确的信息
问题 #4161: 数据源模板名称应该显示在各自的“建议值”部分中
问题 #4162: 允许配置与MariaDB/MySQL的持久连接
问题 #4164: 使用数据库会话时无法轻松跟踪Cacti登录会话
问题 #4166: Cacti auto-complete更易于使用
问题 #4169: 确保日志查看器“Go”和“Clear”按钮按可以正常运行
问题 #4170: 为Alias/Description列启用全名工具提示
问题 #4173: 确保控制台菜单图标正确对齐
问题 #4174: 使用复制时,确保可以禁用二进制日志记录
问题 #4175: 同步模板时,防止出现错误的'Damaged Graph'通知
问题 #4177: 在不使用受限模式时简化图形/模板授权搜索
问题 #4179: 更正图形侧边栏图标上的类使用以保持一致
问题 #4180: 使用基本身份验证时删除注销选项
问题 #4181: 确保域名一致性
问题 #4182: 允许自动图形创建,可以覆盖数据模板
问题 #4183: 由于后台进程超时计算不正确,Cacti过早的杀死后台进程
问题 #4184: 当使用CMD轮询器而不是spine时,确保错误记录的一致性
问题 #4185: 更新信号处理到PHP 7.1+的推荐标准
问题 #4186: 当编辑固定字符串树规则时,显示为“Unknown”
问题 #4187: 提供更直接的方法从图形导航到数据源
问题 #4188: 对于聚合图和模板,很难找到替换变量名
问题 #4189: 允许从页面链接到其特定文档
问题 #4190: 在极少数情况下,增强角色会错误地链接到角色而不是领域
问题 #4192: 如果设备名称包含hash/pound #字符,则设备搜索可能返回黑屏
问题 #4193: 允许命令行重新索引与禁用的设备一起使用
问题 #4195: 当搜索文本包含#字符时,过滤并不总是按预期工作
问题 #4197: 尝试回滚版本时,安装程序不会重新启动
问题 #4199: 允许Cacti管理员定义最小刷新间隔
问题 #4205: 删除数据查询关联图形模板时,它会从下到上删除图形模板
问题 #4206: 当报表被延迟时,会错误地更改报表的时间
问题 #4215: 轮询恢复启动多个进程并且无法正常恢复
问题 #4223: 由于超时而导致boost重启错误
问题 #4227: 当远程轮询器处于离线模式时,数据将写入不必要的更多表
问题 #4228: 在特定情况下,登录后可能会出现重定向问题
问题 #4229: 当没有设置snmp选项时,自动化会报告许多错误地问题
问题 #4232: 数据库也需要配置TLS证书
问题 #4233: 数据库连接变量的潜在拼写错误和不完整的参数列表
问题 #4241: 添加到分支的站点将始终未排序
特性: 添加新的主题'Midwinter'
特性: 更新phpseclib至2.0.30版本
特性 #645: 在创建图形之前修改自动化以测试数据
特性 #3513: 为插件添加钩子以显示自定义图形源和自定义模板url
特性 #3572: 自动化设备创建过程中缺少提示导致数据为空
特性 #4012: 允许在命令行刷新CSRF安全密钥
特性 #4013: 允许清除远程轮询器统计信息
特性 #4113: 允许用户在datatecuk管理员定义的时间段后自动注销
特性 #4176: 在数据库复制时,确保Cacti能够检测和验证复制服务器
特性 #4210: 将c3.js替换为billboard.js
原文如下:
原文地址:https://www.cacti.net/changelog.php
security #4019: Incorrect handling of fields led to potential XSS issues
security #4022: SQL Injection was possible due to incorrect validation order (CVE-2020-35701)
security #4035: Various XSS issues with HTML Forms handling
issue: CLI scripts should not have a max allowed runtime
issue: Normalize plugin hooks between user_admin.php and user_group_admin.php
issue #1052: TimeZones are not handled correctly with Daylight Savings changes
issue #3392: Allow plugins to customize device listing page
issue #3879: Allow Graph/Data Source with custom fields to prompt during manual creation
issue #3908: When poller overruns the script server can throw errors upon shutdown
issue #3936: Editing a graph created from Aggregate Graph can fail
issue #3945: CSV export can show NaN for date if TimeZone does not match system
issue #3969: SNMPv3 Password field does not correctly limit to size of database field
issue #3976: Font colors are being overridden leading to display issues by ddb4github
issue #3977: Database upgrade may fail when using upgrade_database.php
issue #3978: Input Validation was not handled correctly when displaying graph trees
issue #3981: Missing API include leads to runtime errors in Automation
issue #3985: Collation was not always handled correctly in the database library
issue #3988: Automation raises errors when default snmp options is set to none
issue #3990: PHP Information was not being displayed properly under Tech Support
issue #3999: Ensure database audit code attempts to use passwordless options before sending credentials
issue #4001: Ensure Cacti can support PHP 8
issue #4002: Pollers may sometimes not recover properly once they go offline
issue #4005: When viewing Realtime Graphs, validation errors may be seen for Size parameter
issue #4008: Massive decrease in poller performance due to unset variable
issue #4009: Ensure number format functions are consistent for i18n usage
issue #4021: Increase maximum number of device threads
issue #4031: Secondary filters on Data Collectors and Data Profiles do not work as expected
issue #4033: Action Icons changed to be consistent with admin UI
issue #4036: During discovery, Automation can throw unexpected errors due to null values
issue #4038: When creating new graphs, a second click is required even if not needed
issue #4042: RRD Updates can become disabled when saving performance options
issue #4043: Boost can become unresponsive when large number of archive tables exist
issue #4049: Enable sensitive graph information to be hidden from standard users by datatecuk
issue #4050: When showing table conversion script, the example path can be displayed incorrectly
issue #4056: Rename "Show Exceptions" checkbox to "Only Show Exceptions" which more actually reflects its function
issue #4060: When attempting to get client address, incorrect information may be returned by stevenseeley
issue #4061: When getting date format, default options are not always honored by xmacan
issue #4066: Enable Boost to utilize multiple processes
issue #4067: Disable BOOST image caching when using Graph Zoom features
issue #4068: When viewing graphs, individual graph sizes can be ignored in favour of global default
issue #4070: Summary data can fail to calculate when the RRDfile lacks the Data Source
issue #4073: Zoom functionality can fail when a graph has lost focus.
issue #4074: Realtime Images are not always adhering to defined format
issue #4075: LDAP Settings lead to confusion when setting up LDAP authentication
issue #4076: MariaDB tuning link points to a dead URL within System Utilities
issue #4077: If user has no permissions assigned and tries to login, a redirect loop occours
issue #4079: When checking current timestamps, make audit replace mysql function usage with preferred CURRENT_TIMESTAMP variable
issue #4080: Cacti regular expression searching does not quote expressions
issue #4082: RRDtool version detection not working for RRDproxy setup
issue #4083: RRDCleaner does not support RRDproxy
issue #4086: Large system performance negatively impacted due to $spikekill_templates behavior
issue #4092: On large systems, Primary ID usage on heavily used tables will overflow due to default MySQL variable size
issue #4095: When viewing Plugins page, icons can sometimes be misaligned
issue #4098: Graphs and Data Sources lists can become unresponsive on very large systems
issue #4100: When viewing User Admins, a division by zero error can sometimes be seen
issue #4105: Allow admins to define bulk walk repetition sizes
issue #4109: Realtime graphing can sometimes cause gaps in historic data
issue #4110: Graph Variables are not always parsed correctly leading to errors in log files
issue #4116: Upgrading large trees from 0.8.x to 1.x is slow
issue #4117: Script server throws errors if a command line argument includes a backslash
issue #4119: Implicit flushing is not always enabled, depending on OS, resulting in Script Server result issues
issue #4121: LDAP search filter cannot be configured if too many OUs or filters are nested
issue #4122: Automation causes SQL syntax errors when invalid operations are present
issue #4125: On completing the installation wizard, an internal server error can sometimes be observed
issue #4126: Deleting a damaged graph can sometimes led to removal of valid graphs too
issue #4127: When updating Trees, graph titles are calculated too often leading to unresponsiveness
issue #4130: On large systens, Graph creation can become unresponsive due to large number of data sources
issue #4131: A design flaw makes importing new Graph Template slow on large systems
issue #4134: MIB Caching does not always work as expected by Kveri
issue #4135: On large Cacti installs, editing Data Templates is slow
issue #4136: When repairing database at command line, no option exists to skip table checks and force Data Source repair
issue #4141: Unusually long comments do not wrap when viewing graphs, and haven't in this CHANGELOG entry either
issue #4143: Prevent some false positive scenarios when detection orphan graphs
issue #4147: Poller items are evaluated too quickly when mixed polling cycles are used
issue #4148: Ensure automatic refresh of cacti log view works consistently
issue #4149: Ensure utilities show correct information when in offline mode
issue #4161: Data source template names should be shown in the respective "suggested values" sections
issue #4162: Allow Persistent Connections to MariaDB/MySQL to be configured
issue #4164: Unable to easily track Cacti login sessions when using database sessions
issue #4166: Auto-select text when focusing auto complete elements
issue #4169: Ensure Log Viewer 'Go' and 'Clear' buttons behave as expected
issue #4170: Enable full name tooltips for Alias/Description columns
issue #4173: Ensure Console menu icons are properly aligned
issue #4174: When using replication, ensure binary logging can be disabled
issue #4175: When syncing Templates, prevent false 'Damaged Graph' notifications from appearing
issue #4177: Simplify Graph/Template authorization searches when not using restricted mode
issue #4179: Correct class usage on Graph Sidebar Icons to be consistent
issue #4180: Remove logoff option when using basic authentication
issue #4181: Ensure realm names are more consistent
issue #4182: Allow Automatic Graph Creation to utilise Data Templates with Overriden Values
issue #4183: Processes can be terminated early due to incorrect timeout calculation
issue #4184: Ensure error logging is consistent when using CMD processor instead of spine
issue #4185: Updating Signal Handling to recommended standards for PHP 7.1+
issue #4186: When editing a Fixed String on Tree Rule it is improperly displayed as "Unknown"
issue #4187: Provide more direct method fo navigating to Data Source from Graph
issue #4188: Replacement variable names are difficult to find for Aggregate Graphs and Templates
issue #4189: Allow links from a page to its specific documentation
issue #4190: Augmenting roles can incorrectly link to roles instead of realms in rare cases
issue #4192: Devices search can return a black screen if device name contains the hash/pound # character
issue #4193: Allow command line reindex to work with disabled devices
issue #4195: When search text includes # character, filtering does not always work as expected
issue #4197: When attempting to do a rollback on versions, the installer will not restart
issue #4199: Allow Cacti administrator to define a min refresh interval to prevent graph gaps
issue #4205: When removing Data-query Associated Graph Templates, it deletes the graphs Templates from bottom to top
issue #4206: When a report was delayed, the report's time is incorrectly changed
issue #4215: Poller recovery starts multiple processes and fails to recover properly
issue #4223: Parallel boost restart due to timeout can result in errors.
issue #4227: When remote poller is in offline mode, data is written to more tables than necessary
issue #4228: Under specific circumstances, redirection issues can occur after login
issue #4229: When no snmp option is set, automation can incorrectly report a number of issues
issue #4232: Database TLS configuration requires client certificates as well
issue #4233: Potential typos and incomplete parameter lists for database connection variables
issue #4241: Tree sort mechanism does not take sites into account
feature: Add Theme 'Midwinter'
feature: Update phpseclib to version 2.0.30
feature #645: Modify automation to test for data before creating graphs
feature #3513: Add hooks for plugins to show customize graph source and customize template url
feature #3572: Missing prompts during automation's device creation leads to blank data
feature #4012: Allow CSRF security key to be refreshed at command line
feature #4013: Allow remote pollers statistics to be cleared
feature #4113: Allow user to be automatically logged out after admin defined period by datatecuk
feature #4176: When replicating, ensure Cacti can detect and verify replica servers
feature #4210: Replace c3.js with billboard.js
原文链接:Cacti1.2.17新版发布,更新日志,转载请注明来源!
