Fixes

• Fix: Creating services named identical to template name prevented by cyclic inheritance check (#3036)
• Fix: Choosing templates prevented for new templates prevented by cyclic inheritance check (#3039)
• Fix: Inherited service not shown in service list of host (#3041)
• Fix: An Icinga 2 log-level below 'information' breaks Director's active deployment indicator (#3044)

You can find issues and feature requests related to this release on our roadmap

Database Schema

• Fix: Update columns storing large strings to MEDIUMTEXT in MYSQL (no issue)

UI

• Fix: Icinga Host Form shows applied groups that are not in restriction (#3001)
• Fix: Host Choices shows the partially wrong template at Associated Template (#2982)
• Fix: inherited "disabled" services not crossed out (#2983)
• Fix: Hidden datafields should forbid autocompletion (#2347)
• Fix: Cyclic inheritance causes UI to crash (#2853)
• Fix: Clicking Groups repeatedly (x2) leads to "Page not found" (#2538)
• Fix: Users with Director restrictions unable to create hosts unless you manually specify the host group (#2876)
• Feature: Add support for 'Dependency Redundancy Groups' (no issue)
• Feature: Show an indicator if there is an active deployment is running (#2917)

Kickstart

• Fix: Kickstart fails to remove a zone and endpoint correctly (#2459)

CLI

• Feature: Added an option to check a single import source or sync rule or director job by name (no issue)
• Feature: Add command to delete sync rule and import source by Icingacli (#2706)

REST API

• Fix: Possible timing attack in Self Service API (no issue)
• Fix: Set a default agent version to the latest for Self Service API (#2968)

Integration

• Fix: Don't require permissions for custom var rendering hooks (no issue)
• Fix: Service modification still allowed in Monitoring View despite restricted permissions in Director (#3017)

Internals

• Fix: indexing of the stripped filter chain (no issue)
• Fix: Director creates wrong url for scheduled downtime in activity log (#2456)
• Fix: Basket restore of Host Template and Host Template Choice fails (#2996)
• Feature: Add wildcard support for 'contains' and render with match (no issue)

Fixed Issues

You can find issues related to this release on our roadmap

Database Schema

• FIX: Failed schema migration of MySQL to version 188 due Integrity constraint violation (#2970)

Deployment

• FIX: Deprecation notice that sometimes appears on deployment form (no issue)

Fixed Issues

You can find issues and feature requests related to this release on our
roadmap

⚠️ ⚠️ This is a security release. It is recommended to upgrade immediately. ⚠️ ⚠️

Security

• Rest API endpoints accessible to restricted users (GHSA-3233-ggc5-m3qg)

UI

• Fix editing of custom variables for multi-selected objects #2950
• Fix: Check for the existence of service templates to add services #1249

Import and Sync

• Fix erratic job behavior during summer and winter time change (no issue)

Integration

• Fix custom variable renderer for service apply for rules (no issue)
• Fix custom variable renderer for array type data lists #2960

Database Schema

• Fix MySQL 8.4 nonstandard foreign keys deprecation #2885

Fixed Issues

You can find issues related to this release on our roadmap

⚠️ ⚠️ This is a security release. It is recommended to upgrade immediately. ⚠️ ⚠️

Security

• Rest API endpoints accessible to restricted users (GHSA-3233-ggc5-m3qg)

Import and Sync

• Fix erratic job behavior during summer and winter time change (no issue)

Database Schema

• Fix MySQL 8.4 nonstandard foreign keys deprecation #2885

UI

• FIX: Property sort tables does not cause CSRF token validation anymore (#2937)
• FIX: No error when clicking modify action link for services belonging to service set in Icinga DB (#2938)
• FIX: No crashing of Host template form when invalid check command is entered (#2941)

Internals

• FIX: Filter can be now removed in import source modifiers (#2939)

Fixed Issues

You can find issues related to this release on our roadmap

UI

• FIX: No more errors when changing import source modifier priorities (#2270)
• FIX: Choosing HTTP proxy in import source type REST API no longer causes deprecation notice (#2889)
• FIX: Deleting data lists when using PostgreSQL as backend no longer yields errors (#2913)
• FIX: Previewing sync rules with boolean properties now functions without errors (#2905)
• FIX: Basket snapshots correctly display content if present (#2901)
• FIX: Time periods now include Add to basket functionality (#2542)

API

• FIX: API updates for notifications return 304 instead of 200 when unchanged (#2882)

Internals

• FIX: The apply_changes setting from sync jobs restored from a basket is applied properly (#2904)
• FIX: The Get host by name (DNS lookup) modifier handles failed lookups without errors (#2877)

Director Branches

• FIX: Cloning a host retains its services and service sets (#2897)
• FIX: Service sets are now clonable (#2890)

Integrations

• Show Director labels in monitoring module and Icinga DB custom vars section (#2239)

Fixed issues

• You can find issues and feature requests related to this release on our
  roadmap

⚠️ ⚠️ This is a security release. It is recommended to upgrade immediately. ⚠️ ⚠️

Please also see the release announcement on our blog: https://icinga.com/blog/2024/02/08/security-updates-for-icinga-director/

Security

• Configuration is susceptible to CSRF (GHSA-3mwp-5p5v-j6q3)

UI

• FIX: Data fields are now suggested for service templates without a check command (#2815, #2826)
• FIX: Unsetting a parent host or service of a dependency is now correctly stored (no issue)
• FIX: The activity log now avoids a bug in PHP introduced with version 8.1.25 (#2828)

Internals

• FIX: UserGroup creation failed since v1.10.0 (#2784)
• FIX: Hostgroup names consisting only of digits are now correctly handled (#2821)
• FIX: Improved compatibility with PHP 8.1 and 8.2 (#2819, #2827)
• FIX: The parent host or service of a dependency can now be reliably referenced by custom variable (#2289)
• FIX: Services in service sets are now fully restored once a removed set is restored (#1065)

Integrations

• FIX: Icinga DB integration now works even if the monitoring module is not available (#2635)
• FIX: Conformity with the content security policy introduced with Icinga Web v2.12 (#2845)

Fixed issues

• You can find issues and feature requests related to this release on our roadmap

⚠️ ⚠️ This is a security release. It is recommended to upgrade immediately. ⚠️ ⚠️

Fixes

• Configuration is susceptible to CSRF (GHSA-3mwp-5p5v-j6q3)
• FIX: The activity log now avoids a bug in PHP introduced with version 8.1.25 (#2828)

⚠️ ⚠️ This is a security release. It is recommended to upgrade immediately. ⚠️ ⚠️

Fixes

• Configuration is susceptible to CSRF (GHSA-3mwp-5p5v-j6q3)
• FIX: The activity log now avoids a bug in PHP introduced with version 8.1.25 (#2828)