ID: 6427
Title: Raw Edition: Fixed broken Event Console rule editing
Component: Event Console
Level: 2
Class: Bug fix
Version: 1.6.0i1
It was not possible to edit Event Console rules anymore in previous 1.5 releases.
The editing dialog in WATO only showed up an error like this:
"Automation command 'get-package-info' is not implemented.".
ID: 6426
Title: Login page is now a bit more customizable
Component: Multisite
Level: 1
Class: New feature
Version: 1.6.0i1
The login page can now be customized a bit more.
<ul>
<li>The page title (which is visible in the browser title and tab is now using the
title that is configured using the global setting "Page title".</li>
<li>Using the new global setting "Customize login screen", you can now hide the
version from the login screen, add custom links to the footer area and add
an informational message that is shown to the users before logging in.</li>
</ul>
ID: 6128
Title: ibm_svc_disks, netapp_api_disk.summary: add option to define lower levels for the total number of spare disks
Component: Checks & agents
Level: 1
Class: New feature
Version: 1.6.0i1
ID: 6210
Title: Separate Checkgroups for 3par_capacity, 3par_volume und 3par_cpgs
Component: Checks & agents
Level: 1
Class: New feature
Version: 1.6.0i1
6210 Separate Checkgroups for 3par_capacity, 3par_volume und 3par_cpgs
3par_capacity, 3par_cpgs and 3par_volumes: Different rules for these three
checks can now be created.
The older more general rules will no longer match the services of
3par_capacity and 3par_cpgs. For these services new Rules under the names
"3Par Capacity (used space and growth)" and "3Par CPG (used space and growth)"
have to be created.
ID: 6423
Title: Fixed possible XSS in views with some filters
Component: Multisite
Level: 1
Class: Bug fix
Version: 1.6.0i1
It was possible to inject some specific HTML tags (like the a-tag)
into the title of views which could be used to make users click on
it to execute some arbitrary javascript code.
ID: 6425
Title: Improved validation of timeperiods before deletion
Component: WATO
Level: 1
Class: Bug fix
Version: 1.6.0i1
When deleting a timeperiod via WATO some validations are made that this
time period is not used anymore and can be deleted without issues.
In previous versions this check was checking this places:
<ul>
<li>Host & service rules like service / host notification and check periods</li>
<li>Notification period in user profiles</li>
<li>Timeperiod exclusions in other timeperiods</li>
</ul>
These missing validations have been added now:
<ul>
<li>Timeperiod condition in notification and alerting rules</li>
<li>Bulk operation in notification rules</li>
<li>Timeperiod condition in Event Console rules</li>
<li>Host & service rules: time specific parameters</li>
</ul>
CMK-669
ID: 6421
Title: Fixed interpretation of script tags when displaying werk texts
Component: Multisite
Level: 1
Class: Bug fix
Version: 1.6.0i1
When werks are displayed in the GUI using the "Release notes" page and
a werk contained example "script" HTML tags, these tags were interpreted
by the browser and the containing scripts were executed in the context
of the browser.
ID: 6424
Title: LDAP: Only set SSL/TLS specific options when SSL is enabled
Component: Multisite
Level: 1
Class: Bug fix
Version: 1.6.0i1
In some environments, especially when using older linux distributions, a change
in 1.5.0b6 (#6184) could break already working LDAP setups.
An error like this could occur when trying to perform the LDAP sync: "ValueError: option error".
ID: 6422
Title: Prevent non-admin users from managing custom host/user attributes
Component: WATO
Level: 1
Class: Bug fix
Version: 1.6.0i1
In previous versions it was possible for non-admin users that are allowed
to configure hosts in WATO to also manage custom host attributes.
This has been changed by introducing a new permission "Manage custom attributes"
that is needed in addition to the host / user managing permission. By default
this permission is only given to the "admin" role.