Patch Notes

772.1 LTS

Parches LTS

LTS Patches We only release patches for Long Time Support (LTS) versions, except for some particular cases where we do so for Regular Rolling Release (RRR) versions.

Security patches are developed as soon as possible after the vulnerability is detected. Patches for LTS versions usually include critical-bug troubleshooting and solutions to security problems.

Bug fixies

Case# GitLab# Description

15677

11380

Fixed the up and down arrow icons for the Black theme in the Command Center (Metaconsole), section Monitor detail.

15719

11447

Fixed XML file reception and decoding of XML files and their custom fields for Software Agents when they contain any web link.

15702

11415

Reinstated the HTML editor in the widget Panel with a message as it was missing from the new PFMS interface version 770.

15690

11404

Fixed the order (now ascending) presented for Interface information (SNMP), when an agent has two or more of them created.

15255 and 15647

10729

Fixed the number of Agents reported in Metaconsole Tactical View when Agents have Secondary Groups.

15970

11754

Fixed pagination in Custom graphs when there are many items and therefore they are divided into several pages.

15642

11312

Fixed the use of a public link when creating an item in a visual console, linked to another visual console, is created, to see the second visual console without authentication in the Console.

15718

11438

Fixed the search when creating a module in a policy, now it is possible to write in the module group and type dropdown to finish the task of creating a Data server module.

N/A

11518

Fixed filtering by module name in section Tree View of Monitoring Policies.

15990

11771

Fixed plugin module configuration in monitoring policies, both in nodes and in the Metaconole.

N/A

11695

Fixed the alert actions filter by both Metaconsola and nodes (menu Management → Alerts → Actions).

15966

11751

Fixed event export in CSV format with quotation marks in the Metaconsole.

N/A

11948

Fixed alert mass deletion for large environments (30 thousand alerts and external alerts) by means of monitoring policies.

N/A

11728

Fixed the error when changing a plugin server module: now plugin server module fields are changed and modified correctly depending on the selected plugin.

N/A

11640

  • Related: 11298 and 11562

Fixed error 500 returned in the web browser in section SNMP browser (menu Operation → SNMP) it now performs page check before launching the SNMP browser.

N/A

11735

Fixed the list of modules in agent detail view (Operation → Monitoring → Views → Agent detail → Agent main view) now it correctly searches for the module identifier, reads them and displays them accordingly.

16168

11964

Fixed fields 4, 5 and 6 in SNMP alerts. Now with this correction, when editing an SNMP alert, these fields are saved in the correct order.

Fixed vulnerabilities

Case# GitLab# Description

CVE-2023-41786 Thanks to Oliver Brooks.

11779

Fixed directories where certain data files are stored on the Apache2 web server, so that they have their own file .htaccess with strict access control rules (ACLs). Likewise, in PFMS Web Console, access to these directories has been restricted only for admin users.

CVE-2023-4677 Thanks to Oliver Brooks.

11778

Added the .gzi> extension (compressed files) to the list of files that can only be accessed with prior authorization in the Apache .htaccess file.

CVE-2023-41787 Thanks to Oliver Brooks.

11783

Fixed the API Checker 1.0 PFMS used in the Web Console to only accept HTTP or HTTPS requests, thus preventing access to any other file.

Known changes and limitations

Case# GitLab# Description

N/A

11266

  • Related: 8517

Changed the help message on the Enable console log button in the general settings (Management → Setup → Setup → General menu). This warning reads as follows: “It is recommended for this record to be disabled as it comes by default, due to the large amount of debug data it generates.”

For information on minimum system requirements, please visit the installation section in the official documentation.

How to update Pandora FMS
  • Update Manager automatically. Requires internet connection in the Pandora FMS console.
  • Update Manager manually through OUM update files in the Pandora FMS console.
  • Manual installation of packages (rpm, deb ...) and subsequent update of the console through the web.

To update the server you will have to do it manually through RPM or tarball packages. The latest version includes MR number 68, which must be applied as indicated in the official documentation.

Find more information about Pandora FMS downloads in our website:

Find more detailed information and steps to follow in the update of each item in our Wiki.

Legal information

© 2024 Pandora FMS. All rights reserved.

This document cannot in any case be reproduced or modified, decompiled, disassembled, published or distributed in whole or in part, or translated to any electronic or other means without the prior written consent of Pandora FMS. All rights, titles and interests in and towards the software, services and documentation will be the exclusive property of Pandora FMS, its affiliates, and/or respective licensees.

PANDORA FMS DISCLAIMS ALL LIABILITY FOR WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, LEGAL OR NOT, OVER THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION THE NON-INFRINGEMENT, ACCURACY, COMPLETENESS, OR CONTENT OF ANY INFORMATION ON ANY CONTENT. IN NO EVENT SHALL PANDORA FMS, ITS SUPPLIERS OR LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING FROM CONTRACT, INJURY OR BASED ON ANY OTHER LEGAL THEORY, EVEN IF PANDORA FMS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

All registered trademarks of Pandora FMS are the exclusive property of Pandora FMS SLU or its affiliates, registered with the United States Patent and Trademark Office (U.S. Patent and Trademark Office), as well as with the European Patent and Trademark Office. They may be registered or pending registration in other countries. All other brands mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.