{"id":366607,"date":"2024-02-07T00:29:46","date_gmt":"2024-02-07T00:29:46","guid":{"rendered":"https:\/\/pandorafms.com\/?p=366607"},"modified":"2024-04-10T14:45:43","modified_gmt":"2024-04-10T14:45:43","slug":"772-3-lts","status":"publish","type":"post","link":"https:\/\/pandorafms.com\/en\/patch-notes\/772-3-lts\/","title":{"rendered":"772.3 LTS"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; custom_margin=&#8221;0px||||false|false&#8221; custom_padding=&#8221;0px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_row _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; width=&#8221;100%&#8221; max_width=&#8221;900px&#8221; module_alignment=&#8221;left&#8221; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;0px||0px||true|false&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.21.0&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text module_id=&#8221;1&#8243; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;0px||0px||true|false&#8221; custom_css_main_element=&#8221;font-family:%22Pandora-Light%22;&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>LTS Patches<\/h2>\n<p>We only release patches for Long Time Support (LTS) versions, except for some particular cases where we do so for Regular Rolling Release (RRR) versions. Security patches are developed as soon as possible after the vulnerability is detected.<\/p>\n<p>Patches for LTS versions usually include critical-bug troubleshooting and solutions to security problems.<\/p>\n<p>[\/et_pb_text][et_pb_divider color=&#8221;#eaeaea&#8221; divider_position=&#8221;center&#8221; divider_weight=&#8221;1px&#8221; admin_label=&#8221;=== SEPARADOR ===&#8221; module_id=&#8221;2&#8243; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; module_alignment=&#8221;center&#8221; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;25px||25px||true|false&#8221; border_color_all=&#8221;#eaeaea&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_divider][et_pb_code admin_label=&#8221;Fallos corregidos&#8221; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;0px||0px||true|false&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Bugs Fixed<\/h2>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<table class=\"PandoTable6\" style=\"margin-top: 30px;\"><!-- [et_pb_line_break_holder] --><\/p>\n<thead><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<th>Case#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>GitLab#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>Description<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/thead>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tbody><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12592<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed Integria IMS integration (<strong>Pandora ITSM<\/strong>) at user level with Pandora FMS in its corresponding settings section.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12768<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed: If a user with reading permissions (in this case the <strong>Operator read<\/strong> profile) does not belong to a group <i>they will not be able to see the inventory of an agent belonging to that group.<\/i><\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12775<\/pee><!-- [et_pb_line_break_holder] --><\/p>\n<ul><!-- [et_pb_line_break_holder] --><\/p>\n<li>Related: 11589 and 12382<\/li>\n<p><!-- [et_pb_line_break_holder] --><\/ul>\n<p><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed report export in XML format.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/tbody>\n<p><!-- [et_pb_line_break_holder] --><\/table>\n<p>[\/et_pb_code][et_pb_divider color=&#8221;#eaeaea&#8221; divider_position=&#8221;center&#8221; divider_weight=&#8221;1px&#8221; admin_label=&#8221;=== SEPARADOR ===&#8221; module_id=&#8221;2&#8243; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; module_alignment=&#8221;center&#8221; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;25px||25px||true|false&#8221; border_color_all=&#8221;#eaeaea&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_divider][et_pb_code admin_label=&#8221;Vulnerabilidades corregidas&#8221; _builder_version=&#8221;4.22.0&#8243; _module_preset=&#8221;default&#8221; z_index=&#8221;0&#8243; custom_margin=&#8221;0px||0px||true|false&#8221; custom_padding=&#8221;0px||0px||true|false&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Fixed vulnerabilities<\/h2>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<table class=\"PandoTable6\" style=\"margin-top: 30px;\"><!-- [et_pb_line_break_holder] --><\/p>\n<thead><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<th>Case#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>GitLab#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>Description<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/thead>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tbody><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-41814\" target=\"_blank\" rel=\"noopener\">CVE-2023-41814<\/a> Thanks to Gabriel Weitzel.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12043<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed the insertion of JavaScript code (possible XSS) in Pandora FMS notification system messages.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-41815\" target=\"_blank\" rel=\"noopener\">CVE-2023-41815<\/a> Thanks to Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12121<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed XSS code insertion for directory names in the <strong>File manager<\/strong> of PFMS Web Console.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44088\" target=\"_blank\" rel=\"noopener\">CVE-2023-44088<\/a> Thanks to Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12122<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed SQL and\/or JS code insertion for the file name of an image in the option for uploading an image as background when creating a new PFMS visual console.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44089\" target=\"_blank\" rel=\"noopener\">CVE-2023-44089<\/a> Thanks to Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12123<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed JavaScript code insertion in the name of a visual console when creating it (menu <strong>Topology maps \u2192 Visual console \u2192 visual console list<\/strong>).<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44092\" target=\"_blank\" rel=\"noopener\">CVE-2023-44092<\/a> Thanks to Aleksey Solovev.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12753<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fixed and prevented the possibility of an <a href=\"https:\/\/owasp.org\/www-community\/attacks\/Command_Injection\" target=\"_blank\" rel=\"noopener\">attack by operating system command insertion<\/a> in PFMS event responses.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/tbody>\n<p><!-- [et_pb_line_break_holder] --><\/table>\n<p>[\/et_pb_code][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>LTS Patches We only release patches for Long Time Support (LTS) versions, except for some particular cases where we do so for Regular Rolling Release (RRR) versions. Security patches are developed as soon as possible after the vulnerability is detected. Patches for LTS versions usually include critical-bug troubleshooting and solutions to security problems.<\/p>\n","protected":false},"author":13,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","_joinchat":[],"footnotes":""},"categories":[3416],"tags":[],"class_list":["post-366607","post","type-post","status-publish","format-standard","hentry","category-patch-notes"],"_links":{"self":[{"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/posts\/366607","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/comments?post=366607"}],"version-history":[{"count":2,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/posts\/366607\/revisions"}],"predecessor-version":[{"id":369800,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/posts\/366607\/revisions\/369800"}],"wp:attachment":[{"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/media?parent=366607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/categories?post=366607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pandorafms.com\/en\/wp-json\/wp\/v2\/tags?post=366607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}