Summary for Patch 2154 (Verified)

Summary WebGUI - Update PHP Binary to 7.0.29, Apache to 2.4.33 and OpenSSL to 1.1.0h and other fixes
Platform Unix
Category bugfix
Valid for 6.3.x, 6.4.x, 6.5.0.x, 6.5.1.14
Requires 2128, 2126, 2129, 6.3.0.5 - 6.5.0.22: 2091, 6.3.0.5 - 6.5.0.22: 2002, 6.3.0.5 - 6.5.0.22: 2100, 6.3.0.5 - 6.5.0.22: 2095, 6.3.0.5 - 6.4.0.9: 2079, 6.3.0.5 - 6.4.0.9: 2083
Client Required Patch/es
Supersedes 2151, 2136, 2120, 2119, 2107
Superseded by
Affects Server: Core
Last Updated December 5, 2018

Download now

Download_red patch2154.tar.gz

Description

This patch fixes:
* vulnerable PHP version (Upgrade to 7.0.29)
* vulnerable Apache version (Upgrade to 2.4.33)
* vulnerable OpenSSL version (Upgrade to 1.1.0h)
* default Template for Pacct-CPU Usage-Top 20 Hosts not working
* error upon unsuccessful log in when display_error is set to true
* unable to save the AD path because of special character/s
* duplicated 1 hour resolution in report generation

NOTE: This patch does not support RHEL/CentOS 5x.

Supersedes Patch Description

Expand all

Patch 2151 — WebGUI: Fix for mapping overlay in License Monitor, renaming of templates and access for non-admin users 
This patch fixes:
* Showing of mapping overlay in License Monitor
* Renaming of templates based on renamed generated reports
* Page access for non-admin user based on roles
Patch 2136 — WebGUI - Fix for Inability to Access Using Temporary Password, Incomplete Data Resolution, etc. 
This patch fixes:
* Inability to access web interface when using temporary password
* Incomplete list of data resolution during report generation
* Search facility not working as expected
* Update of Reporting Server Resources page
* Pop-up notification when a periodic job is added
* Errors when display_errors is enabled
Patch 2120 — WebGUI - Fix for slow searching in Complete Selection and Sorting of Clients in System Info 
This patch fixes: 
- Searching of classification values in Complete Selection
- Sorting of Clients using "Last Seen" in System Info (6.5.x only)

PHP files were updated.
Patch 2119 — WEBGUI - Fix for Last Date's Empty Value in Generated Excel Report's Base Data Sheet and Inabiity to setup HTTPS 
This patch fixes: 
 - Empty value on the last date in the exported excel sheet from chart reports
 - Inability to setup HTTPS in Unix Core Server
Patch 2107 — WEBGUI - Fix for Error Logs, Client Info Not Loading, Updating of Language and Charset, Sorting of Patches and Password Reset 
This patch fixes:
- Critical errors appearing in GUI log when accessing Status Monitor tab and opening a report
template
- Inability to load client information in the dashboard page
- Inability to reset an ordinary user's password
- Ability to set values for charset and language that is not existing in the language folder
- Slow response time when reading port from httpd.conf
- Sorting of installed patches in ascending order


NOTE: 

If you have previously run a security scan and encountered an issue with charset and language set to
"", manually edit the general.ini first with the correct values. Default values are 'UTF-8' and 'en'
respectively.

You may need to force refresh the WebGUI page for the reset password to work since some Javascript
files are updated for the fix.

Installation

Unpack tar file in e.g /tmp/patch on the Open iT host. Do the following as root:

	cd /tmp/patch
	./patch.pl

Corresponding Windows Patches

1599 Readme Download



Back to Version List