Re: [Phpipam-releases] phpipam v 1.1 released

[Miha P. <mih...@gm...>]

Hi, please update phpipam to version 1.1.010, which includes following fixes:

== 1.1.010

	Bugfixes:
	----------------------------
	+ Fixed login fails with LDAP when escape characters are in password;
	+ Fixed login not working with spaces in password for AD login;
	+ Fixed Ivalid action when adding vlans from subnet popup menu;
	+ Fixed custom fields not appearing properly on IP request editing;
	+ Fixed Invalid ID error for IP address details on sorting;
	+ Fixed warnings if no VLAN search results are present;
	+ Fixed test mail not sending;
	+ Fixed unable to login if $phpsessname not defined;
	+ Fixed unable to login after upgrade;

brm

> On 08 Dec 2014, at 10:11, Miha Petkovsek <mih...@gm...> wrote:
> 
> Hi all,
> 
> phpipam v1.1 released.
> http://phpipam.net/phpipam-v1-1-released-security-fixes-performance-improvements-mod_rewrite-optional/ <http://phpipam.net/phpipam-v1-1-released-security-fixes-performance-improvements-mod_rewrite-optional/>
> 
> brm
> 
> Changelog:
> 
> 	Enhancements:
> 	----------------------------
> 	+ Caching of SQL results to avoid multiple queries;
> 	+ Reduced number of DB queries;
> 	+ Added selected mail notifications to admins to be notified on IP/subnet change;
> 	+ Added new subnetId index to ipaddresses table that significantly improves network loading;
> 	+ Now using only 1 network connection towards MySQL server;
> 	+ Updated pagination;
> 	+ mod_rewrite no longer required, selectable URL structure under settings;
> 	+ Added option not to display free ranges;
> 	+ Added option to set maximum VLAN number;
> 	+ Selectable custom fields to be visible/hidden in tables view and updated device/VLAN view;
> 	+ Added additional confirmation before section, subnet, folder and IP address deletion;
> 	+ New script added for cron checks that discovers new hosts for selected networks;
> 	+ Added inactivity timeout to settings;
> 	+ Changed install procedure and updated install scripts;
> 	+ Added PEAR check for installation;
> 	+ Added free range disaply for VLANs;
> 	+ Addes SSL/TLS option for SMTP mail;
> 	+ API:
> 		+ Bugfixes;
> 		+ Added API admin permissions;
> 		+ read/delete actions for IP addresses;
> 		+ read/delete actions for Vlans;
> 		+ read/delete actions for VRFs;
> 
> 	Security Fixes:
> 	----------------------------
> 	+ Fixed known command injection vulnerabilities in the scan functions;
> 	+ Fixed known SQL injection vulnerabilities;
> 	+ Fixed known XSS vulnerabilities;
> 	+ Fixed known action XSS events;
> 	+ Moved to crypt method for storing password in database with salting;
> 	+ Added option to force user to change pass after first login;
> 	+ Admin password must be changed after installation;
> 	+ Added captcha code request after 5x unsuccesfull login to prevent brute-force attacks;
> 
> 	Translations:
> 	----------------------------
> 	+ Added es_ES translation;
> 
> 	Bugfixes:
> 	----------------------------
> 	+ Fixed top 10 widgets not escaping strings;
> 	+ Fixed section parent can be set to self that caused section to disapear;
> 	+ Fixed username instead of password being sent to smtp server;
> 	+ Fixed IE search bug with workaround;
> 	+ Fixed subnet and bcast not showing on strict mode disabled;
> 	+ Fixed top subnets missing on dashboard for non-admin users;
> 	+ Fixed bug when installation was silently failing bacause pf missing _() function (missing gettext extension)
> 	+ Fixed device custom field not populated on adding device;
> 	+ Fixed XLS export silently failed when description longer than 31 characters;
> 	+ Fixed overlapping check not working;
> 	+ Fixed subnet free space calcultation;
> 	+ Fixed visual subnet display not showing on /31 and /32 networks;
> 	+ Fixed custom fields display on folder edit;
> 	+ Fixed unable to edit IP addresses when fields are sorted;
> 	+ Fixde ordering of custom fields defaults to varchar 256;
> 	+ Fixed IPv6 subnet / broadcast calculation bug and next subnet suggestion;
>