Important notes:
- Please read upgrade guide before upgrading!
- As usual backup your database before upgrade.
- Latest stable git branch is now master, develop is the development branch (until now master was the development branch). Specific release branches (1.6, 1.7 etc) are still available.
Donations
If you find phpIPAM useful for your company donation would be highly appreciated to support further development of phpIPAM software!
If you find phpIPAM useful for your company donation would be highly appreciated to support further development of phpIPAM software!
Special thanks to all the people submitting bug reports, translators and feature testers, and of course special thanks to @GarryAllan for his work on this relase and squashing bugs !
Full changelog for this release is:
== 1.8.1
Bugfixes:
----------------------------
+ PHP8 compatibility fixes;
+ Rack SVG image errors (#4595);
== 1.8.0
Bugfixes:
----------------------------
+ PHP8 compatibility fixes;
+ Fixed passkeys upgrade queries;
+ MySQL no active transaction error during upgrades (#4319);
+ $config['disable_main_login_form'] shows blank page (#4317);
+ Unable to clear custom fields (#4313);
+ Modified the text shortening of subnet descriptions (#4279, #4280);
+ Slow UI performance with bootstrap v3.4.1 (#4311);
+ Workaround PHP bug GH-16870 (#4339);
+ Request new IP hangs (#4346);
+ Fixed required fields validation (#4328);
+ Can not empty address fields (#4322);
+ Rack module allows devices to exceed rack boundaries (#4423);
+ Rack dropdown providing option that is impossible (#4409);
+ API call to PATCH vlan fails with "Vlan name is required" (#1356);
+ Invalid content type when using API (#4168);
+ Deletion of Default L2domain permitted through API (#4419);
+ Empty POST to Devices API Controller produces a blank device (#4307);
+ jQuery error when adding an IP address range (#4350);
+ Request new IP hangs (#4346);
Enhancements, changes:
----------------------------
+ Don't update PowerDNS `change_date` removed in v2.1.9;
+ Added Isle of Man postcodes (#4318);
+ Adds search functionality for Devices (#4406);
+ Added `lastSeen` to IP Address export (#2433);
+ User and Edit IP instructions now use Markdown;
+ Make Rack Devices Clickable from picture (#2372);
+ Setting to enable/disable devices overlapping in racks (#4424);
+ Colorization of rack devices; devices can be deep (front & back) of a rack (#4431);
+ Organize racks in a location using rows or rooms (#4433);
+ Support for embedding a rack into a rack, "Subrack" (#3069, #1552, #1623);
+ Added API locking methods (File, MySQL);
Security Fixes:
----------------------------
+ XSS - reflected via HTTP_X_FORWARDED_PORT;
+ XSS - Reflected in install scripts;
+ XSS - via unescaped DHCP Kea hostname;
+ XSS - Unsafe HTML allowed in Request IP Instructions;
+ XSS - Unsafe HTML allowed in Password vault;
+ Local exposure of DB credentials via mysqldump;
+ Added CSRF cookie for clear-changelog and clear-log;
+ Added CSRF cookie for data exports;
+ RCE - Authenticated remote code execution via ping_path;
+ SQL injection via subnetOrdering;
+ Missing admin authorization checks;
+ Missing module authorization checks;
Translations:
----------------------------
+ Updated Russian translation (#4489);
br, Miha
