Nagios Core 4.x Version History

4.4.12 – 2023-05-30

FIXES

Clean up most compiler warnings on GCC and clang (#901)
Fix incorrect HTML entity escaping in CGIs (#907, #902)
Fix issue where predictive dependency checks were not being scheduled for services (#908)
Fix several typos (#898, #884)

4.4.11 – 2023-04-14

FIXES

Fix incorrect error message in preflight check (#865)
Fix user-after-free in qh_deregister_handler (#866)
Fix memory leak in qh_deregister_handler (#866)
Fix mismatched host/service behavior when changing from SOFT to HARD state (#891)
Improve performance in CGI utility functions (#866)

4.4.10 – 2023-01-17

FIXES

Fixed memory leak in nagiostats.c when using -c, -s, -d, or -D multiple times (#888)
Improve service scheduling at startup (#887)
Improve compilation/reduce warnings when using Clang 16 (#889)
Improve compilation on other, stricter C99 compilers (#890)

4.4.9 – 2022-11-16

FIXES

Fixed check_attempts remaining high during a HARD service recovery (#837)
Fixed memory leak in NERD (#872)

4.4.8 – 2022-10-04

FIXES

Minor interface updates
Fixed crash when checking for updates using SSL

4.4.7 – 2022-04-14

FIXES

Fixed checkboxes in jsonquery.html (#778) (Rfferrao87)
Added SSL support for version update check (Sebastian Wolf)
Note: NEB modules using the priority/scheduling queues in libnagios may need to update headers due to symbol conflicts with OpenSSL.
Fixed XSS in homepage when displaying update check results (Sebastian Wolf)
Fixed allocation error in getcgi.c (#820) (Ariadne Conill)
Fixed Error: NULL variable for lines of spaces in resource.cfg (#814) (Ralf Herrmann)
Fixed crash when handling large check output (#825, #828) (Kilvador)
Update packaging instructions for RPM/EPEL (#850) (T.J. Yang)
Include packaging instructions for DEB (#842) (Catfriend1)
Fixed CGI object processing when names end in \ (#819) (Sebastian Wolf)
$SERVICEPROBLEMID$ now accessible when notifications are sent (#688) (Sebastian Wolf)

4.4.6 – 2020-04-28

FIXES

Fixed Map display in Internet Explorer 11 (#714) (Scott Wilkerson)
Fixed duplicate properties appearing in statusjson.cgi (#718) (Sebastian Wolf)
Fixed NERD not building when enabled in ./configure (#723) (Sebastian Wolf)
Fixed build process when using GCC 10 (#721) (Michael Orlitzky)
Fixed postauth vulnerabilities in histogram.js, map.js, trends.js (CVE-2020-1408) (Thanks UraSec Team) (Sebastian Wolf)
When using systemd, configuration will be verified before reloading (#715) (tatref)
Fixed HARD OK states triggering on the maximum check attempt (#757) (Sebastian Wolf)

4.4.5 – 2019-08-20

FIXES

Reverted changes related to #625 due to CPU load issues
Partially reverted changes for #647 due to CPU load issues
Fixed “Quick Search” so that leading/trailing whitespace doesn’t affect output (#681) (Sebastian Wolf)
Fixed build issues on non-RPM-based platforms (#617) (T.J. Yang)

4.4.4 – 2019-07-29

FIXES

Fixed log rotation logic to not repeatedly schedule rotation on a DST change (#610, #626)
Fixed $SERVICEPROBLEMID$ to be reset after service recovery (#621)
Fixed defunct worker processes appearing after nagios was reloaded (#441, #620)
Fixed main nagios thread to release nagios.qh on a closed connection (#635)
Fixed semicolon escaping to remove prepended backslash (\) (#643)
Fixed ‘Checks of this host have been disabled’ message showing on passive-only hosts (#632)
Fixed last_hard_state showing the current hard state when service status is brokered (#633)
Fixed long plugin output (>8KB) occasionally getting truncated (#625)
Fixed check scheduling for objects with large check_intervals and small timeperiods (#647)
Fixed SOFT recoveries sending when services had HARD recovery some time after host recovery (#651)
Fixed incorrect permissions on debugging builds of FreeBSD (#420)
Fixed NEB callback lists being partially orphaned when multiple modules subscribe to one callback (#590)
Fixed memory leaks in run_async_service_check(), run_async_host_check() when checks are brokered (#664)
Fixed potential XSS in main.php, map.php (#671, #672)
Removed NEB brokering for nagios daemonization, since daemonization occurs before NEB initialization (#591)

4.4.3 – 2019-01-15

FIXES

Fixed services sending recovery emails when they recover if host in down state (#572)
Fixed a make error when building on the aarch64 architecture (#598)
Fixed –with-cgibindir and –with-webdir to actually set values given (#585)
Fixed soft recovery states for services (#575)
Fixed XSS vulnerability in Alert Summary report (CVE-2018-18245)
Fixed services in soft states sometimes not switching into hard states (#576)
Fixed last_state_change to update when a state goes from soft -> hard state (#592)
Fixed Map link always being set to undefined host and don’t show link for Nagios Process root note (#539)
Fixed notifications sending when services went into hard state on a down or unreachable host (#584)
Fixed log_host_retries not logging the host soft state checks (#599)
Fixed stalking_options N option to properly log only when a notification is actually sent (#604)
Fixed issue with service status totals being zero when servicegroup=all on servicegroup status page (#579)
Fixed escalation notifications logic and recovery notifications not going out (#582)
Fixed not finding child index causing duplicate hosts showing in the Map (#471)
Fixed Map configuration popup checkboxes not working and Root Node not populating (#543)
Fixed cleanup and deinit of neb modules on reload (#573)

4.4.2 – 2018-08-16

FIXES

Fix comment data being duplicated after a `service nagios reload` or similar (#549)
Fix check_interval and retry_interval not changing at the appropriate times (#551)
Fixed passive checks sending recovery email when host was previously UP (#552)
Fixed flapping comments duplication on nagios reload (#554)
Fix for CVE-2018-13441, CVE-2018-13458, CVE-2018-13457 null pointer dereference
Fixed syntax error in file: default-init.in (#558)
Reset current notification number and state flags when the host recovers, reset all service variables when they recover fixes (#557)
Fixed wrong counting of service status totals when showing servicegroup details (#548)
Fixed avail.cgi not printing CSV output when checkbox is checked (for any type: host/service/hostgroup/servicegroup) (#570)
Fixed nagios not logging SOFT state changes after 1

4.4.1 – 2018-06-25

FIXES

Revert some macro->kvvec changes causing problems when `enable_environment_macros` was enabled
Adjust `process_macro_r` function logic so that it handles macros properly
Fix spec file for systemd
Fix bug where `ssize_t` typedef to int on some systems

4.4.0 – 2018-06-19

ENHANCEMENTS

new status for check dependencies
Allow more flexible requirements for comments
Add a `statusCRITICALACK` class for the status column
CSV output based on groups (all options)
New Macro(s) to generate URL for host / service object to be used in notifications
New Macro(s) to determine if host/service notifications are enabled (#419)
New Macro(s) for obtaining the host/service notification periods (#350)
enable_page_tour interface option
Code cleanups in important sections (Workers, Handling Results)
Automatic mail program detection (with same /bin/mail failback)
Incorporated [autoconf-macros](https://github.com/NagiosEnterprises/autoconf-macros) into Core
Lots of enhancements/additions to configure/make process.
- Moved all files to startup/
- Added upstart job
Added system limit detection (RLIMIT_NPROC) to check for anticipated fork() failures (#434)
Added stalking on notifications (`N` or `notifications` option when specifying `stalking_options`) (#342)
Added automatic `systemctl daemon-reload` and `initctl reload-configuration` where applicable on `make install-init`
Added case-insentive command submission. (#373)
Enabled `check_external_commands` by default

FIXES

Command line macro detection skips potential macros with no ending dollar sign
Fixed a lockup condition sometimes encountered on shutdown or restart
Fixed negative time offset calculations computing incorrectly sometimes
Fixed reloads causing defunct (zombie) processes (#441)
Fixed wait3(), wait4() implementations (replaced with waitpid()) (#326)
Fixed additive inheritance not testing for duplicates in hosts/services/(+escalations) (#392)
Fixed very very (around 600k chars or greater) large plugin output crashing Nagios (#432)
Fixed first_notification_delay not beeing calculated from last_hard_state_change (#425)
Fixed duplicate downtime ID occuring from downtimes in retention file (#506)
Fixed segfault when navbarsearch was used in status.cgi for something other than a host (#489)
Fixed some miscellaneous ./configure issues on Solaris
Fixed “Locate host on map” link (#496) (Troy Lea)
Fixed service groups defined with unknown service members (that aren’t first in the list) not erroring out (#500)
Fixed tac.cgi to have consistent behavior with the other cgis (#481)
Fixed clear_host/service_flapping command logic to broker/notify properly (#525)

4.3.4 – 2017-08-24

FIXES

Improved config file parsing
Fixed configure script to check for existence of /run for lock file
Use absolute paths when deleting check results files
Add sanity checking in reassign_worker

4.3.3 – 2017-08-12

FIXES

xodtemplate.c wrong option-deprecation code warning
On-demand host check always use cached host state
‘á’ causes Serivce Status Information to not be displayed
New Macro(s) to generate URL for host / service object
Fix minor map issues
Fix lockfile issues
Switch order of daemon_init and drop_priveleges
Add an OpenRC init script

4.3.2 – 2017-05-09

FIXES

Every 15sec /var/log/messages is flooded with “nagios: set_environment_var”
Changed release date to ISO format (yyyy-mm-dd)
`make all` fails if unzip is not installed
Quick Search no longer allows search by Alias
flexible downtime on a service immediately turns off notifications
Fix to allow url_encode to be called twice
Update timeperiods.cfg.in (spelling)
Spelling fixes
Vent command pipe before remove to avoid deadlocks on writing end
CGI utility cgiutil.c does not process relative config file path names properly
xdata/xodtemplate.c bug in option-deprecation code
Wildcard searching causes service status links to not work properly
Quick search with no hits shows a permission denied error
Setting a service as its own parent is not caught by the sanity checker (-v) and causes a segfault

4.3.1 – 02/23/2017

FIXES

Backed out the changes related to the “login page” and “logoff link” from 4.3.0, since it was causing problems
Service hard state generation and host hard or soft down status
Comments are duplicated through Nagios reload
host hourly value is incorrectly dumped as json boolean
Bug – Quick Search no longer allows search by IP
Config: status_update_interval can not be set to 1
Check attempts not increasing if nagios is reloaded
nagios hangs on reload while sending external command to cmd file
Feature Request: return code xxx out of bounds – include message as well

4.3.0 – 02/21/2017

SECURITY

Fix for CVE-2016-6209 – The “corewindow” parameter (as in http://localhost/nagios?corewindow=www.somewhere.com) has been disabled by default. See the UPGRADING document for how to enable it.

ENHANCEMENTS

Added new flag to cgi.cfg: tac_cgi_hard_only to show only HARD state
Add broker-event for the end of a timed event (NEBTYPE_TIMEDEVENT_END)
There is no Macro to retrieve addresses of hostgroup members (now $HOSTGROUPMEMBERADDRESSES$)
Add “Page Tour” videos to several of the core web pages
Added a login page, and a `Logoff` links
On the status map, the host name will be colored if services are not all OK.
Added “Clear flapping state” command on host and services detail pages.
User-entered comment now displays below generated comment for downtime

FIXES

Fix early event scheduling
on-demand host checks triggered by service checks cause attempt number increments
Service notification not being send when host is in soft down state
configure does not error if no perl installed on CentOS 7
failed passive requests leave .ok files in checkresults dir
Services don’t show in status.cgi if “noheader” specified
Standardized check interval config file names
“Event Log” (showlog.cgi) could not open log file
“nagios_check_command” has been deprecated since v3.0. Last vestiges removed

4.2.4 – 12/07/2016

SECURITY

Fixed another root privilege escalation (CVE-2016-9566) Thanks for bringing this to our attention go to Dawid Golunski (http://legalhackers.com).

4.2.3 – 11/21/2016

SECURITY

There was a fix to a root privilege escalation (CVE-2016-8641)

FIXES

external command during reload doesn’t work
Nagios provides no error condition as to why it fails on the verify for serviceescalation
No root group in FreeBSD and Apple OS X
jsonquery.html doesn’t display scheduled_time_ok correctly
daemon_dumps_core=1 has no effect on Linux when Nagios started as root
Configuration check in hostgroup – misspelled hostname does not error
contacts or contact_groups directive with no value should not be allowed
Compile 64-bit on SPARC produces LD error
HOSTSTATEID returns 0 even if host does not exist
Submitting UNREACHABLE passive result for host sets it as DOWN if the host has no parents
nagios: job XX (pid=YY): read() returned error 11 (changed from LOG_ERR to LOG_NOTICE)
Fix for quick search not showing services if wildcard used

4.2.2 – 10/24/2016

SECURITY

(CVE-2016-9565) There was a fix to vulnerability CVE-2008-4796 in the 4.2.0 release on August 1, 2016. The fix was apparently incomplete, as there was still a problem. However, we are now getting all RSS feeds using AJAX calls instead of the (outdated) MagpieRSS package. Thanks for bringing this to our attention go to Dawid Golunski (http://legalhackers.com).

ENHANCEMENTS

Update status.c to display passive check icon for hosts when passive checks are enabled and actives disabled

FIXES

Fix permissions for Host Groups reports (status.cgi)
Service Parents does not appear to be functioning as intended
Availability report mixes up scheduled and unscheduled warning percentages
Invalid values for saved_stamp in comput_subject_downtime_times()
Remove deprecated “framespacing”
The nagios tarball contains two identical jquery copies
extinfo.cgi does not set content-type (most cgi’s don’t)
Timeperiods are corrupted by external command CHANGE_SVC_CHECK_TIMEPERIOD
Quick search doesn’t show hosts without services (service status detail page)
In host/services details view, if exactly 100 entries would not show last one
nagios host URL parameter for NEW map doesn`t work – Network Map for All Hosts
next_problem_id is improperly initialized
Passive problems not showing as “unhandled”
September reported as Sept instead of Sep
Notifications are not sent for active alerts after scheduled downtime ends
Nagios 4.2.0 not working on Solaris
install-exfoliation and install-classicui don’t work FreeBSD and Mac OS X
Updated makefile to delete some no-longer-needed files

4.2.1 – 09/06/2016

FIXES

Fix undefined variable php error
Links on the sidebar menu under ‘Problems’ are indented too far
Using $ARGn$ Macros in perfdata
using a wildcard in search returns service status total all zero’s
read_only does not take priority
Running nagios -v on 4.2.0 takes 90+ seconds
Bare “make” invoked in subtarget
Theme images/stylesheets installed with inconsistent permissions
Missing Image for Host and Service State Trends in Availability Report
Maintain non-persistent comments through reload
Servicegroup availability report ignores includesoftstates in service report links
error: format not a string literal and no format arguments
Synced config.guess and config.sub with GNU

4.2.0 – 08/01/2016

SECURITY

Fix for CVE-2008-4796
Fix for CVE-2013-4214
Fix for a Cross-Site Request Forgery attack vulnerability

ENHANCEMENTS

Increase socket queue length to avoid missing any connections
Added the host name to the website page title
The new Status Map will now use cgi.cfg options
The default_statusmap_layout will default to “6” for the new map
The new Status Map will now show some valid values in the popup for “Nagios Process”

FIXES

Network Outage will now work for people who don’t have access to all hosts
Fixed a problem that caused workers to loop
Fixed how HTML output from plugins gets handled
Fix for Command worker failing to handle SIGPIPE
Fix for some “Core Worker seems to be choked” conditions
Fixed a CPU load problem during polling on FreeBSD
Fixed a CPU load problem with workers
Flexible downtime no longer reported as “unscheduled”
Setting “flap_detention_enabled” to 0 (zero) will now remove flapping state
Several fixes to the new maps
Better handling of UTF-8 characters in plugin output
Reports were not handling custom time periods with special characters
A couple of fixes to the init script
Fixes to the JSON output
State history now uses plugin long output

4.1.1 – 08/19/2015

FIXES

Fixed CGI’s not being able to read object configuration data when dependencies were present (John Frickson)
Fix for exclude (!) not working for dependencies (John Frickson)

4.1.0 – 08/18/2015

ENHANCEMENTS

Make sticky status for acks and comments configurable enhancement #20 (Trevor McDonald / Scott Wilkerson)
Add host_down_disable_service_checks directive to nagios.cfg #44 (Trevor McDonald / Scott Wilkerson)
Promoted JSON CGIs to released status (Eric Stanley)
New graphical CGI displays: statusmap, trends, histogram (Eric Stanley)
httpd.conf doesn’t support Apache version > 2.3 (DanielB / John Frickson)

FIXES

Fix for not all service dependencies created (John Frickson)
Fix SIGSEGV with empty custom variable (orbis / John Frickson)
Fix contact macros in environment variables (dvoryanchikov)
Fixed host’s current attempt goes to 1 after going to hard state (John Frickson)
Fixed two bugs/problems: Replace use of %zd in base/utils.c & incorrect va_start() in cgi/jsonutils.c (Peter Eriksson)
Fixed: Let remove_specialized actually remove all workers (Phil Mayers)
Fixed log file spam caused when using perfdata command directives in nagios.cfg (shashikanthbussa)
Fixed off-by-one error in bounds check leads to segfault (Phil Mayers)
Added links for legacy graphical displays (Eric Stanley)
Update embedded URL’s to https versions of Nagios websites (scottwilkerson)
Fixed doxygen comments to work with latest doxygen 1.8.9.1 #30 (Trevor McDonald)
Fixed makefile target “html” to PHONY to fix GitHub issue #28 (Trevor McDonald)
Fixed typo as per GitHub issue #27 (Trevor McDonald)
Fixed jsonquery.php 404 not found error, and disabled Send Query button until form populates #43 (Scott Wilkerson)
Fixed linking in Tactical Overview for several of the Host entries in Featured section #48 (Scott Wilkerson)
Fixed passing limit and sort options to pagination and sort links #42 (Scott Wilkerson)
Added form field for icon URL and clean-up when it changes in CGI Status Map. (Eric Stanley)
Added options to cgi.cfg to uncheck sticky and send when acknowledging a problem (Trevor McDonald)
Low impact changes to automate the generation of RPMs from nagios.spec file. (T.J. Yang)
Update index.php (Trevor McDonald)
Fixed escaping of corewindow parameter to account for possible XSS injection (Scott Wilkerson)
Typo correction (T.J. Yang)
Make getCoreStatus respect cgi_base_url (Moritz Schlarb)
Adjusted map layout to work within frames (Eric Stanley)
Fixed map displays are now the full size of browser window (Eric Stanley)
Fixed labels and icons on circular markup no longer scale on zoom (Eric Stanley)
Got all maps except circular markup working with icons (Eric Stanley)
Fixes to make legacy CGIs work again. (Eric Stanley)
Fixes to make all/html target tolerant of being run multiple times (Eric Stanley)
For user-supplied maps, converted node group to have transform (Eric Stanley)
Fixed issue transitioning from circular markup map to other maps (Eric Stanley)
Fix displayForm to trigger on the buttom press (Scott Wilkerson)
Fix fo getBBox crash on Firefox (Eric Stanley)
Fixed map now resets zoom when form apply()’d (Eric Stanley)
Fixed so close box on dialogs actually closes dialog (Eric Stanley)
Corrected directive in trends display (Eric Stanley)
Fixed minor issue with link in trends linkes (Eric Stanley)
Fixed issue with map displaying on Firefox (Eric Stanley)
Added exclusions for ctags generation (Eric Stanley)
Update map-popup.html (Scott Wilkerson)
Initial commit of new graphical CGIs (Eric Stanley)
Fixed Github bug #18 – archivejson.cgi returns wrong host for state change query (Eric Stanley)
Status JSON: Added next_check to service details (Eric Stanley)
Fixed escaping of keys for scalar values in JSON CGIs (Eric Stanley)
build: Include <sys/loadavg.h> if it exists. (Eric J. Mislivec)
lib-tests: test-io{cache|broker} need -lsocket to link. (Eric J. Mislivec)
lib-tests: test-runcmd assumes GNU echo. (Eric J. Mislivec)
lib-tests: Signal handlers don’t return int on most platforms, and using a cast was the wrong way to resolve this. (Eric J. Mislivec)
Fix some type/format mismatch warnings for pid_t. (Eric J. Mislivec)
Fix build on Solaris. (Eric J. Mislivec)
runcmd: Fix build when we don’t HAVE_SETENV. (Eric J. Mislivec)
Fixed checkresult output processing (Eric Mislivec)
Corrected escaping of long output macros (Eric Mislivec)
Fixed null pointer dereferences in archive JSON (Eric Stanley)
Fixed memory overwrite issue in JSON string escaping (Eric Stanley)
JSON CGI: Now escaping object and array keys (Eric Stanley)

4.0.8 – 08/12/2014

ENHANCEMENTS

Removed 8 kB string size limitation in JSON CGIs (Eric Stanley)
Re-implemented auto-rescheduling of checks (Eric Mislivec)
Avoid bunching of checks delayed due to timeperiod constraints (Eric Stanley)
Limit the number of autocalculated core workers to not spawn too many on large systems (Eric Mislivec, Janice Singh)

FIXES

Removed quotes from numeric duration values in JSON CGIs (Eric Stanley)
Fixed escaping in JSON CGIs so all required characters are escaped, and in the correct order (Eric Stanley)
Fixed segfault in archive JSON CGI when plugin output was empty (Eric Stanley)
Fixed several possibilities for buffer overflow (Eric Mislivec, Dirkjan Bussink)
Fixed Tracker #582, #626: Handle VAR=VAL assignments at the start of simple commands (Eric Mislivec, Phil Randal)
Fixed Tracker #630: Recognize ‘<‘ and ‘>’ as redirection operators (Eric Mislivec)
Corrected worker communication protocol documentation (Phil Mayers)
Fixed init script to leave config test log in a better location, let sysconfig override init script variables, and not remove nagios.cmd when attempting to start with another instance running (Eric Mislivec, Robin Kearney)
Fixed Tracker #361: Downtime notifications not displayed properly (Andrew Widdersheim)

4.0.7 – 06/03/2014

ENHANCEMENTS

Added value of custom variables to Object JSON output for hosts, services and contacts (Eric Stanley)

FIXES

Fixed bug #616: Unescape plugin output read from checkresult files, fix multiline perf data concatenation, and avoid extra memory allocation and copies. (Eric Mislivec)
Fixed bug #609: Image on home page doesn’t have correct image path prefix. (Derek Brewer)
Fixed bug #608: Extra newline in service check timeout output string. (Mauno Pihelgas)
Fixed bug #596: Crashes checking contact authorization for host escalations. (Alexey Dvoryanchikov – duplicates #590, #586)
Fixed bug #496: Syntax error in exfoliation’s common.css. (Karsten Weiss)

4.0.6 – 04/29/2014

ENHANCEMENTS

Added name of authenticated user to JSON CGI results object (Eric Stanley)
Added Nagios Core version to the Status JSON CGI programstatus query (Eric Stanley)
Added daemon status to main page (Eric Mislivec)

FIXES

Fixed bug #600: Service Check Timeout State always returns OK (0) status (Mauno Pihelgas, Eric Stanley)
Fixed bug #583: Status Check Output of (No output on stdout) stderr: (Eric Stanley – duplicate of bug #573)
Fixed bug #573: Service checks returns (No output on stdout) stderr (Eric Stanley)
Fixed bug #438: Reloads during downtime causes wrong availability calculations (Eric Stanley)
Fixed feed updates when daemon can not access external networks (Eric Mislivec)
Archive JSON: Fixed bugs calculating availability (Eric Stanley)
Archive JSON: Allow missing logs to be skipped (Eric Stanley)

4.0.5 – 04/11/2014

FIXES

Fixed bug #595: Nagios 4 security fix (Alexey Dvoryanchikov, Eric Stanley)
Fixed bug #594: Nagios 4 fix contactgroups parsing (Alexey Dvoryanchikov, Eric Stanley)
Fixed bug #577: Nagios 4 checks stalled when write to socket failed (Alexey Dvoryanchikov)
Fixed bug #580: Nagios 4 memory leak (Eric Stanley)
Fixed init script to remove the switching of users when performing configuration verification which was causing failures if nagios user was set to nologin (Scott Wilkerson)
Fixed auto creation of RAMDISK via environment variables in init script to properly check existence using $RAMDISK_DIR environment variable. (Scott Wilkerson)
Fixed unreferenced variable NagiosVarDir in daemon-init (Eric Mislivec)
Fixed bug where audio alerts wouldn’t work with a 0 height and width – https://support.nagios.com/forum/viewtopic.php?t=26387 (Scott Wilkerson)

4.0.4 – 03/14/2014

ENHANCEMENTS

JSON CGIs moved to beta status (Eric Stanley)

FIXES

Fixed bug #491,#553: Rebuilt the daemon-init scripts back to something that should work on all systems (Scott Wilkerson)

4.0.3 – 02/28/2014

ENHANCEMENTS

Aliased hourly_value to importance and minimum_value to minimum_importance and deprecated the former (Eric Stanley)
Added host and service importance macros (Eric Stanley)
Added notifications on flexible downtime expiration (Dan Wittenberg)

FIXES

Bug #548: Temporary fix that rejects all external command during restart to prevent Core from crashing (Eric Stanley)
Corrected calculation of host importance and importance defaults (Eric Stanley)
Fixed bug #498: Nagios 4 enable_environment_macros=1 not working (Eric Stanley, Alexey Dvoryanchikov)
No longer checks whether logs can be written when verifying configuration (Eric Stanley)
Fixed CGI bug where the CGI could read past the end of the list of CGI variables, potentially crashing the CGI (Scott Wilkerson)
Fixed inheritance of hourly_value from host and service templates (Scott Wilkerson)
Fixed bug #502: 4.0.0: Configuration -> Service Escalations = incomplete list (Eric Stanley)
Fixed bug #523: quotes and double quotes in plugin message are converted to HTML escapes in Nagios 4.0 (duplicate of bug #524)
Fixed bug #524: URLs returned in plugin check results are not correctly displayed (Eric Stanley)
Fixed bug where passive service checks would return “Service check timed out after 0.00 seconds” (Scott Wilkerson)

4.0.2 – 11/25/2013

FIXES

Fixed bug 528: Nagios 4.0.1: Logrotation: Only current host- and servicestates saved in rotated logfiles (duplicate of 507)
Fixed bug 507: Nagios 4.0.0 – Problem during log rotate (Stefano Ghelfi)
Fixed bug 530: RPM spec file sets wrong permissions on plugins directory (duplicate of bug 494)
Fixed bug 494: nagios.spec fixes (with patch) (Karsten Weiss)
Fixed bug 515: Segsegv after starting up nagios (duplicate of bug 526)
Fixed bug 513: Crash while entering downtime for service (duplicate of bug 526)
Fixed bug 529: Core Worker failed to reap child in 4.0.1 Description
Fixed bug 514: scheduled downtime not showing in web interface (Eric Stanley)
Fixed bug 526: sort_downtime() corrupts scheduled_downtime_list causing segfault (Adam James)
Fixed bug 492: Nagios 4 fails to remove/add checks upon reload (Eric Stanley)
Fixed Bug 484: Beta4.0.0b4 service checks returning (No output on stdout) (Eric Stanley)
Fixed Bug 470: statusmap doesn’t display info (Cameron Moore)
Fixed Bug 499: Security issue in daemon-init.in, function check_config (Tómas Edwardsson)

4.0.1 – 10/15/2013

ENHANCEMENTS

Added compiler flags in RPM spec file to reduce compiler noise (Dan Wittenberg)
Added logging of failure in dlclose() call (Anton Lofgren)
Added a simple query handler interface, nagios-qh.rb (Dan Wittenberg)
Multiple code simplifications, additional error handling in downtime code (Andreas Ericsson)

FIXES

Reverted commit f99a9a7b which set check_interval to 1 if it was configured as zero.
Corrected order of arguments when logging unknown hosts/services (Scott Wilkerson)
Downtime initialized before retention data read (Eric Stanley)
Patches to make RPM build again (Dan Wittenberg)
Ensure that scheduled_downtime_depth never drops below zero (Andreas Ericsson)

4.0.0 – 09/20/2013

See changes in What’s New page of documentation