Release The Memory Remains 1.36.34
Published on August 12, 2024 by Isaac Connor
# Changes since 1.36.33
- fix mouseEvent property names, allowing zooming into recorded events
- Handle ffmpeg5 channel deprecations
- add debian Add bookworm support
- add Help text for OPTIONS_ALARMMAXFPS
- remove Remove chowning /usr/share/zoneminder from docs.
- docs: Spelling, fix missing db in database create for bullseye, add bookworm instructions
- Clean up help text for ZM_LOG_DEBUG_FILE to not say that it can include a directory. It should be JUST a filename.
- Do not allow directory names in ZM_LOG_DEBUG_FILE. Only log to ZM_LOG_DIR
- Load the ZM::Event using the Event Model data instead of loading by Id which goes back to db for performance (API faster)
- If no next bulk frame use Event data to estimate the delta to supply an image
- remove duplicate event save when updating Disk Space
- Allow caching of images in view=image
- Improve logging wrt insufficient permissions
- Update fail2ban.rules
- Don't show bandwidth options if there are none to choose from
- Update redhat build docs
- Fix missing auth_relay on alarm xhr
- Make objdetect modals 65% width to make it easier to see
- Don't exit on segfault, perhaps allowing graceful shutdown
- Switch from utf8 to utf8mb4 so that collation works
- Handle failure to db query more gracefully
- Transform date string to int to satisfy newer php
- Add auth_relay to control command
- ONVIF: Handle RateControl being undef
- Restrict mid to a cardinal value. Fixes GHSA-9cmr-7437-v9fj
- in detaintPath also strip :// because php:// is a way to inject code
- Only allow Events Columns for sort. Fixes GHSA-2qp3-fwpv-mc96. Fixes GHSA-9cmr-7437-v9fj
- Use https proxy instead of http since we now access an https url
- Fix Auto Unarchive not deselecting
- define count. Fixes #3799
- Add quotes around dbUser and dbPass to prevent command injection in zmcamtool.pl and zmupdate.pl
- If group is empty, return false for canview so that it doesn't appear in dropdowns etc.
- Only show groups that we can view
- Revert change to cookie and cookie expire to fix loss of bootstrap table preferences. Add samesite
- Info to Debug for login.
- API: Always return an array in getCredentialsDeprecated
- API: Don't try to do auth if auth is turned off
- When ZM_AUTH_HASH_IPS is off, don't use remote ip in storing auth hash in session. If ips are constantly changing it breaks.
- API: Don't assume findByEventidAndType actually returns a frame. If we are only recoridng, then there will be no alarm frames in the db
- Make view does not exist an error instead of fatal
- Handle ffmpeg 7 deprecations
- Set fps and bandwidth to 0 on start and stop of zmc.
- When editing buffer settings, ensure that MaxImageBuffers > PreEventCount.
- Use either version or version.txt. Fixes #3798
- clear packet images even when there is an event, because we send it to the event, which will use the images and so we don't need them anymore. ALso free analysis images even when not passthrough.
- Set default value for rows per page using WEB_EVENTS_PER_PAGE. Fixes #3728
- When save cookies via PHP >= 7.3.0, add handling of the "path" value in the options (session.php)
- Change save button to a regular button that calls validateForm and don't set form.subit to validateForm. ValidateForm will now alert and switch tabs to better inform what the incorrect value is. Built-in validation doesn't work due to tabs and the invalid input not being focusable
- Add UpdatedOn field to Monitor_Status and update it when updating Monitor_Status
- Delete Monitor_Status records that havn't been updated in over a minute
- Sanitise displayinterval,speed and scale parameters. Fixes GHSA-pjjm-3qxp-6hj8
- Sanitise filter[Id] when parsing filter. Fixes GHSA-6rrw-66rf-6g5f
- Move code to shutdown the process properly into exit_zms and use it when auth fails. The stops a segfault.
- Limit scale to 16x mainly to put an upper bound on the amount of ram we might use.
- Limit scale in montagereview to 1.1 to prevent requesting
- fix mouseEvent property names, allowing zooming into recorded events
- Handle ffmpeg5 channel deprecations
- add debian Add bookworm support
- add Help text for OPTIONS_ALARMMAXFPS
- remove Remove chowning /usr/share/zoneminder from docs.
- docs: Spelling, fix missing db in database create for bullseye, add bookworm instructions
- Clean up help text for ZM_LOG_DEBUG_FILE to not say that it can include a directory. It should be JUST a filename.
- Do not allow directory names in ZM_LOG_DEBUG_FILE. Only log to ZM_LOG_DIR
- Load the ZM::Event using the Event Model data instead of loading by Id which goes back to db for performance (API faster)
- If no next bulk frame use Event data to estimate the delta to supply an image
- remove duplicate event save when updating Disk Space
- Allow caching of images in view=image
- Improve logging wrt insufficient permissions
- Update fail2ban.rules
- Don't show bandwidth options if there are none to choose from
- Update redhat build docs
- Fix missing auth_relay on alarm xhr
- Make objdetect modals 65% width to make it easier to see
- Don't exit on segfault, perhaps allowing graceful shutdown
- Switch from utf8 to utf8mb4 so that collation works
- Handle failure to db query more gracefully
- Transform date string to int to satisfy newer php
- Add auth_relay to control command
- ONVIF: Handle RateControl being undef
- Restrict mid to a cardinal value. Fixes GHSA-9cmr-7437-v9fj
- in detaintPath also strip :// because php:// is a way to inject code
- Only allow Events Columns for sort. Fixes GHSA-2qp3-fwpv-mc96. Fixes GHSA-9cmr-7437-v9fj
- Use https proxy instead of http since we now access an https url
- Fix Auto Unarchive not deselecting
- define count. Fixes #3799
- Add quotes around dbUser and dbPass to prevent command injection in zmcamtool.pl and zmupdate.pl
- If group is empty, return false for canview so that it doesn't appear in dropdowns etc.
- Only show groups that we can view
- Revert change to cookie and cookie expire to fix loss of bootstrap table preferences. Add samesite
- Info to Debug for login.
- API: Always return an array in getCredentialsDeprecated
- API: Don't try to do auth if auth is turned off
- When ZM_AUTH_HASH_IPS is off, don't use remote ip in storing auth hash in session. If ips are constantly changing it breaks.
- API: Don't assume findByEventidAndType actually returns a frame. If we are only recoridng, then there will be no alarm frames in the db
- Make view does not exist an error instead of fatal
- Handle ffmpeg 7 deprecations
- Set fps and bandwidth to 0 on start and stop of zmc.
- When editing buffer settings, ensure that MaxImageBuffers > PreEventCount.
- Use either version or version.txt. Fixes #3798
- clear packet images even when there is an event, because we send it to the event, which will use the images and so we don't need them anymore. ALso free analysis images even when not passthrough.
- Set default value for rows per page using WEB_EVENTS_PER_PAGE. Fixes #3728
- When save cookies via PHP >= 7.3.0, add handling of the "path" value in the options (session.php)
- Change save button to a regular button that calls validateForm and don't set form.subit to validateForm. ValidateForm will now alert and switch tabs to better inform what the incorrect value is. Built-in validation doesn't work due to tabs and the invalid input not being focusable
- Add UpdatedOn field to Monitor_Status and update it when updating Monitor_Status
- Delete Monitor_Status records that havn't been updated in over a minute
- Sanitise displayinterval,speed and scale parameters. Fixes GHSA-pjjm-3qxp-6hj8
- Sanitise filter[Id] when parsing filter. Fixes GHSA-6rrw-66rf-6g5f
- Move code to shutdown the process properly into exit_zms and use it when auth fails. The stops a segfault.
- Limit scale to 16x mainly to put an upper bound on the amount of ram we might use.
- Limit scale in montagereview to 1.1 to prevent requesting