CHANGELOG

Cacti CHANGELOG

1.3.0-dev
-issue#2205: Allow admins to disable RRDtool watermark
-issue#3066: Enable the secure flag on cookies when HTTPS is enabled.
-issue#3074: ss_net_snmp_disk_bytes.php and ss_net_snmp_disk_io.php do now report mmcblk data.
-issue#3141: Fix FreeBSD IPv6 ping
-issue#3547: Database Audit utility does not check database permissions
-issue#3555: Increase device threads up to 10
-issue#3559: When a developer uses backtracing, HTML output can be seen from command line bug confirmed
-issue#3760: Devices showing blank after deleteing and Poller sync
-issue#3560: When using `input_validate_xxx`, calls to `die_html_input_error()` do not pass variable name bug confirmed
-issue#3710: When fetching tree information, database is not queried properly
-issue#3636: Spikekill method variable is misinterpreted when calculating overall statistics
-issue#3675: Spikekill fills in NaN values outside specified time range
-issue#3793: Calling function read_config_option in plugin's setup.php leads to error
-issue#4362: Fix variable in change_device.php
-issue#4347: race with proc_open leads to blocked rrdtool processes
-issue#4744: Fix graph automation bug in api_automation.php
-feature#1214: Move Tree Create/Remove/Modify Functions to lib/api_tree.php
-feature#1523: Value above RRD maximum value
-feature#2437: Create system-wide Proxy settings for plugins
-feature#2439: Allow CDEF to be used as a filter for Graph/Graph Templates
-feature#2474: Enable better version reporting for GitHub/Source/Package editions
-feature#2550: Enable use of authenticator codes for Two-Factor Authentication
-feature#2607: Allow adding sites from command line
-feature#2767: Plugins should be temporarily disabled if a required plugin is also disabled
-feature#3139: Added option in CLI tool remove_graphs for deletion of single graph
-feature#3187: Feature: rra path should be configurable
-feature#3260: When a device is added, populate the created date/time
-feature#3513: Add hooks for plugins to show customize graph source and customize template url
-feature#3558: Allow copy_user cli script to set various additional fields
-feature#3584: Verify passwords against Pwned databases using API
-feature#3585: CLI script to show database permissions that Cacti has
-feature#3568; Allow exclusion of snmp fields / value(s) when adding graphs via CLI
-feature#3620: Spikekill operation changed from left-to-right to highest-downward
-feature#3677: Relocate the delete button for collectors to the edit page
-feature#3679: Allow searching logs by name, not just id
-feature#3724: Create Spikekill method to kill values over an absolute maximum
-feature#3725: Create the ability for Spikekill to modify only certain DSes within an RRD
-feature#3738: Ability to see MySQL permissions associated with current database user
-feature#3740: Ability to disable a site
-feature#3417: Add worst poller hosts to support page, log and email warning when poller time reached defined threshold
-feature#3662: Allow changing device details via CLI
-feature#3845: Allow non-standard Remote Agent port to be used
-feature#3943: Add hooks for plugins to show customize graph source and customize template url (List View)
-feature#4291: When creating data query associations, auto select matching source
-feature#4296: Add hyperlink from graph edit page to graph-view
-feature#4300: Allow GPrint/CDef/VDef to be visibile in graph template item lists
-feature#4339: Change CLI progress output for rebuilding poller cache
-feature#4537: Update phpseclib to 2.0.35

1.2.20
-security:   Resolve issues with SQL injections in user_admin and user_group_admin.  Thanks @enesdex
-issue#3816: Installation can sometimes appear stuck during replication or table conversion
-issue#4363: Duplicate entries in graph_templates_item - mabye an aftermath of the template edit bug
-issue#4435: Unable to Save Graph Settings from the Graphs pages
-issue#4449: Script Server can crash if an OID is missing from device
-issue#4451: Remote pollers may not get settings when system-wide polling is turn off
-issue#4455: When updating poller name, matches may be too wide in scope
-issue#4458: MIB Cache column check causes poller crash under PHP 8.x
-issue#4461: When viewing graph data, non-numeric values may appear
-issue#4457: Titles may show "Missing Datasource" incorrectly
-issue#4460: Polling does not complete as expected on larger systems
-issue#4472: Utilities view has calculation errors when there are no data sources
-issue#4475: Running cacti with PHP8.1 shows lots of warnings in the log
-issue#4477: Remote pollers do not force connection when online
-issue#4479: As a repair tool, the rebuild poller cache scripts lacks critical options to reduce runtimes
-issue#4480: Saving a Data Template can damage Data Sources if the Data Template is not constructed properly
-issue#4481: When using a Cacti Format File for a Report, the Reports still use Legacy Font Size and Alignment Attributes
-issue#4482: Graph Automation slowed by in-efficient index selection when creating Graphs
-issue#4491: Rebuild poller cache problem after change snmp version via DB query
-issue#4495: DSSTATS will get invalid data for some devices after reboot requiring purging of stats
-issue#4498: Layout function textBoxWidth() does not work on input type form elements
-issue#4500: DSStats Does not Scale on Large Systems
-issue#4509: Updating Graph Template Items for a Template is Slow on Large Systems
-issue#4511: When viewing SVG Graphs the Graphs do not size properly when using the Time View UI
-issue#4512: The Cacti API can not remove a Graph that has no Data Sources

1.2.19
-security#4356: Further fixes for grave character security protection
-issue: Over aggressive escaping causes menu visibility issues on Create Device page
-issue#3787: Add SHA256 and AES256 security levels for SNMP polling
-issue#4289: Import graph template(Preview Only) show color_id new value as a blank area
-issue#4341: Editing graphs can cause errors due to missing sequence
-issue#4342: When hovering over a Tree Graph, row shows same highlighting as Graph Edit screen
-issue#4343: When RealTime is not active, console errors may appear
-issue#4347: Race conditions may occur when multiple RRDtool processes are running
-issue#4352: Creating graphs from templates may sometimes result in errors
-issue#4353: When duplicating reports, errors may occur
-issue#4375: Boost may be blocked by overflowing poller_output table
-issue#4378: Template import may be blocked due to unmet dependency warnings with snmp ports
-issue#4381: Newer MySQL versions may error if committing a transaction when not in one
-issue#4382: SNMP Agent may not find a cache item
-issue#4383: Correct issues running under PHP 8.x
-issue#4391: When polling is disabled, boost may crash and creates many arch tables
-issue#4396: When poller runs, memory tables may not always be present
-issue#4400: Removal of redunant code
-issue#4403: Timezones may sometimes be incorrectly calculated
-issue#4404: Allow monitoring IPv6 with interface graphs
-issue#4408: When a data source uses a Data Input Method, those without a mapping should be flagged
-issue#4410: When RRDfile is not yet created, errors may appear when displaying the graph
-issue#4419: Cacti missing key indexes that result in Preset pages slowdowns
-issue#4420: Data Sources page shows no name when Data Source has no name cache
-issue#4421: db_update_table function can not alter table from signed to unsigned
-issue#4422: data remains in poller_output table even if it's flushed to rrd files
-issue#4423: Parameter list for lib/database.php:db_connect_real() is not correct in 3 places
-issue#4424: Offset is a reserved word in MariaDB 10.6 affecting Report
-issue#4425: Rendering large trees slowed due to lack of permission caching
-issue#4428: Error on interpretation of snmpUtime, when to big
-issue#4431: Applying right axis formatting creates an error-image
-issue#4435: Unable to Save Graph Settings from the Graphs pages
-issue#4437: Graph Template Cache is nullified too often when Graph Automation is running
-issue#4438: When Adding a Data Query to a Device, no Progress Spinner is shown
-issue#4439: New Browser Breaks Plugins that depend on non UTC date time data
-issue#4440: Undefined index: timeout_exceed /lib/poller.php on line: 1953
-issue#4442: When testing remote poller connectivity Errors occour
-issue#4443: When renaming poller errors occour
-issue#4444: Removing spikes by Variance does not appear to be working beyond the first RRA
-issue#4445: LDAP API lacks timeout options leading to bad login experiences
-feature: Add a normal/wrap class for general use
-feature: Limit File Types available for Template Import operations
-feature#1573: Cacti does not provide an option of providing a client side certificate for LDAP/AD authentication
-feature#3113: Support Stronger Encryption Available Starting in Net-SNMP v5.8
-feature#4299: Allow Cacti to use multiple possible LDAP servers
-feature#4344: Add a 15 minute polling/sampling interval
-feature#4385: Provide additional admin email notifications
-feature#4390: Add warnings for undesired changes to plugin hook return values
-feature#4409: When creating a Graph, make testing the Data Sources optional by Template
-feature#4412: Update phpseclib to 2.0.33
-feature#4413: Update jstree.js to 3.3.12
-feature#4414: Improve performance of Cacti poller on heavily loaded systems
-feature#4426: MariaDB recommendations need some tuning for recent updates

1.2.18
-security#4261: Lack of escaping on template import can lead to XSS exposure under 'midwinter' theme (CVE-2020-14424)
-security#4276: Real time graphs can expose XSS issue
-security#4282: Session IDs are not always recreated when logging out under PHP 5
-issue#4250: Unable to create graphs due to Data Source verification failure
-issue#4254: When poller first runs, time since last run produces an error
-issue#4259: Data Template caching does not update and causes errors
-issue#4263: Graphs with multiple data sources can no longer display percenticles
-issue#4266: Incomplete items from a previous polling session may be updated twice
-issue#4267: Unnecessary warnings appear when host name is not resolved
-issue#4269: Installation Wizard can become stuck when creating graphs for default device
-issue#4271: Continued timeout of registered processes
-issue#4272: Unexpected errors may appear when using hostnames without a DNS domain
-issue#4273: When adding a device from command line, testing of data sources can cause errors to be recorded
-issue#4274: When you start to zoom a graph, the auto graph refresh should be disabled
-issue#4279: Default Setting "Device Threads" will not be saved correctly
-issue#4284: Database upgrade can fail - Uncaught argument count error
-issue#4293: Tree search does not take hosts belonging to a site into account
-issue#4284: Whilst upgrading, errors in upgrade scripts prevent properly execution
-issue#4294: Tables outside of pre-built list that need fixing, cause bad unknown column errors
-issue#4295: If a page contains multiple tables, a larger table can cause small ones to lose columns
-issue#4297: Unable to search using regular expressions when trying to filter graphs
-issue#4312: When using CMD.PHP as the poller, warnings can appear if you only use a subset of data input types
-issue#4314: When disabling the snmpagent, you can introduce significant delay to data collection
-issue#4315: Reduce repeatative warnings when resources are exhausted
-issue#4316: Remove Spikes CLI interface is unable to provide localized spike, gap fill or float operations
-issue#4321: Earlier versions of RRDTool do not correctly ignore previous updates
-issue#4324: Date/Time format of replacement field on graph cannot be changed
-issue#4325: When editing graph items, make identifying rows easier
-issue#4326: When using large lists, ensure selection is visible in dropdown menus
-issue#4330: Automation attempts to call undefined debug function
-issue#4333: Under FreeBSD, allow ping to work properly for IPv6
-issue#4367: Report owner - show at least the username when the full name is empty
-feature#4258: Update phpseclib to 2.0.31
-feature#4283: Content Security Policy may block Plugin functionality
-feature#4317: Allow the Cacti administrator to perform bulk gap filling and floating in parallel
-feature#4322: Update pace.js to version 1.2.4

1.2.17
-security#4019: Incorrect handling of fields led to potential XSS issues
-security#4022: SQL Injection was possible due to incorrect validation order (CVE-2020-35701)
-security#4035: Various XSS issues with HTML Forms handling
-issue: CLI scripts should not have a max allowed runtime
-issue: Normalize plugin hooks between user_admin.php and user_group_admin.php
-issue#1052: TimeZones are not handled correctly with Daylight Savings changes
-issue#3392: Allow plugins to customize device listing page
-issue#3879: Allow Graph/Data Source with custom fields to prompt during manual creation
-issue#3908: When poller overruns the script server can throw errors upon shutdown
-issue#3936: Editing a graph created from Aggregate Graph can fail
-issue#3945: CSV export can show NaN for date if TimeZone does not match system
-issue#3969: SNMPv3 Password field does not correctly limit to size of database field
-issue#3976: Font colors are being overridden leading to display issues
-issue#3977: Database upgrade may fail when using upgrade_database.php
-issue#3978: Input Validation was not handled correctly when displaying graph trees
-issue#3981: Missing API include leads to runtime errors in Automation
-issue#3985: Collation was not always handled correctly in the database library
-issue#3988: Automation raises errors when default snmp options is set to none
-issue#3990: PHP Information was not being displayed properly under Tech Support
-issue#3999: Ensure database audit code attempts to use passwordless options before sending credentials
-issue#4001: Ensure Cacti can support PHP 8
-issue#4002: Pollers may sometimes not recover properly once they go offline
-issue#4005: When viewing Realtime Graphs, validation errors may be seen for Size parameter
-issue#4008: Massive decrease in poller performance due to unset variable
-issue#4009: Ensure number format functions are consistent for i18n usage
-issue#4021: Increase maximum number of device threads
-issue#4031: Secondary filters on Data Collectors and Data Profiles do not work as expected
-issue#4033: Action Icons changed to be consistent with admin UI
-issue#4036: During discovery, Automation can throw unexpected errors due to null values
-issue#4038: When creating new graphs, a second click is required even if not needed
-issue#4042: RRD Updates can become disabled when saving performance options
-issue#4043: Boost can become unresponsive when large number of archive tables exist
-issue#4049: Enable sensitive graph information to be hidden from standard users
-issue#4050: When showing table conversion script, the example path can be displayed incorrectly
-issue#4056: Rename "Show Exceptions" checkbox to "Only Show Exceptions" which more actually reflects its function
-issue#4060: When attempting to get client address, incorrect information may be returned
-issue#4061: When getting date format, default options are not always honored
-issue#4066: Enable Boost to utilize multiple processes
-issue#4067: Disable BOOST image caching when using Graph Zoom features
-issue#4068: When viewing graphs, individual graph sizes can be ignored in favour of global default
-issue#4070: Summary data can fail to calculate when the RRDfile lacks the Data Source
-issue#4073: Zoom functionality can fail when a graph has lost focus.
-issue#4074: Realtime Images are not always adhering to defined format
-issue#4075: LDAP Settings lead to confusion when setting up LDAP authentication
-issue#4076: MariaDB tuning link points to a dead URL within System Utilities
-issue#4077: If user has no permissions assigned and tries to login, a redirect loop occours
-issue#4079: When checking current timestamps, make audit replace mysql function usage with preferred CURRENT_TIMESTAMP variable
-issue#4080: Cacti regular expression searching does not quote expressions
-issue#4082: RRDtool version detection not working for RRDproxy setup
-issue#4083: RRDCleaner does not support RRDproxy
-issue#4086: Large system performance negatively impacted due to $spikekill_templates behavior
-issue#4092: On large systems, Primary ID usage on heavily used tables will overflow due to default MySQL variable size
-issue#4095: When viewing Plugins page, icons can sometimes be misaligned
-issue#4098: Graphs and Data Sources lists can become unresponsive on very large systems
-issue#4100: When viewing User Admins, a division by zero error can sometimes be seen
-issue#4105: Allow admins to define bulk walk repetition sizes
-issue#4109: Realtime graphing can sometimes cause gaps in historic data
-issue#4110: Graph Variables are not always parsed correctly leading to errors in log files
-issue#4116: Upgrading large trees from 0.8.x to 1.x is slow
-issue#4117: Script server throws errors if a command line argument includes a backslash
-issue#4119: Implicit flushing is not always enabled, depending on OS, resulting in Script Server result issues
-issue#4121: LDAP search filter cannot be configured if too many OUs or filters are nested
-issue#4122: Automation causes SQL syntax errors when invalid operations are present
-issue#4125: On completing the installation wizard, an internal server error can sometimes be observed
-issue#4126: Deleting a damaged graph can sometimes led to removal of valid graphs too
-issue#4127: When updating Trees, graph titles are calculated too often leading to unresponsiveness
-issue#4130: On large systens, Graph creation can become unresponsive due to large number of data sources
-issue#4131: A design flaw makes importing new Graph Template slow on large systems
-issue#4134: MIB Caching does not always work as expected
-issue#4135: On large Cacti installs, editing Data Templates is slow
-issue#4136: When repairing database at command line, no option exists to skip table checks and force Data Source repair
-issue#4141: Unusually long comments do not wrap when viewing graphs, and haven't in this CHANGELOG entry either
-issue#4143: Prevent some false positive scenarios when detection orphan graphs
-issue#4147: Poller items are evaluated too quickly when mixed polling cycles are used
-issue#4148: Ensure automatic refresh of cacti log view works consistently
-issue#4149: Ensure utilities show correct information when in offline mode
-issue#4161: Data source template names should be shown in the respective "suggested values" sections
-issue#4162: Allow Persistent Connections to MariaDB/MySQL to be configured
-issue#4164: Unable to easily track Cacti login sessions when using database sessions
-issue#4166: Auto-select text when focusing auto complete elements
-issue#4169: Ensure Log Viewer 'Go' and 'Clear' buttons behave as expected
-issue#4170: Enable full name tooltips for Alias/Description columns
-issue#4173: Ensure Console menu icons are properly aligned
-issue#4174: When using replication, ensure binary logging can be disabled
-issue#4175: When syncing Templates, prevent false 'Damaged Graph' notifications from appearing
-issue#4177: Simplify Graph/Template authorization searches when not using restricted mode
-issue#4179: Correct class usage on Graph Sidebar Icons to be consistent
-issue#4180: Remove logoff option when using basic authentication
-issue#4181: Ensure realm names are more consistent
-issue#4182: Allow Automatic Graph Creation to utilise Data Templates with Overriden Values
-issue#4183: Processes can be terminated early due to incorrect timeout calculation
-issue#4184: Ensure error logging is consistent when using CMD processor instead of spine
-issue#4185: Updating Signal Handling to recommended standards for PHP 7.1+
-issue#4186: When editing a Fixed String on Tree Rule it is improperly displayed as "Unknown"
-issue#4187: Provide more direct method fo navigating to Data Source from Graph
-issue#4188: Replacement variable names are difficult to find for Aggregate Graphs and Templates
-issue#4189: Allow links from a page to its specific documentation
-issue#4190: Augmenting roles can incorrectly link to roles instead of realms in rare cases
-issue#4192: Devices search can return a black screen if device name contains the hash/pound # character
-issue#4193: Allow command line reindex to work with disabled devices
-issue#4195: When search text includes # character, filtering does not always work as expected
-issue#4197: When attempting to do a rollback on versions, the installer will not restart
-issue#4199: Allow Cacti administrator to define a min refresh interval to prevent graph gaps
-issue#4205: When removing Data-query Associated Graph Templates, it deletes the graphs Templates from bottom to top
-issue#4206: When a report was delayed, the report's time is incorrectly changed
-issue#4215: Poller recovery starts multiple processes and fails to recover properly
-issue#4223: Parallel boost restart due to timeout can result in errors.
-issue#4227: When remote poller is in offline mode, data is written to more tables than necessary
-issue#4228: Under specific circumstances, redirection issues can occur after login
-issue#4229: When no snmp option is set, automation can incorrectly report a number of issues
-issue#4232: Database TLS configuration requires client certificates as well
-issue#4233: Potential typos and incomplete parameter lists for database connection variables
-issue#4241: Tree sort mechanism does not take sites into account
-issue#4251: Caching of Graph Titles can be incorrect
-feature: Add Theme 'Midwinter'
-feature: Update phpseclib to version 2.0.30
-feature#645: Modify automation to test for data before creating graphs
-feature#3513: Add hooks for plugins to show customize graph source and customize template url
-feature#3572: Missing prompts during automation's device creation leads to blank data
-feature#4012: Allow CSRF security key to be refreshed at command line
-feature#4013: Allow remote pollers statistics to be cleared
-feature#4113: Allow user to be automatically logged out after admin defined period
-feature#4176: When replicating, ensure Cacti can detect and verify replica servers
-feature#4210: Replace c3.js with billboard.js

1.2.16
-issue#3704: When generating a report, the Cascade to Branches function does not as expected
-issue#3859: When viewing graphs, automatic refresh so not always work as expected
-issue#3898: Realtime graph pop up counter bug
-issue#3903: Undefined variable errors may occur when creating a new datasource
-issue#3907: The cli-based installer does not exit with a non-zero exit code when error occurs
-issue#3912: When an export is complete, sometimes the progress bar remains
-issue#3915: When enabling many devices, a threshold can be reached causing a slowdown in the process
-issue#3916: When performing actions against Devices, replicated device information could sometimes be lost
-issue#3917: When using API to rename a tree node, backtrace may be incorrectly shown
-issue#3919: When searching, valid pages can sometimes be shown as empty
-issue#3920: When exporting data from graphs, not all data was properly included
-issue#3924: Graph Templates filter is not updated after new graph created
-issue#3926: Username and password on the login page is not visible in Classic theme
-issue#3929: Improve wording of concurrent process and thread settings
-issue#3930: Location filter should remove blank entries
-issue#3931: When syncing data collectors, a reindex event may be triggered unnecessarily
-issue#3932: Automation Networks allows discovery of invalid IP addresses
-issue#3933: When changing permissions of the current user, they don't take effect immediately
-issue#3935: When reindexing a device, an incorrect page was sometimes displayed
-issue#3942: When repairing database, audit_database.php does not add missing columns
-issue#3948: Spine 1.2.15 - Spine Encountered An Unhandled Exception Signal Number: '6' [11, Resource temporarily unavailable] (Spine thread)
-issue#3949: Log page should not be empty if no log info exists
-issue#3953: During upgrade, there are times when realms can be duplicated leading to SQL errors
-issue#3957: When using ping.php, UDP response times are not interpreted properly
-issue#3960: Improve warning you get when attempting to view a log file you don't have access to
-issue#3962: When replicating files, scripts are not marked as executable
-issue#3963: When creating plugin tables, collation is not set properly
-feature: Update c3.js to version 0.7.20
-feature: Update Chart.js to version 2.9.4
-feature: Update phpseclib to version 2.0.29
-feature: Update PHPMailer to version 6.1.8
-feature: Use LSB shebang notation for cli scripts
-feature: Add support for cactid daemon based launcher
-feature#3923: Add ability to hide the Graph Drilldown icons
-feature#3943: Add hooks for plugins to show custom Graph Source and custom Template URL (List View)

1.2.15
-issue#3643: When editing Maximum OIDs Per Get Request, blank value can cause errors
-issue#3656: Boost may run more often than it should
-issue#3693: Recache Event Loop can cause Interface Graphs to show gaps
-issue#3703: When searching Graph Tree's, non matching devices remain visible
-issue#3711: Page validation errors may occur when opening real time graphs
-issue#3722: External Links do not always open if they are still open from previous usage
-issue#3730: Cultural changes to various word usage
-issue#3741: Replicate deleted device status instead of poller sync
-issue#3743: Description field allows more characters entered than is stored
-issue#3747: When installing or upgrading, LDAP functions may not always be included properly
-issue#3748: Unable to remove discovered device
-issue#3753: When installing or upgrading, PHP recommendations may not always return a valid value
-issue#3755: Graph Templates has duplicate SQL delete statement
-issue#3759: When syncing to remote poller, missing function errors may occur
-issue#3760: When removing devices from remote pollers, devices may reappear without details
-issue#3761: When removing devices, array errors may sometimes be recorded
-issue#3763: Variable injection does not always work as expected
-issue#3764: Editing Data Queries with multiple data templates can give errors about Suggested values
-issue#3767: Progress bar does not provide enough visual information during long page loads
-issue#3768: Some themes do not allow for a way to see which user is currently signed in
-issue#3769: When viewing tables, allow users to force all columns to be visible
-issue#3770: Column sizing is being lost between pages refreshes
-issue#3771: When viewing input methods table, no ID is shown to help identify which method is being viewed
-issue#3775: Filters do not always respect using keyboard to initiate searching
-issue#3778: When exporting a data query, an invalid column name error can sometimes be shown
-issue#3781: When checking if a view is allowed, having no session can result in errors
-issue#3782: When removing devices via the CLI, undefined variable errors may be seen
-issue#3786: Real Time Graphs may cause invalid index errors
-issue#3790: On newer versions of MySQL/MariaDB, 'system' keyword can cause issues
-issue#3793: Plugin setup can generate errors when reading options via system function
-issue#3809: Plugin version numbers can be unexpectedly truncated
-issue#3815: When PHP Session is set to autostart, an error can be reported as Cacti attempts to start it
-issue#3820: When removing multiple items, selection process does not always work
-issue#3821: When exporting colors, the indicator is not always removed upon completion
-issue#3825: Unable to pass tree and leaf ID to 'graph_button' hook
-issue#3827: When performing maintenance, various errors may sometimes be seen
-issue#3828: When Guest User setting is active, current user is not always properly set
-issue#3831: When installing Cacti, minor errors in text can be seen
-issue#3835: Numbers are not always formatted properly when there are no decimal places
-issue#3836: When viewing Real Time Graphs, an undefined index error may be recorded
-issue#3844: Minor memory leaks and refresh issues when zooming on graphs
-issue#3847: Real Time Graphs may sometimes fail due to folder permissions
-issue#3849: Navigation can sometimes occur unexpectedly due to background timers
-issue#3850: Trees management screen not reporting correct number of trees
-issue#3858: Tree sequences can sometimes skip numbers during resorting
-issue#3862: Guest user selection should not allow setting the currently logged in user
-issue#3864: Links in Table Headers do not show clearly when in modern theme
-issue#3868: Under some cases tree logic leads to undefined index errors
-issue#3869: Cacti Data Debug can show errors if the Data Source is damaged or has been removed
-issue#3871: When importing a data query, an invalid column name error can sometimes be shown
-issue#3874: When using shift functions on graphs, negative values are not allowed
-issue#3881: Correct issue when file is unreadable reporting no file was specified
-issue#3883: Orphaned Plugins have no option to be removed
-issue#3884: Update MySQL recommendations for Character Set and Colation
-issue#3888: Correct sorting of IP addresses to be numeric not alpha
-issue#3890: Saving a device should not always repopulate the poller cache
-feature: Update FontAwesome to Version 5.14

1.2.14
-issue#3676: Device not showing up in device page but showing up in Monitor tab
-issue#3678: More or Equal incorrect highlighting max_heap_table_size and tmp_table_size
-issue#3694: Spikekill `percent` is converted from percent to decimal twice, making it 1/100 of the true size
-issue#3713: When sorting data debug checks by user, no results are shown and errors recorded
-issue#3719: When tooltip is too long, the scroll bar exists, and cannot be scrolled, which makes the tooltip be hided
-issue#3723: Improper escaping of error message leads to XSS during template import preview
-issue#3728: Invalid uptime is not handled properly
-issue#3737: Poller functions may not run if 'processes' table is missing
-feature#3615: Poller keeps using old IP address for a device

1.2.13
-security#3544: jQuery XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023)
-security#3549: Lack of escaping on some pages can lead to XSS exposure (CVE-2020-23226)
-security#3582: Update PHPMailer to 6.1.6 (CVE-2020-13625)
-security#3622: SQL Injection vulnerability due to input validation failure when editing colors (CVE-2020-14295)
-security#3628: Lack of escaping on template import can lead to XSS exposure
-issue#3517: When generating reports, function looping can occur resulting in 100% cpu usage
-issue#3525: When viewing Graphs, zoom functionality prevents drag and drop of image
-issue#3527: When using 95th Percentiles, undefined index errors can be generated
-issue#3532: When using Realtime, if no graph contents are present an error is generated
-issue#3533: When exporting data, Start date for RRDfile does not match start date of first data row
-issue#3536: When using Navigation Menu, Show/Hide in Response mode does not always work
-issue#3538: When using Realtime, race conditions between browser and function loading can occur
-issue#3543: When exporting CSV data, Unicode prefix is not properly set
-issue#3551: Authentication can fail when using Web Basic Authentication and Template User
-issue#3553: When attempting to view an aggregate graph that does not exist, many errors are generated
-issue#3563: Current orphan handling disrupts graphing transient indexes
-issue#3566: Automation incorrectly attempts to use MacTrack to duplicate options
-issue#3567: When Boost runs, locks are not always released properly and crash is detected
-issue#3569: Invalid font results in large number of log entries
-issue#3571: Correct various runtime errors due to incorrect message variables
-issue#3574: Saving Graph Template Items take a long time on large systems
-issue#3577: Hosts are being incorrectly filtered when first displaying with filter set to all
-issue#3579: Graphs can incorrectly show as 'Empty Graph'
-issue#3581: Realtime graph window is not resizing properly
-issue#3588: Validation warnings are generated when viewing/editing devices
-issue#3594: Automation hangs for certain schedule types
-issue#3595: Template to Device sync text is not consistent
-issue#3596: When importing template, resources aren't checked properly
-issue#3597: Template to Device sync provides no feedback
-issue#3598: When editing graphs and graph templates, back button results in broken page
-issue#3599: When downgrading, templates are fully selected for install
-issue#3601: When a device is down, instate can show wrong time
-issue#3607: When session timeout occurs, subsequent authorized access to areas can become blocked
-issue#3611: Allow CHANGELOG to be viewable from the GUI
-issue#3613: When modifying trees, devices and graphs lists ignore Autocomplete Rows setting
-issue#3614: When section tabs wrap, the title of the first section can become obscured
-issue#3624: When previewing graphs, sometimes the images fail to appear
-issue#3629: Log files are not rotated properly on remote pollers
-issue#3631: Command line scripts do not allow an unlimited runtime causing timeouts
-issue#3632: When mysql connection fails, various unexpected errors are recorded
-issue#3635: Automate generates undefined index errors when communicating with remote pollers
-issue#3639: When updating a device, duplicate entry errors occur when inserting to the database
-issue#3646: Adding datasource fails from CLI due to missing function
-issue#3651: Editing any item on an Aggregate Graph that has been converted to a normal graph breaks entire graph
-issue#3655: Rare race condition between Boost and Poller can result in unexpected missing table errors
-issue#3659: When viewing logs, unexpected 'needle' errors can be seen on rare occasions
-issue#3663: Disabling a Data Collector can cause unexpected errors
-issue#3668: When Input Field is in error, message reports field will be highlighted which is incorrect
-issue#3669: When adding an Input Field, the Input Method can be renamed unexpected
-issue#3673: Spikekill does not receive correct `avgnan` value when launching from GUI
-issue#3676: Device not showing up in device page but showing up in Monitor tab
-issue#3681: Item movement arrows do not properly align on all themes
-issue#3682: When in 'Time Graph View' mode, Zoom features do not work correctly
-feature#3611: Allow CHANGELOG to be viewable from the GUI
-feature#3647: When adding datasource fails from CLI, created Datasource ID should be printed
-feature#3666: Update jstree.js to 3.3.10
-feature#3688: Update phpseclib to 2.0.28

1.2.12
-security#3467: Lack of escaping of color items can lead to XSS exposure (CVE-2020-7106)
-issue#3422: When Graph Item is not linked to a data source, Comments do not always get variables substituted correctly
-issue#3424: Hosts are being incorrectly filtered when no location filter is set
-issue#3427: When exporting to a CSV with unicode characters, contents can become garbled
-issue#3429: When using SNMP v3, Automation can report extraneous warnings
-issue#3432: Rare race condition exists when both boost and dsstats enabled
-issue#3434: When attempting to exploit Cacti using alert, unexpected errors can be seen
-issue#3436: Unable to login due to incorrect default of Cookie Domains in config.php.dist
-issue#3438: When upgrading to 1.2.11, installer can appear to stop at 42%
-issue#3447: SNMP Issues on recent version of PHP
-issue#3449: When viewing the installation wizard's directory permission step, items are overlapping unexpectedly
-issue#3450: When installing Cacti under XAMPP and PHP 7.4, exceptions are being recorded and installation fails
-issue#3452: New Content-Security-Policy prevents External Links from being opened
-issue#3454: Cacti's Reports are not displaying messages correctly
-issue#3457: Graphs can not properly handle negative axis values
-issue#3459: When installing a new remote poller, connection tests can incorrectly fail
-issue#3460: Addtional changes to allow plugin folder/display names to be handled better
-issue#3462: Increase default memory limit for cli scripts to prevent runtime memory issues
-issue#3463: When listing VDEF's, selecting 'has graph' can cause unexpected exceptions in logs
-issue#3468: Graph rules cannot be created for automation
-issue#3474: The SSL option to set the SSL_CA should be optional for Client Connections
-issue#3477: Boost leaking memory when a large number of Data Sources disabled
-issue#3478: Reindexing can sometimes run longer than expected
-issue#3479: When viewing the Data Query table interface, the Data Input Method should be right aligned
-issue#3483: When recording log entries, cacti should default to hyphenated date format
-issue#3484: When editing SNMP v3 passwords, previous setting is not obfuscated
-issue#3488: In automation, when viewing an 'SNMP option set', the private passphrase is in clear
-issue#3495: When installing templates, default 'all' selection will reset all existing graphs, removing customisations
-issue#3496: Graph Items can show a double percent sign incorrectly
-issue#3502: When viewing Graphs, can not switch between list, preview and tree submodes
-issue#3504: Viewing graphs before the poller has run for the first time can produce unexpected errors
-issue#3505: When viewing graph previews, clicking Go or Refresh prevents calendars from working
-issue#3506: After successfully logging in, a user can become automatically logged out again
-issue#3507: Changes to JavaScript's Storage API cause exceptions to be thrown
-issue#3510: Only guests can actually guest only pages, logged in users are denied access incorrectly
-issue#3512: When plugins update, registered files list cannot always be updated
-issue#3520: When viewing graphs, shifting time does not work when using non-english languages
-issue#3576: LDAP Authentication succeeds, but login fails due to bad session handling
-issue#3629: Log files are not rotated properly on remote pollers
-feature#3480: Created 'custom_denied' hook to allow customisation of permission denied notifications
-feature#3498: Update js.storage.js to 1.1.0
-feature#3499: Update jstree.js to 3.3.9
-feature#3500: Update phpseclib to 2.0.27

1.2.11
-security#1566: Add SameSite support for cookies
-security#1985: Cookie should be properly verified against password
-security#3342: CSRF at Admin Email
-security#3343: Improper Access Control on disabling a user.
-security#3414: Update to jQuery 3.4.1 to resolve XSS issues with jQuery 3.3.1
-issue#2265: When attempting to save Graph field, query_ifSpeed is not properly validated
-issue#2400: Allow ability to duplicate site settings
-issue#2428: Make plugins non-case sensitive for folder names, whilst allowing nicer display names
-issue#2580: When running DSSTATS, system isn't properly detecting that another is already running
-issue#2853: Discovered Devices filtering do not include snmp description or name
-issue#3231: Allow user to unlock a tree that has been locked for editing by another
-issue#3237: Report gets resent every poller cycle
-issue#3247: Language source files do not update "PO-Revision-Date" attribute
-issue#3261: Automation rules aren't run for new devices on remote data collectors
-issue#3296: Bad PHP memory limit values can result in failed upgrades
-issue#3299: When using php-snmp and setting SNMPv3, warning is now shown as library does not support it properly
-issue#3303: When installing under Windows OS, path expansion is not converted to PHP required format
-issue#3310: When using 32-bit OS, automation errors can be seen due to subnet mask calculations
-issue#3312: Console menu does not auto-expand for graph item editor page
-issue#3313: When installing, multiple issues can be seen due to bad packages
-issue#3314: Script Server has invalid debug code left in
-issue#3317: Warnings can appear from CSRF Magic library due to multiple token values being found
-issue#3319: Errors can occur upgrading from 0.8.x due to incorrectly detected data source profile id
-issue#3322: When searching for LDAP accounts, allow recursive searching
-issue#3330: Packages that are not properly formatted can cause installation issues
-issue#3334: When upgrading from 0.8.x Automation SNMP Options should be populated
-issue#3335: Unable to hide Device based Aggregate Graphs on Tree
-issue#3336: Plugins need the ability to relax some content security policies in order to work properly
-issue#3340: Undefined variable warning can appear when using 95th percentile graphs
-issue#3341: MoTranslator does not appear to be handing null values properly
-issue#3345: When attempting to refresh datetime picker, unexpected results can appear
-issue#3346: When attempting to rewrite octet strings, extra space breaks pattern matching
-issue#3348: When attempting to handle Orphans and/or Sync Graphs, results are not as expected
-issue#3349: Prevent setting the PHP variable max_input_vars since it is read only
-issue#3350: When editing a data source template, inconsistent results can be seen due to database query
-issue#3355: When viewing raw graph data via the GUI, values are not always calculated correctly
-issue#3357: Tree Search textbox resizes to 0 in some cases
-issue#3360: When using guest accounts, after several timeouts result in refreshes, guest becomes logged out
-issue#3363: The current user and user group permissions pages are not responsive
-issue#3367: When Data Queries timeout, data is removed from the Host SNMP Cache table causing issues
-issue#3368: Saving a Graph Template Item fails due to missing includes
-issue#3373: When logging in via LDAP, ActiveDirectory would sometimes report insufficient access
-issue#3375: When polling more often than default period of collecting data, distribution of collected data was not occurring
-issue#3376: Improve speed when recovering from a poller from offline state
-issue#3378: When attempting to check whether to include MoTranslator, typo makes it appear unavailable
-issue#3380: php error when trigger threshold sendmail
-issue#3386: Second data collector shows as running when its has no items to gather
-issue#3387: Minor corrections to CSRF Magic
-issue#3388: Naming of CLI programs does not always match name used within syntax usage advice
-issue#3390: Incorrect breadcrumb bar if current tab is not "Graphs"
-issue#3402: Cacti scores low on performance audit on lighthouse audit
-issue#3408: CSRF Secret path is not passed properly when attempting to initialize secret
-issue#3409: Issues with navigation link activations to other base Cacti pages
-issue#3410: Zoom looses focus in advanced mode while crossing chart border
-issue#3411: When upgrading a primary server, full synchronization is not happening as expected
-issue#3412: When upgrading a primary server, automation templates are removed
-issue#3413: When upgrading and choosing to upgrade your packages, installer finishes without package data in log
-feature#1551: Allow system uptime to be a variable for use with graphs
-feature#1990: Plugin Realm should have a 'role' to help maintain changes between plugins
-feature#2110: Add Refresh Interval to Data Collectors display
-feature#2156: Add Location based filtering
-feature#2236: Allow for Purging of Data Source Statistics from the GUI
-feature#2268: Restore ability to duplicate a data profile
-feature#2534: Enhance table navigation bars to support systems with larger number of items
-feature#2688: Increase length of Graph Item 'value' field to support pango-markup better
-feature#3304: Allow Basic Auth Accounts to be mapped by CSV file
-feature#3366: Make form elements under checkbox_groups flow using flex grid style
-feature#3374: Set the domain attribute to secure cookies for the 'remember me' option
-feature#3403: Enhance the "Graph Debug Mode" to display RRDtool Command lengths and excess warnings

1.2.10
-security#3285: When guest users have access to realtime graphs, remote code could be executed (CVE-2020-8813)
-issue#3240: When using User Domains, global template user is used instead of the configured domain template user
-issue#3245: Unix timestamps after Sep 13 2020 are rejected as graph start/end arguments
-issue#3246: When upgrading with remote collectors, sync status does not always return properly
-issue#3250: When PHP memory limit is set to -1, recommendation value fails
-issue#3253: Upgrade can stall when checking permissions on csrf-secret.php
-issue#3254: Installer shows script owner rather than running user for suggested chown command
-issue#3266: When setting User Groups to 'Defer to the User', setting can lead to user being told they have no permissions
-issue#3269: When searching Graphs under a Chinese language, an unexpected error as sometimes shown
-issue#3274: When editing a tree, multiple device drag/drop does not work
-issue#3276: When spine aborts, script server can be left wanting or generating unnecessary logs
-issue#3277: When boost does not find an initial time, numeric errors can be raised
-issue#3281: When changing Graph Template options, incorrect image format may be selected
-issue#3282: Graph's can be sized incorrectly if image is SVG format
-issue#3283: When setting a file path, valid characters not recognised properly
-issue#3287: When using graph template 'Cacti Stats - User Logins', an incorrect count of invalid users can be seen
-issue#3288: When on Device page, pressing 'Go' on the filter caused Device New menu pick to appear
-issue#3289: When using CMD.PHP, poller id is not always shown properly
-issue#3290: When using CMD.PHP, inconsistent device logging levels may occur
-issue#3298: When initialising fields in JavaScript, text/textarea elements have width set to zero if it is hidden by parent
-issue#3302: Editing a Graph Template does not show the Data Template name

1.2.9
-security#3191: Lack of escaping on some pages can lead to XSS exposure (CVE-2020-7106)
-security#3201: Remote Code Execution due to input validation failure in Performance Boost Debug Log (CVE-2020-7237)
-issue#2937: Devices still show in lists despite being deleted
-issue#3038: When editing an aggregate on smaller screens, layout may not be correct
-issue#3136: Upgrade may fail between 1.2.7 and 1.2.8 if incompatible database format used
-issue#3142: Chrome sets graphs tree navigation view to width 0px
-issue#3146: Unable to create aggregate graphs on new installations
-issue#3149: After refresh of page, tooltips stop working
-issue#3150: When using Time Graph View, Zooming can cause errors
-issue#3151: Passing glue string after array is deprecated in PHP 7.4
-issue#3155: Aggregate does not correctly follow color template when reordered
-issue#3156: On new installs, gprint_format was missing from table aggregate_graphs
-issue#3157: Back button not working properly with Classic theme
-issue#3158: Classic theme show only 3 tabs on mobile device. Don't show Console menu
-issue#3159: PHP Memory is not correctly identified when value is not in megabytes
-issue#3161: When the poller_output_boost table is missing, recreate it before a poller run
-issue#3163: When using RPMlint, Free Software Foundation address is shown to be incorrect
-issue#3165: Zoom looses its focus after all graphs on page rendered
-issue#3166: When changing zoom level, graphs are resized inappropriately at the end
-issue#3167: Installer should initialize the csrf-secret.php file automatically
-issue#3168: sqltable_to_php.php script does not pick up row_format
-issue#3177: Remove legacy plugin hook that presents potential 3rd party security issues
-issue#3178: The change password page is not displaying the rules
-issue#3180: Receiving undefined index errors when working with some Data Queries
-issue#3181: When configuration file is unreadable, Cacti shows database connection errors if non defaults are needed
-issue#3182: When a database connection error occurs, there is no way to report actual error
-issue#3184: Improve program path detection by using system path and PHP_BINDIR
-issue#3193: Starting with MySQL 5.7 some sql_mode variables are required for some plugins
-issue#3196: Minimize use of eval() in JavaScript due to emerging Content-Security-Context guidelines
-issue#3200: Unable to mass change Graph Template image format in mass
-issue#3206: Converted aggregate graph cannot be edited
-issue#3209: Error occurs when Creating New Graphs through Automatically Added Devices using Sync Device Template
-issue#3216: When editing a Data Source Profile size is shown as 'N/A'
-issue#3224: When removing graphs by command line, regex is not properly validated when empty
-issue#3225: Unable to Import Templates due to invalid dependency hash
-issue#3226: When processing secpass login, failed logins are not recorded
-issue#3228: Login page does not remember the last realm used by user
-issue#3232: When editing HRULE and VRULE items, color selector was not presented
-issue#3233: When working with non-templated graphs, it can be difficult to determine what items represent
-issue#3235: Transient errors may occur with table poller_output_boost_arch

1.2.8
-security#3025: CVE-2019-17357 When viewing graphs, some input variables are not properly checked (SQL injection possible)
-security#3026: CVE-2019-17358 When deserializating data, ensure basic sanitization has been performed
-security#3066: When using HTTPS, secure cookie to prevent potential weakness
-issue#1228: Any tree or branch with a long name force main content off screen
-issue#2133: Long snmp_indexes are being cut off
-issue#2888: Long hostnames cause template filter to go off page
-issue#2987: Changing Color Template does not update Aggregate
-issue#2989: Allow Remote Data Collectors to maintain their own path variables
-issue#2991: Cacti Statistics device template can generate unexpected errors
-issue#2995: When editing a report, column setting may be ignored incorrectly
-issue#2996: When editing a user, graph options do not properly reflect previously saved settings
-issue#2998: Session performance issues due to excessive use for database storage
-issue#2999: Blank arguments can lead to extra spaces in script arguments
-issue#3006: Boost generates undefined variables warning during poller run
-issue#3011: i18n logging does not check write permission exists
-issue#3012: When viewing realtime graphs, some input variables are not properly checked
-issue#3013: Allow legends to be modified for Aggregate Graphs
-issue#3017: Automation network range with spaces fails validation
-issue#3019: User selected language is not always adhered to
-issue#3021: Tree view cuts off at the bottom of page on modern theme
-issue#3023: When clicking highlighted tab, side panel is not always shown/hidden correctly
-issue#3027: Aggregate Graph re-ordering does not work
-issue#3028: When zooming a graph, unable to reach edge of graph without losing focus
-issue#3030: Pace continues to run even after a page is finished rendering
-issue#3032: Graphs may select MAX instead of AVERAGE as consolidation function even if there is no item with MAX present.
-issue#3035: When editing a tree, can not remove entries due to CSS bug
-issue#3037: When emptying poller output using cli, debug functions are not properly included
-issue#3039: Allow packagers to be able to specify an alternate location of csrf-secret.php file
-issue#3040: When running automation, discovery can still run even if cancelled
-issue#3041: When running automation, scans do not always respond to being cancelled
-issue#3042: When running automation, scan can fail when selecting remote pollers
-issue#3045: When viewing Aggregate Graphs, an error due to undefined referrer may occur
-issue#3047: When saving settings, ignore remote pollers who have not checked in recently
-issue#3050: When viewing graph trees, some input variables are not properly checked
-issue#3052: When editing CDEF's, slow database performance can occur
-issue#3053: When viewing graph thumbnails, some input variables are not properly checked
-issue#3055: During install/upgrade, database tests are not performed correctly
-issue#3059: When using nth_percentile, correct value is not always returned if using MAX consolidation
-issue#3060: When upgrading from older MySQL databases, format is not changed from compact to dynamic
-issue#3061: When running automation, allow SNMP to be used as a ping method
-issue#3068: When administrating users, some input variables are not properly checked
-issue#3070: Improve database logging when a crashed table is encountered
-issue#3073: Automation network range does not always produce the correct start/end values
-issue#3078: When viewing graph debug from remote data collector, File Not Found warnings can appear incorrectly
-issue#3079: Allow domain names to be stripped from a device's long description
-issue#3080: Remote Agent throws warnings that graph_nolegend has not been sanitized
-issue#3085: When editing a poller, ensure each listening IP is unique
-issue#3081: External Links are not showing a glyph when they appear on the Console menu
-issue#3089: When viewing graphs in realtime, undefined variable can be logged for 95th Percentile graphs
-issue#3099: Graph template 'Linux - Memory Usage' has the wrong unit on its vertical_label
-issue#3101: Polling times can be slightly inconsistent due
-issue#3104: When viewing graphs, a byref error can be seen in the error logs
-issue#3105: When viewing hosts, some input variables are not properly checked
-issue#3111: When adding devices via command line, bad SNMP versions are not reported
-issue#3112: When zooming on Graphs, too many requests are being made causing slowness
-issue#3114: Support for USB devices that change name due to their hosts restarting
-issue#3118: When converting tables, the dynamic row format should be selected
-issue#3119: Main Data Collector should perform a Full Sync whenever it is installed/upgraded
-issue#3120: Correct issues causing incompatibility with PHP 7.4
-issue#3121: When converting tables during install, show what will be changed
-issue#3123: Named colors table is not properly imported/upgraded
-issue#3124: When a second data collector is added, boost is not enabled automatically
-issue#3128: i18n handler checks for existence of wrong mo file
-issue#3129: Logout repeated occurs even when already logged out
-issue#3132: Installer fails to continue if automation range is array of networks
-issue#3098: Support percent sign(%) in graph gprint item like legend area.
-feature#3077: Allow disabling remote poller resource cache replication to support upgrade testing

1.2.7
-security#2964: CVE-2019-16723 Security issue allows to view all graphs
-issue#1181: When opening the Scheduler, it may appear off screen when opened near the bottom of a window
-issue#2894: When using Remote Data Collectors, database information and recommendations may show Incorrect values
-issue#2895: When using data sources from different RRDs, Percentile calculation may be incorrect
-issue#2899: When displaying a form, variable substitution may not always work as expected
-issue#2922: When running a data query, the result may come back as undefined
-issue#2925: When using consolidation functions, retrieving the first step can cause errors
-issue#2926: When editing a graph, variable validation errors may prevent changes from being saved
-issue#2929: Boost performance may become poor even in single server mode
-issue#2930: RRDtool can generate errors to standard output which can corrupt images
-issue#2932: When RRDTool generates an error creating an image, it is not always reportedly properly
-issue#2936: Installer will loop when number of tables exceeds PHP's max_input_vars limit
-issue#2938: Under CentOS packages, upgrade_database.php script uses incorrect location for DB upgrade scripts
-issue#2940: Images are not always properly sized until the page size changes
-issue#2949: Order icons may not be properly aligned
-issue#2951: Allow legends to be modified for Aggregate Graphs
-issue#2958: Drop down autocomplete lists do not always open as expected
-issue#2961: When syncing device templates, undefined function may be raised
-issue#2963: When running ss_cpoller script, avgTime incorrect returns maxTime
-issue#2966: Realtime popup windows do not always honor settings
-issue#2967: When using Spikekill, gap and range fill are not operating as expected
-issue#2970: When a user edits their profile, buttons may appear as unusable whilst still being enabled
-issue#2973: User menu does not always display properly on mobile devices
-issue#2974: Script Server can raise unexpected warnings when 'arg_num_indexes' set but not found in data source
-issue#2975: Datasource Debug does not properly handle European numbers in certain circumstances
-issue#2976: Boost messages should be stored in their own log file
-issue#2977: Data updates with past timestamps can cause boost errors
-issue#2978: Moving hosts between data collectors is slow
-issue#2979: Multi Output Fields are not parsed correctly
-issue#2984: When checking SQL fields, value was not always primed
-issue#2986: Selecting 'Devices' menu pick closes 'Management' menu
-feature#2943: Allow all Data Queries of a device to be re-indexed at once
-feature#2952: If device is down or threshold breached, highlight in tree view
-feature#2985: Update phpseclib to 2.0.23

1.2.6
-issue#2794: Graph template not saved on graph edit
-issue#2825: "innodb_doublewrite = off" possibly dangerous recommendation
-issue#2829: PHP recommendations always see memory limit as unlimited
-issue#2830: Disabled Top/Bottom external links should not be displayed
-issue#2832: Install/Upgrade log does not show anything
-issue#2833: Undefined index can occur when data source does not have an snmp_index
-issue#2834: Boost performance drops on very large systems
-issue#2835: When creating graphs and inneficient query is causing long creation times
-issue#2837: Sunrise theme does not render checkboxes 100% correctly
-issue#2838: jQueryMultiselect does not match upstream due to forking
-issue#2839: Non regular expression search filters don't support international characters
-issue#2841: Total count is wrong after searching for External Link pages
-issue#2843: DSStats reruns Daily Aggregation every minute
-issue#2844: Autocomplete settings for passwords are not properly defined
-issue#2845: Data Template can't be edited when it is in use
-issue#2846: Allow tooltips for section headers with 'question' icon
-issue#2847: Permanently convert an Aggregate to a regular graph
-issue#2848: Aggregate graphs get clipped due to incorrect date range
-issue#2856: Aggregate issues with very long RRDtool command lines
-issue#2857: When trying to find the best index to use, a 'must implement Countable' warning appears
-issue#2860: When testing remote poller connections during install, undefined variable warning can occur
-issue#2862: Automation does not calculate network information correctly for single hosts
-issue#2866: Add poller ID to subject for admin notifications
-issue#2869: When creating aggregates from Graphs, JavaScript issues can occur
-issue#2872: Add support for MySQL 8 and use of grouping as name for a column
-issue#2875: Undefined variable when removing spikes in some cases
-issue#2877: When attempting to send report, undefined function 'get_tinespan' messages appear
-issue#2878: Function get_magic_quotes_gpc() is now deprecated in PHP 7.4
-issue#2879: Switching from authPriv to authNoPriv produces error when saving
-issue#2884: Replication continues to occur when poller has been disabled
-issue#2891: Script server script ss_fping.php generates error when not called by script server
-issue#2901: Poller overrun warning message is badly worded
-issue#2902: Mailer incorrectly reports it is sending to noone
-issue#2903: PHP recommendations can generate a warning causing JSON issues
-issue#2905: Sorting plugins by version can lead to unexpected ordering
-issue#2907: SSL column for multiple pollers can be incorrectly set causing SQL errors
-issue#2908: When URL_PATH is blank, it should assume that it is '/'
-issue#2909: Correct usage of affect vs effect in strings
-issue#2910: Can not show user menu when in portrait mode on mobile devices
-issue#2911: Graph variables are not always encoded to JSON properly resulting in warnings
-issue#2912: Navigation cache can sometimes be corrupted resulting in a non-array value
-issue#2913: When adding new graphs, the type of graph is not remembered
-issue#2917: Action icons next to graphs can sometimes become unselectable due to zoom
-issue#2919: When refreshing menu, selected items are sometimes lost and submenu items can become hidden

1.2.5
-issue#1978: Popup Menus can appear off screen when using Graph Thumbnails
-issue#2282: Installation wizard does not detect RRDtool version correctly
-issue#2524: When editing a tree, Drag and Drop of Devices does not always work as expected
-issue#2573: Associated Graph Template for Data Query can sometime disappear
-issue#2656: GPRINT text_format does not replace Data Query and Host Fields
-issue#2661: Automation does not always calculate network range/subnet correctly
-issue#2663: Some legacy Data Queries can not determine their index order causing broken graphs
-issue#2674: Large strings can sometimes cause language translation can fail
-issue#2719: Automation may sometimes create empty graphs
-issue#2721: When replacing '|input_xxxx|' strings, undefined index can occur
-issue#2722: Calls to _db_replace() are not consistent resulting in warnings
-issue#2723: When replicating to remote pollers, Undefined Variable errors may be seen
-issue#2724: When graphing HRULE items, 'Only Variables should be passed by reference' error may be seen
-issue#2725: When viewing logs in utilities, filenames should be limited the same as clog
-issue#2726: During Automation logging, include the Rule ID that triggers the creation of an item
-issue#2732: When using basic authentication, automatically strip any @domain information
-issue#2734: Allow non-english labels to be used on Graph Templates
-issue#2727: When using Polling Hosts Template, warnings can be issued when CMD.PHP is the poller
-issue#2733: When processing SNMP data, space delimited hex strings do not always convert into MAC addresses
-issue#2735: Mouse cursor should show as default pointer if column is not sortable
-issue#2736: When using MySQL 8 or above, 'function' is considered a reserved word unless quoted
-issue#2741: Various errors can occur due to undefined or incorrect variable names
-issue#2742: Various errors can occur due to undefined or incorrect variable names
-issue#2743: Attempts to close a tooltip when no tooltip has been set may cause errors
-issue#2744: When changing password, undefined index error can occur if user is not logged in
-issue#2748: If PHP location setting is invalid during install/upgrade, this should be notified on modules page
-issue#2750: When performing multiple sort, highlighting of content occurs
-issue#2751: When editing a Tree, display filter may not allow 'All' option to work
-issue#2752: When running verbose query on device, you are unable to copy text from items
-issue#2753: Unable to copy entire verbose query using clipboard command
-issue#2757: Page Navigation can be subject to XSS injection
-issue#2758: Various sensitive directories are browsable if web server directory browsing is enabled
-issue#2760: Unable to add items into a report
-issue#2762: Creating an aggregate graph can sometimes fail due to unknown RRD tools error
-issue#2766: When modifying Aggregate Templates, changes are not always cascaded to Graph
-issue#2768: Aggregate Graphs may sometimes show the wrong row count
-issue#2770: ItemType is not updated when saving Report Items
-issue#2772: Add tooltip support to html_header() and html_header_checkbox()
-issue#2775: Remote pollers may sometimes fail to replicate data back to main system
-issue#2777: Attempting to edit a non-existent report generates an error
-issue#2778: When rendering graphs, resizing can sometimes occur repeatedly
-issue#2779: On new installations, automation rules for Interface Graphs are broken
-issue#2780: Upgrade database script not actually upgrading Cacti
-issue#2782: When replicating the syslog plugin, the configuration file is ignored causing errors
-issue#2783: When limiting the number of displayed characters, international characters may sometimes display incorrectly
-issue#2784: When removing a device with graphs but no data sources , errors are generated
-issue#2785: When editing a graph rule, warnings incorrectly appear about unsaved changes
-issue#2792: When a checkbox 'friendly name' has a comma, checkbox functionality stops working
-issue#2797: When upgrading from before 1.x, SuperLinks view permissions may not be correct
-issue#2799: Under heavy use of Real Time Graphs, SQL errors may start appearing
-issue#2800: When editing a tree, using a comma in the search field stops search from working
-issue#2802: If a Device lacks ifName, an alternative field is not always found even if available
-issue#2807: When editing a Data Template that has dependant graphs, some attributes should not be modifiable
-issue#2808: When navigating a tree, the layout may unexpectedly move
-issue#2814: When viewing the utilities page, HTML tags may be seen rather than rendered
-issue#2816: When viewing logs, paging does not always working correctly
-issue#2818: Automation can sometimes incorrectly add duplicate devices with the same sysname
-issue#2820: When path is blank, is_resource_writable() will generate 'Uninitialized string offset: -1'
-issue#2821: When the desired locale can not be located, a number format issue may occur
-feature#2728: Update phpseclib to 2.0.17
-feature#2809: Update c3.js & d3.js
-feature#2730: Update jstree.js to 3.3.8
-feature#2754: Allow Devices, Graphs and Data Sources to be searched by ID
-feature#2765: When editing a tree, allow cascading selection of available graphics
-feature#2805: Merged plugins are not always upgraded correctly
-feature#2823: Enhance the splice_rrd.php to be able to merge RRDfiles of differing step

1.2.4
-issue#2523: Send A Test Email stops working under PHP 7.3
-issue#2589: Missing RRD file can cause DSSTATS to throw errors
-issue#2590: When installing, chosen language is sometimes lost
-issue#2591: Menu selection does not always match selected page/section
-issue#2592: When viewing an aggregate graph, 'Display graphs from this aggregate' option does always not work
-issue#2593: Unable to migrate aggregate graphs to matching aggregate template
-issue#2598: Creating an aggregate graph without associated template causes RRDtool error
-issue#2599: Creating/Updating an Aggregate Graph to use LINE/STACK's generates invalid SQL statements
-issue#2604: When adding a dataquery, SQL errors can be generated
-issue#2605: When installing, checking database tables can cause errors
-issue#2608: db_update_table() function should not require an engine type or comment
-issue#2609: When updating from earlier than 1.2, timezone column might not exist
-issue#2610: Data Sources troubleshooter generates warning that each() function is deprecated
-issue#2612: When RRDtool fails to initialize, DSStats generates lots of warnings
-issue#2618: ifAdminStatus in snmp_queries/interfaces.xml
-issue#2621: File paths that accept blanks are not allowing blanks
-issue#2622: Various undefined variables generate errors within database.php
-issue#2623: When using form_text_area(), invalid HTML can be generated
-issue#2627: Some filenames can be lost in log file selection list
-issue#2629: When upgrading, ldap library is not loaded properly due to incorrect paths
-issue#2632: Automated Networks are not being properly replicated to additional pollers
-issue#2635: When running automation scans, database connection should be forced to central database
-issue#2638: Support disabling PHP SNMP extension
-issue#2645: Some URLs are incorrectly calculated
-issue#2649: Automation not creating graphs when there are custom items
-issue#2650: Several undefined variables are generating warnings
-issue#2662: HRULE objects broken in some cases
-issue#2668: Trailing parentheses are removed from the SNMP system description
-issue#2672: Cacti Install on Windows Fails
-issue#2676: Skin paper plane not working on iPhone XR
-issue#2678: Call to undefined function _() in data_queries.php
-issue#2679: Users with passwords that do not meet complexity requirements are not redirected to the Change Password page
-issue#2680: Remove deprecated $php_errormsg usage
-issue#2689: Increase boost maximum memory limits
-issue#2693: Graph links do not contain URL path causing links to fail
-issue#2698: Avoid duplicated icon in the main.js of all themes
-issue#2699: Login option "Show the page that user pointed their browser to" does not work properly
-issue#2702: sqltable_to_php.php does not always generate valid table data arrays
-issue#2707: Some pages that have permission errors dont raise proper messages
-issue#2712: PHP memory should be unlimited in scripts that need more memory than the default
-issue#2713: SNMP System Description with UTF8 strings properly are not properly parsed
-issue#2718: When links are converted to ajax calls, mailto links should not be included
-issue#2720: When calculating percentiles, the value is incorrect as the steps are not placed in correct order
-issue#2822: When stderr log file is not populated, clog generates 'empty needle' error
-feature#2538: Allow users to change default method of removing data sources when deleting graphs
-feature#2539: Allow users to set the default graph lock status
-feature#2540: Allow users to enable/disable graph tree history
-feature#2646: Allow application of automation rules on CLI
-feature#2654: New hook to notify plugins of user profile changes ('auth_profile_update_data')
-feature#2664: Add option to purge spikekill backups
-feature#2701: Provide option to continue graphing objects that loose their index
-feature#2704: Device and template cache do not refresh properly

1.2.3
-issue#1063: Tree View does not display the last item correctly under 'Modern' theme
-issue#2282: Install Wizard does not Detect RRDtool Version on Windows
-issue#2430: "New Device" menu item showing as selected incorrect when "Devices" clicked
-issue#2435: Tree View becomes narrower and narrower when expanding/collapsing nodes with long names
-issue#2449: Index incorrectly changed to 1 if the index is alphanumeric when OID/REGEXP: or OIDVALUE/REGEXP:
-issue#2452: Missing 'getSNMPQueries()' function when calling add_data_query.php
-issue#2453: When running add_graphs.php, cannot retrieve list of valid snmp values
-issue#2460: sqltable_to_php.php does not export 'default' value of columns correctly
-issue#2456: When attempting to display actions that can be taken, having no actions caused error
-issue#2457: When creating a graph, undefined function prevents confirmation from appearing
-issue#2459: ss_host_disk.php attempts to return an empty array instead of a string
-issue#2463: Partial Fix: Display zombie data sources without graphs
-issue#2464: When viewing a User's effective permissions, disabled devices should show denied
-issue#2465: Too many groups hide effective permission column when viewing User's effective permissions
-issue#2466: Manual data source creation is broken
-issue#2469: When using Matching Objects filter within Automation Graph Rules, unexpected redirect occurs
-issue#2471: When Creating a new Graph Template, clear the Graph Template permissions cache
-issue#2472: Bad navigation items cause Array to string conversion errors
-issue#2474: REGEXP_SNMP_TRIM does not handle Gauge fields properly
-issue#2475: When resetting filters, multiple sort session variables do not always reset properly
-issue#2476: When using CMD.PHP for polling, device polling time is not updated
-issue#2477: When saving a Data Input Method, Output Field name changes to incorrect value
-issue#2478: When saving a LINEX type Graph Item, the Line Width value is too restrictive
-issue#2479: RPN function select list should be sorted when editing CDEF and VDEF's
-issue#2480: RRDtool versions in Cacti not granular enough
-issue#2482: When upgrading past 1.1.34, upgrade attempts to drop a non-existing primary key
-issue#2491: Data Source Info suggests commands RRDTool can't honor
-issue#2492: When data templates are filtered by profile, data source list does not get same filter applied
-issue#2493: Data Source Info is not separated properly
-issue#2494: User Login History is not fully enabled for translations
-issue#2497: When linking to Graphs, unless both start and end are specified, only defaults are used
-issue#2499: Data Source reapply names does not update name from data query or template.
-issue#2500: Allow Data Source repairs from the Data Source Debug and Data Source Info pages
-issue#2502: Unable to have a min or max value for RRDfile at zero '0'
-issue#2503: The Cacti Statistics Device Template is not include in release
-issue#2509: When checking for correct Unicode, minimum MySQL version is incorrect
-issue#2513: When a plugin INFO file is malformed or missing elements, plugin_load_info_file() should fill missing elements with defaults
-issue#2519: When editing a data query, graph template picker shows poor performance
-issue#2518: Unexpected errors when filtering Data Sources with invalid 'rows' value
-issue#2522: When upgrading from pre-1.0.0, colors were not upgraded properly
-issue#2525: Tree branches that includes sites which have valid devices do not appear on Graph Tree
-issue#2527: When importing a package, if Cacti version is below the version which that exported, a clear message should be shown
-issue#2531: When updating color template items, the table name used is incorrect
-issue#2532: Ensure Graph ListView table is displayed in line with Management -> Graphs
-issue#2535: Ensure Graph ListView uses same UI logic as Graph Management -> Graphs
-issue#2537: Incorrect title showing when changes are made to Tree
-issue#2543: Poor performance showing a device's graphs on a tree
-issue#2547: RRD values are not being properly trimmed
-issue#2551: When checking MySQL configuration values, consider ON/OFF to be equal to 1/0
-issue#2553: When upgrading from 1.0.0 or below, renaming automation columns can cause issues
-issue#2555: Missing configuration defaults prevent installations/upgrades without showing reason
-issue#2563: When sorting Data Sources, missing index causes unnecessary delays
-issue#2564: Filtering for Orphan Data Sources is unreliable
-issue#2565: Pages with 500+ selectable items in a single able can suffer from poor performance
-issue#2568: When querying for diagnostic data, devices on remote pollers should proxy the request
-issue#2571: External Links do not properly validate user permissions
-issue#2575: Poller errors occur if a file exists that the website cannot read
-issue#2576: Spikekill API does not work when called from plugins
-issue#2578: When importing packages, missing/new resources are not created
-issue#2581: When viewing poller cache, Device SNMP community is not properly escaped
-issue#2583: When JSON module is not installed, Installer does not correctly show missing message
-issue#2584: When user/group permissions are reset, this is not reflected immediately to the end user
-feature#2505: Improve performance of Data Source Statistics
-feature#2515: Allow more than one SNMP port to be specified when adding devices via CLI
-feature: Update phpseclib to version 2.0.15
-feature: Adjust the max table rows based upon value of 'max_input_vars'

1.2.2
-issue#599: Aggregate graph templates assume AVG consolidation function
-issue#2312: Retrieving Device Information appears to fail on Safari
-issue#2317: Unabe to add new records to 'poller_time' table
-issue#2327: Memory exhausted whilst running poller replication
-issue#2334: Some browsers report JavaScript errors when switching to console
-issue#2337: When running an upgrade, the path of the log file is reset
-issue#2339: Certain characters in recipient address can cause email to fail
-issue#2343: Export hooks no longer work due to missing default keyword
-issue#2346: When listing plugin permissions, "Legacy 1.x Plugins" can appear in the wrong cell
-issue#2347: Allow sort output to inject returned data into a specific object
-issue#2350: Unable to Select Data Source for HRULES and COMMENTS that include nth Percentile and Bandwidth
-issue#2352: SNMP description field can sometimes contain mangled data
-issue#2354: When reindexing in Automation, titles are not updated for Graph and Data Source
-issue#2355: Data Sources are sometimes duplicated when Custom Data is specified
-issue#2357: When indexes are incorrect, poller should log more information
-issue#2359: When upgrading, "Install/Upgrade" privilege may have been previously lost
-issue#2360: When retrieving database / table / column information, schema name is not always applied
-issue#2362: No way to default an interface speed when ifSpeed and ifHighSpeed come back as zero
-issue#2365: When editing Aggregate Graphs, orphaned items were not always removed
-issue#2372: Data Query reindexing leads gaps in Graphs
-issue#2376: Manually adding a device discovered by Automation causes errors to be logged
-issue#2380: Devices may experience constant reindexing
-issue#2384: When authentication method is set to None, change to Builtin as None has been removed
-issue#2393: When reindexing a device, Graph Automation creates duplicate graphs every time
-issue#2416: SELinux wants APPEND not WRITE permission for Fedora/EPEL (RHEL, Centos)
-issue#2419: Host state time was not correctly calculated
-issue#2426: Reinstate missing plugin hooks for 'custom_logout_message' and 'custom_denied'
-issue#2431: Default value for 'Mail Method' (settings_how) is incorrect resulting in errors
-issue#2432: Undefined variable warnings when updating RRD data
-issue#2451: Drag and drop does not always function correctly
-feature: Update JavaScript library c3.js to version 0.6.12
-feature: Update phpseclib to version 2.0.14
-feature: Update PHPMailer to version 6.0.7
-feature: Update JavaScript library d3.js to version 5.9.1

1.2.1
-issue#2259: Unable to View Aggregate Graphs
-issue#2267: Remove unnecessary includes in aggregate template code
-issue#2270: Realtime Graphs consuming too much memory
-issue#2272: Site Tree Branches not showing Graphs
-issue#2273: Error when saving changes to Data Collectors
-issue#2279: SQL Errors in add_graphs.php
-issue#2280: SQL Errors in snmpagent cache table inserts
-issue#2281: Database audit cli giving incorrect results
-issue#2285: Allow HRULEs for bandwith and ptile
-issue#2292: Allow Realtime to use 1 second data collection
-issue#2298: Ambiguous Toggle Switches in Sunrise Theme
-issue#2303: Problem with "Notify Primary Admin of Issues" function
-issue#2304: Installation progress stays at 0%
-issue#2305: BOOST PROGERR: ERRNO:'8'
-issue#2311: Unable to update PHP location during installation due to incorrect CLI environment
-issue#2319: Primary admin account not always given access to a plugin when that plugin is enabled
-issue#2321: Date separator not being used properly for graphs
-issue#2322: Modifying plugin realm registration files and description not supported
-issue: Installer does not identify when shell_exec()/exec() are disabled
-issue: Removing a Device or Graph Template can not be seen till next login
-issue: Visual issues with custom data when using paper-plane theme
-issue: Undefined function errors attempting to sync device templates
-issue: Plugin dependency handling inconsistant
-issue: Editing a report shows incorrect graphs from dropdown

1.2.0
-feature: Add a Timeout setting for Remote Agent calls
-feature: Add Graphs and Data Sources hyperlinks on Device page
-feature: Add One Minute Sampling to the default Data Source Profiles
-feature: Add support for DDERIVE and DCOUNTER to Cacti
-feature: Add Timezone support for Remote Data Collectors
-feature: Allow Adding Aggregate Graphs to a Report
-feature: Allow ASCII filepath paths to not be found on settings save
-feature: Allow drill down from Graphs to Data Queries or Templates
-feature: Allow Import/Export to be hookable
-feature: Allow snmpagent to be disabled for very large installs
-feature: Allow Top tabs to be Glyphs or Text or both
-feature: Big Spanish translation update plus massive QA fixes
-feature: Change password page provides visible confirmation of password rules
-feature: Do not allow second data source to be added to an SNMP Get data template
-feature: Don't allow removal of Data Sources from Data Template once its in use
-feature: Inform the primary Cacti administrator of problems by Email
-feature: Make all user settings dynamic and allow resetting to default.
-feature: Make Graph and Data Source suggested naming more efficient
-feature: Make it easy to find Data Query based graphs that have lost indexes
-feature: Make Top Tabs use Ajax Callback
-feature: Make tree editing responive
-feature: New Install/Upgrade user permission to limit access to being able to upgrade
-feature: Provide option to debug width errors where output exceeds column width
-feature: Removed the Authentication Method of 'None'
-feature: Tree automation is now defaulted to on for new install
-feature: Update JavaScript library c3.js to version 0.6.8
-feature: Update JavaScript library Chart.js to 2.7.3
-feature: Update JavaScript library d3.js to version 5.7.0
-feature: Update JavaScript library jquery.js to 3.3.1
-feature: Update JavaScript library jquery-migrate.js to 3.0.1
-feature: Update JavaScript library jquery.tablesorter.js to version 2.30.7
-feature: Update JavaScript library jstree.js to 3.3.7
-feature: Update JavaScript library screenfull.js to 3.3.3
-feature: Update phpmailer to version 6.0.6
-feature: Update phpseclib to version 2.0.13
-feature#289: Allow external nologin access for Realtime Graphs
-feature#553: When display a host, include Aggregated Graphs as well as standard graphs
-feature#614: Allow users to duplicate Data Input Methods
-feature#973: When creating a new user authenticated via LDAP, attempt to retrieve users email and full name
-feature#122: Support a Site Branch Type
-feature#1060: Design Enhancement for Large scale Cacti Implementations
-feature#1142: Add Site dropdown to the Graphs and Data Source pages
-feature#1184: Improve Data Input Methods editability and message handling
-feature#1200: Aggregate Graphs can now include COMMENT
-feature#1282: Email notification for Automation Network discovery process
-feature#1347: Update automation logging to work better
-feature#1395: Ensure messages have each new line keep the same prefix in cacti_log()
-feature#1399: Allow 'requires' to include version against a plugin
-feature#1400: User settings are now dynamic and can be reset (removed) to return to global settings
-feature#1422: Automatically select the next unused data input field when clicking add on data input method
-feature#1505: When displaying a graph, provide breadcrumb link to edit device
-feature#1527: Update Fontawesome from 4.7 to 5.0.10
-feature#1580: Support Drag & Drop for Builtin Report Items
-feature#1581: Allow Mass Adding of Graphs to Reports
-feature#1584: Allow theme selection when installing
-feature#1588: Check that PHP can run a test file
-feature#1593: Allow External links to auto refresh
-feature#1597: Ensure synchronised files have same attributes as originals
-feature#1610: On Unix, redirect error messages to log files when running external scripts
-feature#1628: Allow the User to define an initial Automation Network for discovery when installing
-feature#1670: Improve Graph Management to show type of source for a graph
-feature#1671: When duplicating a Graph Template, properly duplicate Data Query Graph Template Mappings
-feature#1677: Default Tree nodes sorting to be inherited
-feature#1691: On Graph context menu, add a 'Copy graph' option to copy graph image
-feature#1692: Separate option for logging Input Validation issues
-feature#1703: On Graph context menu, text is now multi-lingual
-feature#1708: Allow the User to override global Automation email recipients at the Automation Network level
-feature#1709: Suppress warning from RRDTool when attempting to make updates in the past
-feature#1711: Add support for SSL connections to MySQL
-feature#1731: Prevent loss of changes by warning user about unsaved items
-feature#1734: When displaying a graph, provide more information when error image is displayed (see also #1428)
-feature#1763: Enable automatic refresh for Time Graph View
-feature#1806: Control low level debug routines via config.php (Develoepr Use)
-feature#1819: Provide CLI program to enable graphs to be removed by scripts
-feature#1969: Graph previews can now be linked using a host's external id
-feature#2006: Introduce new Data Source Profile to handle decade long graphs
-feature#2173: Introduce Device and Graph Template Caching to Speed UI
-feature#2228: Add Device ID to Device search field
-issue: Fix issue with display_custom_error_message() causing problem with system error message handling
-issue: Graph List View was not fully responsive
-issue: Move Graph removal function to Graph API
-issue: On the Data Sources page, if there is no filtered Device and a Data Source is edited, device association is lost
-issue: Typo in Dutch translations when an error occurred while downgrading
-issue: Unable to display user profile tabs
-issue: Verify all Fields not working due to Cacti 1.x upgrade error
-issue#186: Cacti does not support jQueryUI 1.12.x
-issue#187: Remove the use of jQuery Migrate plugin
-issue#948: Do not create a new datasource when adding a new Graph for the same device/field
-issue#454: Cacti Re-Index does not resolve index changes properly during re-index
-issue#983: Import Template Preview is misleading
-issue#1097: When copying template user, newly created user should always be enabled to allow logging in
-issue#1097: When copying template user, it should be disable to prevent logging in as template user directly
-issue#1174: When display a tree, disable drag and drop unless in edit mode
-issue#1298: Display fatal error to prevent issues caused when system log is not writable
-issue#1350: When switching an Automation Tree Rule's leaf type, remove invalid Automation Rule Items
-issue#1383: CSRF Timeout does not obey session timeout
-issue#1408: Update SQL / Backtrace to use new clean_up_lines() function
-issue#1414: DSSTATS reports incorrectly that a data source does not exist
-issue#1420: Fix issues found by Debian package builds
-issue#1421: Fix issue when SQL had all bad modes, missing variable warning was generated
-issue#1426: Fix issue where remote poller was not using unique filenames when attempting to verify files
-issue#1437: Plugin install hover message sometimes shows line breaks rather than formatted text
-issue#1454: When using oid_regexp_parse, filter indexes to those that match
-issue#1473: Recovery Date overwritten by subsequent checks
-issue#1494: Unable to Deep Link/Bookmark Trees
-issue#1503: Undefined function clearstatscache in DSSTATS
-issue#1507: When saving graph settings from the graph page, the graph template id should not be included
-issue#1510: New Graphs Undefined Variable $graph_template_name
-issue#1521: Force boost to be enabled when there are Remote Data Collectors
-issue#1528: Saving a device can result in WARNINGS related to string vs array handling
-issue#1529: Allow Aggregate Graphs to Sum Bandwidth and Percentile COMMENTS
-issue#1543: Graph Preview appends header=false too many times
-issue#1553: Poller does not set rrd_step_counter correctly if no steps taken
-issue#1559: CLI Output Issues due to over escaping
-issue#1560: Warning that escapeshellarg() is escaping a null
-issue#1567: Technical support - add notification if Cacti and Spine version is different
-issue#1574: User templates are not correctly being applied
-issue#1589: Installer now checks that the temporary folder is writable
-issue#1590: User Admin generates SQL error if user is not part of any groups
-issue#1601: Aggregate Graphs can not include some classes of COMMENT
-issue#1602: PHP ERROR: Call to undefined function api_data_source_cache_crc_update()
-issue#1604: Failed to connect to remote collector
-issue#1606: Boost debug log not functional
-issue#1607: Boost next run time occurs in the past
-issue#1608: Possible boost race conditions
-issue#1609: Remote pollers update 'stats_poller' on main poller
-issue#1617: Editing a data query results in missing $header variable
-issue#1621: Realtime Popup can cause automatic logout
-issue#1626: httpd-error.log have message about Fontconfig
-issue#1634: Default snmp quick print setting resulting in false poller ASSERTS on some php releases
-issue#1651: Check temporary folder has write access during import
-issue#1655: Correct Cacti to handle new MySQL 8.0 reserved word `system`
-issue#1658: Devices drop down should be filtered by Site
-issue#1660: Reports based upon Tree don't maintain graph order
-issue#1665: Must change password not working for local users when main realm is not local
-issue#1669: Console log header grammar issue
-issue#1674: Threads and Processes values not migrated to Poller table during upgrade
-issue#1676: Allow automation discovery to add the same sysname on different hosts
-issue#1682: Slow Select Statement lib/api_automation.php
-issue#1689: Technical Support's RRDTool version should show detected RRD version
-issue#1690: Report a warning if the default collation is not utf8mb4_unicode_ci
-issue#1700: Mail sent without auth causes errors to appear in logs
-issue#1710: RRDtool create command causes first update to fail
-issue#1721: Console Side Bar not correct on first login
-issue#1723: die() messages should include PHP_EOF for better logging
-issue#1726: Poor page performance editing a Graphs Graph Items
-issue#1746: Poller with no hosts does not exit until timeout is reached
-issue#1761: Graph Management page shows bogus template names
-issue#1783: Browser Back button still does not working
-issue#1796: Import: Fixed handling of references to objects not included in file
-issue#1799: Default User log sort should be date descending
-issue#1810: Correct SQL errors with authentication set to no authentication
-issue#1839: Dummy cosmetic bug on down device selection option
-issue#1841: Data Source Stats table not properly migrated from pre 1.x Cacti plugin
-issue#1849: SNMPAgent not sending traps
-issue#1852: Reports Preview/Mails show no graphs
-issue#1889: Insecure $ENV{ENV} which running setgid
-issue#1901: Upgrade from 0.8.8h fails on external_links statement
-issue#1921: Data Query XML field method 'rewrite_index' does not correctly query for value
-issue#1926: Deselecting items should present warning or disable GO button
-issue#1948: Device Template should warn about need to re-sync
-issue#1953: set_default_action() should warn if more than one action provided
-issue#1973: SpikeKill Menu does not display properly
-issue#1976: Default admin permissions do not allow everything
-issue#1982: Certain hooks should occur within api functions rather than UI functions
-issue#2002: api_plugin_db_table_create should support non-string defaults
-issue#2012: For kernel 3.2+, "Linux - Memory - Free" should grep for "MemAvailable:", not "MemFree:"
-issue#2085: CLOG Regex Parser does not verify registered function exists
-issue#2126: api_device.php generates undefined function poller_push_to_remote_db_connect()
-issue#2127: Unable to save error when duplicating graph
-issue#2135: api_tree_lock() and api_tree_unlock() forcing redirection incorrectly
-issue#2143: export.php Illegal string offset 'method'
-issue#2144: Device Management "Status" column does not sort properly
-issue#2152: When editing a device, should show disable/enable option
-issue#2153: Utilities page issues the wrong hook for tabs
-issue#2163: LDAP functions are not consistent
-issue#2164: Login page does not remember selected realm
-issue#2171: datepicker and timepick translation not available
-issue#2178: Header/Footer included more than once
-issue#2182: Graph View missing 'html_graph_template_multiselect()' function
-issue#2184: html_host_filter() does not handle host_id consequently
-issue#2186: Boost generates invalid SQL during on demand update
-issue#2188: SNMP timeout errors are being duplicated
-issue#2191: i18n_themes is not properly primed in global_arrays.php
-issue#2202: Can't create more than one graph with add_graphs.php from one template
-issue#2207: Removing Graph Template does not Remove Data Query Associations
-issue#2217: cmd.php not handling quoted snmp values properly
-issue#2240: SNMP system Data Input Methods should not be modified on import
-issue#2241: Spike removal not functional due to Debian packaging
-security#1072: Prevent exploitation of Data Input Methods to escalate privileges (CVE-2009-4112)
-security#1882: Bypass output validation in select cases
-security#2212: Stored XSS in "Website Hostname" field
-security#2213: Stored XSS in "Website Hostname" field - Devices
-security#2214: Stored XSS in "Vertical Label" field - Graph
-security#2215: Stored XSS in "Name" field - Color

1.1.38
-issue#1501: cmd.php poller not stripping alpha from snmp get values
-issue#1515: Special characters not rendered properly in settings
-issue#1530: Inconsistent behaviour handling blank Field Name/Value when editing data query suggested values
-issue#1537: Numeric validation not ignoring blank elements

1.1.37
-issue#274: Allow Realtime Graph Popup Mode
-issue#1405: When Data Query columns are wide, they cause rendering issues
-issue#1414: DSSTATS reports incorrectly that a data source does not exist
-issue#1419: Filtering log results in errors in the log
-issue#1420: PHP NOTICE editing cdef and vdef items
-issue#1421: CLI upgrade_database.php PHP Warning on execution
-issue#1426: Remote poller erroring attempting to verify files
-issue#1432: Delete confirmation does not disappear
-issue#1443: Partial Save warnings under Settings -> Mail/Reporting/DNS
-issue#1447: CLI audit_database.php not detecting database name, and failed to create audit tables when run fresh
-issue#1453: CLI add_graph.php not allowing title to be set
-issue#1456: Increase minimum php version maintaining support for RHEL6
-issue#1457: Path-Based Cross-Site Scripting (XSS) issues
-issue#1458: Error in logs when creating new graphs
-issue#1459: Automation filter not applied correctly
-issue#1461: Setting output_format on input type causes no values to be returned
-issue#1464: Poller stuck in infinitely loop causing excess logging
-issue#1466: No scrollbars in mobile browsers
-issue#1468: Increase max length of host.snmp_sysObjectID column
-issue#1471: Undefined function found in global_languages.php
-issue#1472: Change Device Options - Style needs updating
-issue#1474: Check possibility for creation of temporary tables on install
-issue#1487: Undefined constant in ldap.php
-issue#1483: Create New Graphs - Paw Styling Issue
-issue#1493: Can't create tree branches with '#' sign
-feature#1489: Add ability to use parts of OID as value via regex
-feature: Updated Chinese Simplified translations
-feature: Updated Dutch translations
-feature: JavaScript library Chart.js updated 2.7.2
-feature: Allow snmp formatting functions to detect UTF-8 output

1.1.36
-issue#934: Template names missing in graph management list
-issue#1211: CDEF and VDEF Item Edit do not use correct procedures
-issue#1250: Language support does not support localization properly
-issue#1331: Log Rotation should occur at midnight on system
-issue#1334: Console->Users->(Edit) Permissions checkmark descriptions missing
-issue#1336: Debian test suite reports php error
-issue#1338: Allow automation to be run in debug mode from GUI
-issue#1339: First graph of second page does not render
-issue#1340: Unable to open Time Graph View in new tab
-issue#1348: Toggle context menu of Zoom
-issue#1351: Errorimage does not render on systems without GD ttf support
-issue#1353: New installation without config.php silently throws errors
-issue#1355: Single tree can have the order of the tree changed
-issue#1357: Data Profile disable fields shown temporarily as editable
-issue#1359: Settings page generates error for removed plugin tab
-issue#1362: DSStats Avg/Peak function broken due to change in RRDtool processing
-issue#1365: Plugin Management enforce folder name
-issue#1366: Improve error/info message display
-issue#1380: Potential failure when updating script type
-issue#1384: When installing/enabling plugins, current user and admin should get permissions
-issue#1386: form_selectable_cell() ignores width if no style_or_class is passed
-issue#1389: Poller is including plugins that are not installed
-issue#1390: Plugin uninstall should prompt user before removal
-issue#1396: Prevent installation/uninstallation of a plugin if dependency is present
-issue#1397: Distinguish between plugin tabs and core tabs in settings
-issue#1371: Allow dynamic setting of from name when emailing
-issue: Data Query Cache filter layout more consistent
-issue: Minor plugin permissions format change
-issue: Implementation of error handling causes errors creating New Graphs
-issue: Deprecated DDStats setting removed
-issue: Graph context menu items are now context aware
-issue: Validate spine path before allowing enabling of spine
-issue: Errored settings fields now highlighted correctly on error
-issue: Add the Default Device to the Default Tree at install time
-issue: Secpass password verification error message unuseful
-feature: Searching of SNMP Index in View Data Query Cache now works
-feature: Presets now have default device Template
-feature: JavaScript library c3.js updated (v0.4.21) / jstree.js (3.3.5)
-feature: PHPSecLib updated 2.0.10
-feature: Updated Dutch translations

1.1.35
-issue#114: *all_max_peak* percentile calculations incorrect
-issue#430: Pressing Back often fails to work as expected
-issue#564: Fail to move items in graph template as desired
-issue#981: Hyperlinks for Data Profile stats
-issue#993: Realtime not working on remote pollers for certain data query
-issue#1244: Errors importing templates with deprecated hashes
-issue#1251: Allow zoom out through mouse mmiddle button
-issue#1281: Max OIDs setting is for bulkget and not bulkwalk operations
-issue#1286: Correct CHUNKED_ENCODING error when retrieving graph with some browsers
-issue#1306: Graphs are not always refreshed properly
-issue#1309: Provide meaningful authentication errors in graph_json.php and graph_image.php
-issue#1310: Return button fails on change password page
-issue#1315: Realtime not working on local data collector
-issue#1316: CDEF Item Value dialog does not update creating items
-issue#1319: Front end + remote poller - connection timeout issue
-issue#1321: Use RRDtool pipelining functions within DSSTATS
-issue#1323: Enhance form layout for readability
-issue#1329: Spelling errors in automation_networks.php
-issue: Validate regular expressions if specified in add_graphs.php
-issue: Ensure compression levels are consistent when importing package

1.1.34
-issue#1040: PHP version 7.2 - ERROR PHP WARNING: sizeof()
-issue#1195: Improved Javascript error message handling
-issue#1245: Unable to reorder graph name suggested values
-issue#1256: Error reporting of custom errors not displayed correctly
-issue#1257: Boost excessively logging updates
-issue#1258: cacti.sql updated to match expected schema
-issue#1260: Tab images fail to render due to TrueType support in PHP GD Module
-issue#1261: Automatic logout timeout does not apply to web basic authenication
-issue#1263: CLI utility to validate database schema
-issue#1266: Inconsistent usage graphWrapper CSS causes odd graph zoom behavior
-issue#1268: Regex filters not working properly
-issue#1274: Host CPU script checks value existance to avoid error
-issue#1275: SNMP v3 authPriv fails to work
-issue#1287: JSON calls return validation error in HTML format
-issue#1289: Script Server should output parameter array rather than parameters
-issue#1292: Chrome to aggressively caches Javascript files
-issue#1293: Correctly identify if command 'snmpbulkwalk' is available
-issue#1296: CactiErrorHandler does not ignore PHP suppressed errors
-issue#1300: Automation discovery : New devices added by automation discovery have empty SNMP community field
-issue#1302: Automatic logout should not be enforced on login page
-issue#1304: mib_cache.php file contains unsafe transactions for binary logging
-feature: CLI utilily to generate and verify file hashes for installed Cacti files
-feature: Logging links back to appropriate areas for troubleshooting
-feature: Logging lists filenames in reverse order

1.1.33
-issue#1253: Automatically generated RRDtool DEF names in Cacti 1.1.32 break existing Graph Templates

1.1.32
-issue#969: Undefined index: color_id / task_item when viewing graphs
-issue#1166: Fix typo of 'locale' in global_languages.php
-issue#1222: Graphs with large number of items causes RRDTool to error
-issue#1230: PHP Fatal error: Call to undefined function get_max_tree_sequence()
-issue#1238: SNMP functions fail to handle "Invalid object identifier" error
-issue#1239: Browser console error in layout.js
-issue#1240: Page layout issues caused by library update
-issue#1246: Make SNMP Error return more info
-issue: Missing or corrupted theme files can corrupt user settings
-issue: Theme may not change until next login
-issue: Tree edit Tree/Device/Graph drag areas incorrect
-issue: Make callback error handling compatible with jQuery 3.x
-issue: Ensure the snmp_error is cleared before every call
-issue: Indicate unknown error when RRDTool returns no error message
-feature: Update Javascript library: js.storage.js, d3.js, jquery.js, jquery.tablednd.js, jquery.timepicker.js

1.1.31
-issue#629: Site reload after delete the last letter in the searchbar
-issue#1022: Discovery network stuck in "running" state does not return results
-issue#1164: Version compare function fails on major/minor only versions
-issue#1166: Invalid New User default language selection
-issue#1175: Automatic logout inconsistent redirect
-issue#1179: Warn during installation if installing moving to older version
-issue#1183: Automatically detect missing Theme and use alternate
-issue#1185: Layout with Graphs having large number of data columns
-issue#1189: Allow ability to sort tree list by name asc/desc
-issue#1190: Enabling, Disabling, Uninstalling plugin, you should page refresh
-issue#1191: Tree sequences were not set or checked
-issue#1197: Add more collection intervals to Data Source Profiles
-issue#1206: Display issue with internationalization number format
-issue#1210: CDEF and VDEF Items can not be properly edited
-issue#1212: Navigation breadcrumbs fail to handle External links correctly
-issue#1213: PHPMailer trying TLS despite SMTPSecure setting
-issue#1215: Show version when installation prompts for license
-issue#1217: Add ability to view/edit Input/Query when editing Data Template
-issue: Named colors fail to import on install or upgrade
-issue: Drag and Drop issues on multiple pages could corrupt sequencing
-feature: Enhance filter to permit more glyphs for table headers
-feature: Add a page refresh dropdown to the Automation Networks
-feature: Enhanced SNMP v3 input forms
-feature: Allow Trees to be rearranged using Drag and Drop
-feature: Trap GUI callback errors and present error message

1.1.30
-issue#1155: Non-secure mail setting not functional due to changes in phpmailer
-issue#1157: Resolve issue with branch permission api
-issue#1158: Change CLOG to use regex replacement so line details are not mangled
-issue#1161: Graph View regex's are not preserved during automatic page refresh
-issue#1162: Error messages are not display when editing a user
-issue#1166: Default language was not correctly set when editing a user
-issue: basename function undefined during upgrade to 1.0.x
-issue: Storage API and translations required for Change password function
-issue: ALTER IGNORE still throws an error when attempting to drop the primary key
-issue: Data Source profile form API generates error when system is half upgraded
-issue: Resolve issue with importing packages
-feature: Update package versions for Cacti version 1.1.29

1.1.29
-issue#871: Allow Nth Percentile and Bandwidth Summation to respect 'Base Value' in template
-issue#965: Duplicate error message and incorrect error code when using LDAP authentication
-issue#1084: Graph Tree Branch not properly populating when editing report item
-issue#1104: Datetime formatting in developer debug mode incorrect
-issue#1106: Template Filters has empty row
-issue#1109: URL used in redirection when referrer already has parameters in it
-issue#1110: Add CPU Total to 'SNMP - Get Processor Information'
-issue#1111: PHP NOTICE when using LDAP authenication
-issue#1116: Filters not allowing "None" or "All" when editing report item
-issue#1119: Reduced amount of data fetched for CPU usage to just the data used
-issue#1121: Bandwidth summation not using correct locale
-issue#1122: Fix issue with local login / potential password problems
-issue#1128: Resolve php warning when raising messages
-issue#1130: Fix logging level issue where logs of same level as setting where not logged
-issue#1131: Make upgrade_database.php use same version compare as /install/ system
-issue#1133: Fix issues with variable name and debug log
-issue#1141: When viewing graphs from list view, pagination causes list view filter to be cleared
-issue#1143: ss_host_cpu.php - Division by zero / Invalid Return Value
-issue#1146: Installation now checks URI path matchs with configuration option URL_PATH
-issue: Updated Graph pagenation and filter reset
-issue: Resolve issues with cacti_version_compare() processing
-issue: Zoom context menu stays open after zoom out actions
-issue: Paginator object was not always translated

1.1.28
-issue#958: User Group Tree permissions not calculated fully
-issue#959: Issue viewing email reports due to email client decoding problems
-issue#992: RRDfile naming issues that result from random sorting during export
-issue#1012: Issue where disabled devices will not appear in Tree editor
-issue#1044: Handle invalid exclusion regex properly when viewing the log
-issue#1045: Issue with multiple pages and confirmation dialogs
-issue#1048: Problem importing vdefs from templates
-issue#1053: Remote Data Collector now works with https and self signed certificates
-issue#1055: Errors in data source statistics inserts when invalid output is encountered
-issue#1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions
-issue#1058: ICMP Ping to and IPv6 address fails to gather data for ping latency
-issue#1059: Aggregate item filter should use regular expressions to avoid SQL errors due to flawed filter logic
-issue#1064: When a Device Template is removed, Automation Templates for that Device Template remain
-issue#1066: CVE-2017-16660 in remote_agent.php logging function
-issue#1066: CVE-2017-16661 in view log file
-issue#1071: CVE-2017-16785 in global_session.php Reflection XSS
-issue#1074: Boost records get stuck in archive
-issue#1079: Undefined index in lib/snmpagent.php
-issue#1085: Undefined function html_log_input_error
-issue#1086: Rerun data queries in automation process has no effect
-issue#1087: cli/add_device.php --proxy option does not work with non-snmp devices
-issue#1088: Set timeout for remote data collector context
-issue: Minor performance increase in boost processing
-issue: Poller output not empty not processed correctly on Log tab
-feature: Timeout to the remote agent for realtime graphs
-feature: Updated Dutch translations
-feature: Database update adding additional indexes for increased performance
-feature: Updated PHPMailer to version 5.2.26
-feature: Updated phpseclib to version 2.0.7

1.1.27
-issue#1033: Issues inserting into dsstats table due to legacy data
-issue#1039: Using html_escape still double escapes.  Use strip_tags instead
-issue#1040: Resolving compatibility issue with PHP7.2

1.1.26
-issue#841: --input-fields variable not working with add_graphs.php cli
-issue#986: Resolve minor appearance problem on Modern theme
-issue#989: Resolve issue with data input method commands loosing spaces on import
-issue#1000: add_graphs.php not recognizing input fields
-issue#1003: Reversing resolution to Issue#995 due to adverse impact to polling times
-issue#1008: Remove developer debug warning about thumbnail validation
-issue#1009: Resolving minor issue with cmd_realtime.php and a changing hostname
-issue#1010: CVE-2017-15194 - Path-Based Cross-Site Scripting (XSS)
-issue#1027: Confirm that the PHP date.timezone setting is properly set during install
-issue: Fixed database session handling for PHP 7.1
-issue: Fixed some missing i18n
-issue: Fixed typo's
-feature: Updated Dutch translations
-feature: Schema changes; Examined queries without key usage and added/changed some keys
-feature: Some small improvements

1.1.25
-issue#966: Email still using SMTP security even though set to none
-issue#995: Redirecting exec_background() to dev null breaks some functions
-issue#998: Allow removal of external data template and prevent their creation
-issue: Remove spikes uses wrong variance value from WebGUI
-issue: Changing filters on log page does not reset to first page
-issue: Allow manual creation of external data sources once again
-feature: Updated Dutch translations

1.1.24
-issue#932: Zoom positioning breaks when you scroll the graph page
-issue#970: Remote Data Collector Cache Synchronization missing plugin sub-directories
-issue#980: Resolve issue where a new tree branches refreshs before you have a chance to name it
-issue#982: Data Source Profile size information not showing properly
-issue: Long sysDescriptions on automation page cause columns to be hidden
-issue: Resolve visual issues in Classic theme
-feature: Allow Resynchronization of Poller Resource Cache
-feature: Update Spanish Translation

1.1.23
-issue#963: SQL Errors with snmpagent and MariaDB 10.2
-issue#964: SQL Mode optimization failing in 1.1.22

1.1.22
-issue#950: Automation - New graph rule looses name on change
-issue#952: CSV Export not rendering chinese characters correctly (Second attempt)
-issue#955: Validation error trying to view graph debug syntax
-issue: MySQL/MariaDB database sql_mode NO_AUTO_VALUE_ON_ZERO corrupts Cacti database
-issue: When creating a data source, the data source profile does not default to the system default
-feature: Enhance table filters to support new Cycle plugin
-feature: Updated Dutch Translations

1.1.21
-issue#938: Problems upgrading to 1.1.20 with one table alter statement
-issue#952: CSV Export not rendering chinese characters correctly
-issue: Minor alignment issue on tables

1.1.20
-issue#920: Issue with scrollbars after update to 1.1.19 related to #902
-issue#921: Tree Mode no longer expands to accomodate full tree item names
-issue#922: When using LDAP domains some setings are not passed correctly to the Cacti LDAP library
-issue#923: Warninga in cacti.log are displayed incorrectly
-issue#926: Update Utilities page to provide more information on rebuilding poller cache
-issue#927: Minor schema change to support XtraDB Cluster
-issue#929: Overlapping frames on certain themes
-issue#931: Aggregate graphs missing from list view
-issue#933: Aggregate graphs page counter off
-issue#935: Support utf8 printable in data query inserts
-issue#936: TimeZone query failure undefined function
-issue: Taking actions on users does not use callbacks
-issue: Undefined constant in lib/snmp.php on RHEL7
-issue: Human readable socket errno's not defined
-issue: Audit of ping methods tcp, udp, and icmp ping. IPv6 will still not work till php 5.5.4

1.1.19
-issue#810: Scripts in packages don't match distribution
-issue#919: Unable to upgrade to 1.1.18
-issue: Update documentation for minimum PHP 5.4

1.1.18
-issue#902: Correcting some issues with Console and External Links
-issue#903: Upgrade pace.js to v0.7.8
-issue#904: Allow user to hide Graphs from disabled Devices
-issue#906: Create a separate Realm for Realtime Graphs
-issue#907: XSS issue in spikekill.php
-issue#910: Boost last run duration generates an error on new install
-issue#914: Unable to purge Cacti logfile from System Utilities
-issue#915: Non-numeric data in ss_host_disk.php
-issue#916: Resolve display of errors when encountering ldap issues
-issue#918: Minor XSS and create generalized escape function
-issue: Resolve JavaScript errors on Login page
-issue: Resolve JavaScript errors on Permission Denied pages
-issue: Graphs tab would appear in non-classic even if you did not have permissions
-feature: Updated dutch translations

1.1.17
-issue#450: List View to Preview shows no results
-issue#486: Export Device table results to CSV
-issue#544: Allow Log Rotation to be other than Daily
-issue#673: Downtime/Recovery time/date is set incorrectly
-issue#819: Customized timespans for graphs
-issue#888: Rebuilding Poller Cache when External data sources are present results in false positive warnings in the log
-issue#891: Database.php unable to connect to MySQL when using port different than 3306
-issue#893: Warning messages when duplicating CDEF objects
-issue#897: Due to browser use of special key, deprecate ctrl-shift-x for clearing filter
-issue#898: Issue with tcp and udp ping due to file description allocation changes
-issue: Unable use ipv6 ip addresses for snmp ping in the Cacti GUI
-issue: Update language of the Rebuild Poller Cache menu pick
-issue: Broken design for input controls with Sunrise theme
-issue: Timespan switching not switching to Custom in Preview Mode
-issue: Log rotation would not occur under certain conditions.  Provide more control over log functions
-issue: Purge log file always purged the cacti.log, not the selected log
-issue: Unable to view graphs for errored data sources from Cacti log

1.1.16
-issue#865: Escape Data Query arguments to prevent issues with special characters
-issue#872: Can't add device items to graphs generated with no device and no template
-issue#875: When modifying Realm permissions, realms that are listed multiple times don't stay in sync
-issue#877: Improving resolution to issue#847 and one additional vulnerability
-issue#878: Ambiguous language in purge log function
-issue#879: SQL Error when adding a report item to a report
-issue#880: Device drop down is limited to 20 devices and lacks a scroll bar
-issue#885: Graph generated with no device and no graph template forgets device definitions
-issue#886: Unable to export templates other than Device templates
-issue: Address additional corner cases around get_order_string usage
-issue: Data Queries sharing a Data Source can result in poller output table not empty errors
-issue: Fix Sunrise theme to properly theme multiselect widgets
-issue: Increase height of multiselects so that more options are visible
-issue: When a graph is locked, anchor tags are still functional
-issue: Autocomplete does not populate none-value when the selected value is not set

1.1.15
-issue: PHP Fatal Exception on upgrade from 1.1.11 or earlier
-feature: Added test to detect install upgrade code problems

1.1.14
-issue#849: Unable to select host in Graph Item pick
-issue#850: Reporting not allowing Non-templated Graphs
-issue#858: Pagination on SNMP Options wrong
-issue#860: Network Discovery Subnet Range character limit too small
-issue#861: The search filter does not support Cyrillic
-issue#862: Automation - When editing Graph Rules, unable to Change Data Query
-issue#863: Typo error in auth_login.php for LDAP authentication
-issue#867: Cross-site scripting (XSS) vulnerability in auth_profile.php
-issue: Link's not showing in Automation Graph and Tree rules on Sunshine theme
-issue: Make Templates Export responsive
-issue: Don't wrap menu glyphs and menuitems
-issue: The function get_order_string() can fail when encountering reserved word columns
-issue: Data Query Delete is not using callback
-feature: Resize Graphs on Graph page to be responsive
-feature: Make import text a hidden field as it is likely seldom used

1.1.13
-issue#605: Remove Spikes feature not fully functional
-issue#814: Allow 'Save' feature from New Graphs
-issue#837: Using the add_device.php CLI script, you can not 'default' the device threads to other than 1
-issue#838: CVE-2017-10970: XSS Issue in link.php
-issue#839: The Database column name 'rows' is a reserved word in MariaDB 10.2+
-issue#845: External links tabs should appear at the end of the tab view
-issue#846: Web crawl of Cacti site shows errors in the log
-issue#847: CVE-2017-10970: XSS Issue in lib/html_form.php.
-issue#853: Go and Clear buttons do not work in all cases on Graph Rules pages
-issue: Up/Down arrow titles labeled incorrectly on Tree Management page
-issue: Make the default Export Type a Device Template
-issue: Fix SNMPagent MIB cache issues
-issue: Realtime cache cleanup now only removes rrd and png
-issue: When redirected from reports, you can receive a validation error
-feature: updated Dutch language

1.1.12
-issue#822: Aggregate Graph Items are incorrectly editable
-issue#823: Allow Filters to be hidden
-issue#834: Add spacing on graphs pages
-issue: Uninstalled plugins can not install
-issue: Location of filter functions in host.php prevent full responsive filter implementation
-feature: Implement first phase of responsive search filters

1.1.11
-issue#642: RRA not written or WARNING: Poller Output Table not Empty
-issue#779: PHP running out of memory due to date format issues
-issue#791: SeLinux causing problems due to recent enhancement of the Cacti log
-issue#818: Unable to unselect all SpikeKill templates under settings
-issue#831: Unable to add devices from automation devices that don't have a snmpSysname
-issue: incorrect version of pace: fix progess bar
-issue: date_format(): fix date separator character
-issue: host.php: fix itemCount en rowCount when result = null
-issue: clog: fix scandir for systems with limited permissions to log directory
-issue: clog: fix listing of logfiles
-issue: Stop New Graphs filter interface from taking too much space
-issue: Pagination of clog is not done via ajax
-issue: Unable to dry run spikekill's from Graphs page
-issue: Default sort order does not highlight on Aggregate Template page
-issue: Correct display issue with Graph Templates when editing Device
-issue: External Data Sources show as having poller interval on Data Source page
-issue: Allow Selecting 'External' as the Data Source Profile when creating non-templated Data Source
-issue: Remove Field Order on Data Input output data as it's not required
-issue: Data Templates not using Ajax callbacks to switch Data Sources
-issue: Visual issue when creating non-templated Aggregate Graphs
-feature: new skin: Sunrise
-feature: Provide Non Compatible explanation when a plugin is not compatible
-feature: Updated Dutch translations
-feature: Allow Graph Templates with multiple flag to be created repeatedly from Graphs New interface
-feature: Allow plugins to exclude files and directories from their remote poller synchronization process
-feature: Add Device Description to View Poller Cache UI

1.1.10
-issue#779: Resolve random Apache segfault due to recursion
-issue#786: Unable to create second RRA for a Data Source Profile with collection rate less than 5 minutes
-issue#789: Unable to Clear Filter due to JavaScript name space collision
-issue#791: cacti 1.1.9 and clog_webapi.php permission issue
-issue#794: SQL Error when creating graphs manually
-issue#798: Cosmetic issue when checking checkboxes in Cacti
-issue#800: Unchecked loop in lib/html_utility.php causing race condition
-issue#802: Issue updating device hostname with SNMP data queries
-issue#803: Issues with utf8mb4 introduced via optimization
-issue: If the device is down and snmp_sysUpTimeInstance is 0, time in state can be wrong
-feature: Updated Dutch translations

1.1.9
-issue#788: Fails on PHP Fatal error if LDAP auth enabled

1.1.8
-issue#529: Issue on Graph New page with checkbox unselected
-issue#552: Minor selectable row checkbox issue
-issue#577: Dragging multiple items causes the tree to refresh too early
-issue#617: Correct poller timeouts when no devices are associated with active data collector
-issue#706: Classic external link template images missing
-issue#726: Undefined variable in upgrade script
-issue#728: Resolve issues with jQueryUI empty dialogs
-issue#731: Add class to radio button labels to correct display issue
-issue#736: Sequence numbers not visible when editing templates using modern theme
-issue#739: Graph Titles missing on aggregate graphs
-issue#740: Spacer manipulation broken after update to responsive forms
-issue#741: Errors in dsstats with very large RRDfiles with more than 60 data sources
-issue#748: Search results are not cleared on Aggregates
-issue#754: Default Language for user and system are not set on new installation
-issue#755: RRDtool Graph Watermark is incorrect
-issue#756: Resolving some translation issues
-issue#763: Template Export not functional
-issue#765: Validation error when viewing Utility View
-issue#771: Editing a report renders no options after creation
-issue#780: Preview always shows thumbnails in reports interface
-issue: Hide Aggregate system cdefs when editing graphs and graph templates
-issue: Updating Utility View zoom was not updating table data
-feature#723: Convert Data Source dropdown to autocomplete when editing standalone graphs
-feature#735: Allow color selection in graphs and templates to be autocomplete
-feature#753: Preliminary support for RRDtool 1.7.
-feature: Add function to obtain the current execution user
-feature: Implement Site timezones as autocomplete for performance
-feature: For themes other than classic, make color id selection autocomplete
-feature: CLOG timestamp is now formatted as defined in settings
-feature: CLOG can show loginformation from rotated logfiles

1.1.7
-issue#470: Enhance Cacti's SNMP function and Data Query XML, add <output_format>hex|string|guess</output_format>
-issue#653: Devices with empty sysNames are not added to discovered devices
-issue#655: Data source not displaying device name
-issue#658: Scheduled Reports (type "tree") not working
-issue#662: Sending test Email should optionally bypass ping
-issue#667: In Classic theme initial view of Tree view broken
-issue#669: Invalid SQL Messages when upgrading to Cacti 1.0.5
-issue#670: Validation error when you do "Change Graph Template" in Cacti
-issue#672: Cacti unable to enable snmp notification receiver mibs
-issue#680: Sort order in Time Graph View
-issue#687: Cacti DB access not compatible with PHP 7
-issue#696: Multiple issues with snmpagent notification UI
-issue#699: Add custom error handler for ping functions
-issue#704: Fix GUI issues for Graphs not belonging to a device
-issue#707: Back button not working
-issue#708: Issues finding lib/snmp.php in host disk functions
-issue#712: Change Graph Template dropdown invalid
-issue#717: Allow ajax callbacks when adding non-templated graph items
-issue: Reports were not using Cacti's permission system for checking access
-issue: User Admin page reported wrong permissions at Tree level missing some i18n as well
-issue: Short data_name can cause data collection issues
-feature: Updated Dutch language
-feature: Updating PHPMailer to 5.2.23
-feature: Support input-output Data Query types
-feature: Introduce new get_cacti_version() to reduce database calls on pages

1.1.6
-issue#620: The table poller_data_template_field_mappings can get out of sync when manipulating data templates
-issue#622: Can not connect to MySQL over a socket
-issue#628: Cacti upgrade process is complex and error pront for developers
-issue#635: Error when saving change to data template
-issue#637: When displaying tree graphs, use the same layout as preview mode
-issue#646: When a plugin is disabled during page operations, warnings can appear
-issue#651: Unable to view cacti log (because of allowed memory size exhausted)
-issue#657: Error in log when host is down, using icmp and using cmd.php on FreeBSD
-issue: List for creating a Graph type shows already added Graph Templates
-issue: Fix and undefined variable on data source page when first creating a manual data source
-issue: Remove tabindex and other non-required manual aria controls from pages
-issue: Table type and column type in poller_output table wrong
-issue: FILTER_VALIDATE_MAC not defined on PHP less than 5.5
-issue: When changing your language Cacti would not do a full page refresh
-feature#106: Paginated CLOG and log administration
-feature: Dutch translations
-feature: Responsive Graphs page
-feature: Convert forms from table based to div based for responsive design
-feature: Better support for phones and tablets
-feature: Simplified installation code to facilitate easier release cycle
-feature: Updating Tablesorter to v2.28.9, adding widgets and pager

1.1.5
-issue#580: Data collection warnings when using cmd.php
-issue#592: Incorrectly formatted HTML
-issue#606: Replace <path_php_binary> in data input methods
-issue#607: Allow draw_menu to specify multiple actions for the same URL
-issue#608: Spaces adjacent to double quotes are eliminated during data input method import
-issue#609: Honor the column setting in graph tree view mode
-issue#610: Change Graph Template action not available
-issue#611: Cacti Installation Wizard - Spine page incorrect on Windows
-issue#612: Uncaught Error: Call to a member function row() on a string
-issue#613: Network Automation, now requires a site or your are unable to save rules
-issue#615: Data Input field length too short for longer scripts
-issue#619: Export logging option in settings no longer used

1.1.4
-issue#524: Reporting not working when Tree branch is device
-issue#560: Add 'Duplicate' and 'Convert to Graph Template' back to Graph Management page for Advanced mode
-issue#573: Missing Graph Template dropdown items
-issue#575: Very large hex strings result in scientific notation that RRDtool rejects
-issue#579: Problems logging in using nginx web server
-issue#581: session_start() warnings when manually sending reports
-issue#584: Issues reporting memory recommendation on utilities page
-issue#586: Overrunning pollers can cause system load spikes
-issue#587: Data Collector setting under Network Discovery is not being used
-issue#588: Devices with blank sysDescr are added to the first Device Template in error
-issue#589: Automation discovery does not allow site association
-issue#590: Unable to create a plugin based menu
-issue#591: Row selection in Device Automation Templates not sane with drag-n-drop enabled
-issue#601: Resolving some translation issues
-issue#604: Unexpected backtrace on regular expression filters
-issue#605: Remove Spikes non-numeric data causes warnings
-issue: Ping email does not use a from email address
-issue: Automation does not recognize default size or poller
-issue: Unable to drag-n-drop on automation templates pages when enabled
-issue: Fixed number of hosts in poller stats for first poller
-issue: Fixed screenwidth issue in tab PHP-Info of Utilities module
-issue: Recovery poller could get stuck in some situations
-issue: Fix JavaScript errors when managing Aggregate Graphs
-feature: Reorganize defaults to place more on device defaults page
-feature: Update jQuery tableDnD to version 0.9
-feature: More tolerant of empty PHP_SELF found with some web servers

1.1.3
-issue#515: Unable to import color CSV file
-issue#519: In non-classic themes its not possible to remove Cacti log or reporting tabs
-issue#520: SQL error in graph automation
-issue#521: Cacti allows removal of Data Query Graph Template associations when they are in use
-issue#525: LAST GPRINT type not rendered correctly due to lack of escaping
-issue#530: Undefined function get_vdef in lib/rrd.php
-issue#531: Issues with TextAlign and Tick graph items
-issue#532: Unreliable scroll height causes issues in Chrome
-issue#533: User settings not cleared after saving profile
-issue#534: Automation issue with AS clause
-issue#538: Unable to rename tree folder
-issue#541: Issues with mobile graph viewing
-issue#555: DSStats SQL insert errors due to data collection issues
-issue#563: Division by zero in removespikes.php
-issue: Fixed rendering issues with HRULE's on graphs
-issue: Update jsTree to 3.3.4 version
-feature: Improved responsiveness UI tables, filters, and menus

1.1.2
-issue#492: Error while adding non data query (cg) graphs
-issue#494: CLI error while importing template
-issue#499: SQL error in graph automation resulting in no graphs on tree
-issue#500: Generic SNMP device package damaged - Unix Ping Host
-issue#505: Log rotation does not work in some cases
-issue#506: Undefined index: cactiStatsDeviceFailedPolls
-issue#507: Nextwork discovery 'export' produces no results
-issue#509: Minor bug with device ownership selection
-feature: Add new legend type that includes Current/Average/Minimum/Maximum
-feature: Update d3.js to latest version 4.7.4

1.1.1
-issue#457: Continued LDAP issues with initial user creation
-issue#461: The function escapeshell arg not appropriate on Windows
-issue#462: LDAP authorization issues: group membership check broken for 'Group Member Type' = 'Username'
-issue#464: Change default batch spike removal limits for standard deviation and variance
-issue#465: Less than sign inside items and labels of graph break graph
-issue#466: Call to member function row() on a non-object in lib/snmpagent.php
-issue#467: Reduce the number of queries in log function
-issue#472: Schema changes to improve performance
-issue#485: When editing a device, the ping status was not always returned
-issue: Back button issues due to syntax problems in JavaScript
-issue: Zoom periodically would loose it's crosshairs after zooming
-issue: Zoom would zoom out into the future even when disabled
-issue: Fixing lite corruption in graph_templates_item table
-feature: Make SpikeKill options more consistent
-feature#459: Add variable date time option to report mail subject
-feature#460: Add external_id to host variables
-feature#469: Change re-index method of Data Query from Device edit
-feature: Support generalized date format approach in the GUI
-feature: Use localStorage over a Cookie for Zoom setting storage
-feature: Fully implement 'Remove Orphans' from Package import process

1.1.0
-issue#337: Generic SNMP OID Graph Template damanged
-issue#338: Extremely slow new graph/DS creation
-issue#353: Broadcast & Multicast Packet counters missing
-issue#376: Structured RRD path permission issues
-issue#389: Manual template based graph creation not working
-issue#407: The RRDfile does not exist message is misleading
-issue#410: Select character data was interpreted as hex by cacti_snmp_walk()
-issue#422: additional issues with LDAP authentication
-issue#424: Automation does not discover devices w/o resolvable hostnames
-issue#427: undefined index TotalVisibleMemorySize on FreeBSD
-issue#432: SpikeKill menu wonky on Paw Theme
-issue#434: password_verify not compatible in php5.4-
-issue#435: urlPath missing from paw theme links
-issue#436: Restricted user does not see graphs in tree view
-issue#443: Allow remote_agent.php through a NAT
-issue#446: No local admin when using multiple LDAP configuration
-issue#447: Creating another non data query graph from same template reuses first data source
-issue#449: exec_poll_php does not flush pipes when using script server
-issue#450: Graph list view - No Graphs Found
-issue: Improve email test exception errors and change default timeout to 10 seconds
-issue: When on links page, breadcrumbs would become corrupted
-issue: When upgrading from any version of Cacti to 1.0.5, SQL's relative to poller_reindex might appear
-issue: Color page performance poor
-issue: The Device dropdown on the Graph View page was unreliable
-issue: Aggregate and non-Device Graphs in list view had not Device or Title description
-issue: Re-engineer back button design to accomocate ajax and native navigation
-issue: Make Graph Template filter wider
-issue: Resolve some visual issues in Classic theme
-feature: Add page refresh API to make page refreshing in Ajax easier to accomplish
-feature: Update fontawesome to version 4.7
-feature: Use fontawesome glyphs for menu items
-feature: Support multiple column sort in table library
-feature: Add glyphs to main Cacti console menu

1.0.6
-issue#386: Allow special characters in graph title
-issue#414: Install Wizard check path for spine
-issue#415: SNMP session handling broken
-issue#418: LDAP create user from template not working

1.0.5
-issue#296: Poller warning for Non-SNMP device
-issue#319: Add default 'High Collection Rate' data source profile to new installs to demonstrate concept of multiple rates
-issue#330: Import templates to non-default Data Profile
-issue#337: Error when try create new graph - SNMP - Generic OID
-issue#342: Infinite loop in poller_automation.php with invalid schedule
-issue#343: Device discovery cannot handle dots in device name
-issue#344: Unable to upgrade to latest Cacti on FreeBSD
-issue#353: Legacy broadcast & multicast packet counters missing in interface.xml
-issue#354: Place on tree dashes / ordering is not correct
-issue#355: Replace table rows with count when using InnoDB tables
-issue#357: If recovery mode runs longer than a polling interval, a second is spawned
-issue#358: Sending test e-mail results in warning
-issue#360: Issue importing cacti.sql with some charsets
-issue#364: Moving graph item causes page render issue
-issue#365: ss_host_disk.php and ss_host_cpu.php should use return
-issue#367: Upgrade chart.js to version 2.5
-issue#368: Issue with device automation ip vs. ip_address
-issue#369: Interface bits/second total Bandwidth wrong CDEF
-issue#375: Drag and Drop of Devices and Graphs allows dropping onto self
-issue#380: Ignores a non-standard SNMP port
-issue#382: When using php5.5+ new users unable to change their password
-issue#384: graph_view.php backtrace errors
-issue#385: Unable to place an aggregate grapn on a subtree
-issue#390: Display graphs from this aggregate icon next to graph not displaying
-issue#392: cdef.php missing sql where for system cdef's
-issue#398: checkbox is not honored when creating tree
-issue#399: External link configuration: Order buttons don't work
-issue#400: SNMP Engine ID (v3) field too short
-issue#401: Graphs -> Apply Automation Rules fails
-issue#404: Success even when test mail fails
-issue#406: HRULE text format special characters not escaped
-issue#408: Suppress SNMP units suffix from cacti_snmp_get() output
-issue: Improve is_ipaddress functions
-issue: Drag & drop showing when disabled on page automation_templates.php
-issue: Output messages displayed incorrectly in automation_templates.php and automation_snmp.php
-issue: Importing template from old Cacti would not show data templates
-issue: Handle snmp error exceptions better
-issue: Update Apache .htaccess files to support multiple version
-issue: When executing a full sync, if the table structured has changed, recreate the remote table
-issue: Multiple domains not working as expected
-feature#197: Add external_id to Cacti for linking Cacti to other monitoring systems
-feature#332: Support copy user groups
-feature: Log proper IP address if logging in behind a NAT
-feature: New qquery parsing rules: VALUE/TEST, VALUE/TABLE, VALUE/HEX2IP

1.0.4
-feature: Javascript: make menu movement smooth and use localStorage
-feature: Added cacti_snmp_get_raw() for plugin developers
-issue#288: Function cacti_snmp_get bad handling of wierd value into snmp_value
-issue#298: Graph generation issue with SNMP - Bits/Sec + Total Bandwith
-issue#301: Unresolvable DNS hostname causing backtraces
-issue#302: spikekill memory leak
-issue#303: Error when creating tree items with "&" in the name
-issue#307: Aggregate graph gives CMDPHP errors
-issue#308: UI resize issue
-issue#309: Show "Save Successful" notification permanently
-issue#311: Graph thumbnail settings in profile setting does not work
-issue#320: Users can not change their own password
-issue#324: Aggregate template graph template JavaScript error
-issue#352: Add configurable auto-logout and page-reload options
-issue#329: Customize the favicon
-issue#334: primary key on poller output boost table not efficient/not being used correctly
-issue: Fixed issues with Dark theme
-issue: Fixed issues with Paw theme
-issue: Fix timespan calculation
-issue: Added misplaced join condition when generating RRDtool graphs
-issue: Fix the selection of timestan based on local_graph_id and rra_id
-issue: Correct error in discovery not adding devices
-issue: Action message did not always display
-issue: fix regex to use Domains like www.t-online.de
-issue: Properly align Order columns.
-issue: address renaming issues with tree items.
-issue: Add device snmp --version is ambiguous
-issue: SNMP Availability failed to report down devices - This only was occuring for cmd.php collector.
-issue: i18n remove embedded HTML syntax
-issue: Wrap menu items to avoid scrolling

1.0.3
-issue#297: Upgrade 0.8.8h to 1.0.0 fails to create poller_output_boost table
-issue: Added missing template import hash for 1.0.2

1.0.2
-issue#279: Correct Boost Status display issue
-issue#275: Permission View issue and Device Dropdown when in Classic Theme
-issue#270: Major Mib Cache corruption.  Rebuild your MIB Cache after upgrading
-issue: Resolve Cacti logo on Graphs page in Classic Theme

1.0.1
-feature: SpikeKill allows filling range to last known good value
-issue#261: Add IPv4 and IPv6 Specific Counters to interfaces.xml
-issue#257: Poller Output Table not Empty WARNING messages in cacti.log
-issue#256: New Graph - Add Graph Items Fails (Data Sources shows None)
-issue#255: Errors Creating new Graphs - Undefined Index Errors
-issue#254: Unable to Properly add Data Source
-issue#251: Remote Data Collector stuck on upgrade page
-issue#247: Devices missing from tree device list
-issue#245: Drag and Drop in Tree Edit Erratic
-issue#243: SMTP Ping Failure with not SNMP Authentication
-issue#241: Authentication Method: None not functional
-issue#240: SQL error when install plugin
-issue#238: Duplicate color id's cause error during Upgrade
-issue#231: SNMPv3 - PHP ERROR WARNING: Fatal error: Unknown user name in file
-issue: Resolving visual issues with row counts.
-issue: When deleting Graphs prevent the removal of Data Sources that are still in use
-issue: Improve SNMP agent performance through SQL optimizations

1.0.0
-feature: Support for remote data collectors
-feature: Support Internationalization (i18n) for the main Cacti site, and supported plugins
-feature: Data Source Profiles replace RRA settings allowing a single system to have multiple polling intervals
-feature: Redesigned Tree page including Drag & Drop functionality
-feature: New Graph Permissions system designed to make permissions simple to manage
-feature: Add Themes 'Classic', 'Modern', 'Dark', and 'Paw'
-feature: Debug Data Sources by comparing them to the Data Template
-feature: New special Data Source type to detect the poller interval
-feature: Bulk inserts in PHP poller to address latency issues
-feature: Optimize data collection through in memory caching giving a 50% reduction in polling times when dealing with large sites
-feature: Support RRDtool VDEFs
-feature: Support new Graph Items: AREA:STACK, GPRINT:AVERAGE, GPRINT:LAST, GPRINT:MAX, GPRINT:MIN, LINE:STACK, TEXTALIGN, TICK
-feature: Support RRDtool features: Right Axis Support, Dynamic Labels, Tab Width, Legend Position, Legend Direction
-feature; Resizeable table columns
-feature: Deprecated Single Pane Tree View
-feature: Role Based Access Control (RBAC)
-feature: Support User Group Permissions
-feature: Show number of in use Graphs, Data Sources, and Devices for a given Template
-feature: Support bulk re-sync of graphs to assigned Graph Template
-feature: Bulk Device Settings changes
-feature: CDEFs, Colors, GPrint Presets consolidated to Presets menu
-feature: Authentication cookies for 'remember me' functionality
-feature: Automatic logout after session inactivity
-feature: Replace Boost server in favor of RRDtool Proxy
-feature: Graph Details include CSV output, zoom, debug, and download links
-feature: Graph Export moved to a plugin
-feature: User change password functionality
-feature: Automation added to core functionality through the merge of the Discovery and AutoM8 plugins
-feature: Change interface graphs from 32 bit to 64 bit with ease
-feature: Plugins now have hooks in device templates and automation
-feature: Allow users to preview template imports to determine if there will be issues from importing
-feature: Automatic removal of orphaned graph items when importing newer versions of graph templates
-feature: Support for MySQL 5.7
-feature: Support for PHP 7.0
-feature: Merge Aggregate Plugin - Aggregate graph creation
-feature: Merge AutoM8 Plugin - Automation of graph creation
-feature: Merge Boost Plugin - Faster polling, result caching, on-demand RRDtool file updates
-feature: Merge CLog Plugin - View Cacti logs
-feature: Merge Discovery Plugin - Device discovery
-feature: Merge Domains Plugin - Support for domain (ADS/LDAP) specific user templates
-feature: Merge DSStats Plugin - Cache Data Source values for easy retrieval
-feature: Merge Logrotate Plugin - Rotate Cacti logs
-feature: Merge Realtime Plugin - Realtime graph viewing
-feature: Merge Reporting (Nectar) Plugin - Reporting
-feature: Merge RRDclean Plugin - RRD file cleanup and management
-feature: Merge Secpass Plugin - User password policy enforcement
-feature: Merge Settings Plugin - Shared settings for plugins
-feature: Merge SNMP Agent Plugin - SNMP Agent for Cacti providing system statistics
-feature: Merge SpikeKill Plugin - Remove unwanted spikes from graphs
-feature: Merge SSL Plugin - Force https
-feature: Merge SuperLinks Plugin - Add external links within Cacti
-feature: Merge UGroup Plugin - User groups with permissions
-feature: Merge Watermark Plugin - Watermark your Cacti graphs
-bug: Fixed issue where old graph templates (0.8.6-), could import bogus data causing issues with Data Input Methods
-bug#0000168: Duplicate data sources should be avoided when creating new graphs
-bug#0000851: Review an imported template
-bug#0001155: When viewing graph tree do not show empty nodes
-bug#0001337: Form to filter for graphs in host view mode
-bug#0001552: Date ranges not shown on graphs in the view with Daily, Weekly, Monthly & Yearly graphs
-bug#0001573: RRA templates/grouping
-bug#0001577: Override session handling and store session in Database
-bug#0001790: Allow for XML delimiter in fields of a script query
-bug#0001820: Unable to use a Data Input Method Output Field in more than one Data Source Item
-bug#0001827: Changing the graph template messes up the graph item fields
-bug#0001836: Add mysql error message to log
-bug#0001877: Cookies path is not properly set
-bug#0001966: Expand Devices in tree view not honored
-bug#0001970: Data query index order cache should be populated on re-index
-bug#0001981: Cacti is not full UTF-8
-bug#0001986: CLI allow add_graphs.php to have multiples --snmp-field and --snmp-value options
-bug#0001996: Allow using data input field in graph title
-bug#0002096: Enumerated SNMP values not parsed correctly
-bug#0002112: CLI add configurable parameters for device_add.php
-bug#0002133: Restrict User to only manage specific device(s)
-bug#0002135: Regular expression support for filter
-bug#0002137: Data query oid_suffix parameter does not function
-bug#0002159: Database creation file not fully compliant with strict SQL mode
-bug#0002162: Unable to authenticate user with password containing UTF-8
-bug#0002196: Incorrect script server instance number in log
-bug#0002225: Make -Cc SNMP option configurable
-bug#0002255: Script query_unix_partitions.pl should only query local mounts
-bug#0002336: Implement php-snmp class library
-bug#0002340: Data query script execution should be escaped
-bug#0002350: SNMP Data Query index_order ignored
-bug#0002351: Ping does not work with non-English locale
-bug#0002361: Spine does not log unknowns the same way cmd.php
-bug#0002362: Poller cmd.php makes wrong hex-string to decimal conversion
-bug#0002370: Cacti prints wrong date formats, does not honor a systems locale
-bug#0002403: Typo in DELETE statement leading to poor graphing performance
-bug#0002412: Graph Template duplication causes \t to be converted to TAB char
-bug#0002418: Data Source Items named 'ds' break UI ability to add more items
-bug#0002419: SNMP enum results not parsed correctly by cmd.php poller
-bug#0002452: CVE-2014-4000 PHP Object Injection Vulnerabilities
-bug#0002454: OS Command Injection
-bug#0002468: Changing graph format to anything but PNG causes no output
-bug#0002476: Add support for SNMP v3 EngineID
-bug#0002483: Cisco ASA using Re-index method of verify all causes recache event every time
-bug#0002484: Incorrect SQL request in cli script repair_database.php
-bug#0002521: Unable to create two devices via CLI with the same IP-Address
-bug#0002522: Zero padded hex strings are parsed incorrectly
-bug#0002535: Graph Template Changes not updating RRDtool command
-bug#0002636: Creating Data Template with "U" for min and max saves field data_input_field_id as 0 for first item
-bug#0002697: CVE-2016-2313 allows remote authenticated users who use web authentication to bypass intended access
-bug#0002698: When the host is down the wrong data type are used for some columns in the host table
-bug#0002723: Renaming a disabled device still attempts to connect and get SNMP host information
-bug#0002724: Multipage graphs the menu can disappear
-bug#0002725: Changing graph template does not mark correct interfaces disabled on data query generated list

0.8.8h
-bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access (regression)
-bug:0002667: Cacti SQL Injection Vulnerability
-bug:0002666: When click the [Clear] button after clicking the [Refresh] button in Preview Mode , fails to CSRFcheck
-bug:0002673: CVE-2016-3659 - Cacti graph_view.php SQL Injection Vulnerability
-bug:0002676: Outdated MIBs for non-unicast packets
-bug:0002677: Index is a MySQL 5.6 reserved word
-bug:0002681: generate_graph_def_name() generates reserved word "cf"

0.8.8g
-bug:0002161: Graph management "graph()" function conflicts with graphviz PECL extension graph()
-bug:0002320: Unable to delete more than 500 graphs at once
-bug:0002591: graph_view.php - unable to advance to Next Page in Tree View
-bug:0002608: cacti 0.8.8f - Data Templates - Poller/script issue with backslash
-bug:0002618: bug/syntax error in html_utility.php
-bug:0002616: cdef.php -- Extra php closing tag
-bug:0002617: PHP Warning is thrown when trying to include auth_login.php
-bug:0002623: log warning display wrong time_interval
-bug:0002627: Graph tree doesn't work in Internet Explorer
-bug:0002601: graphs_new.php query not sorted as per definition xml:index_order
-bug:0002625: Plugins don't display the next page
-bug:0002631: RRDtool export not XML compliant - results in empty CSV exports
-bug:0002622: graph_view.php -- Navigation and Content Areas are not visible in Tree Mode
-bug:0002626: Unable to add two users in a row - Notice: Undefined index: id
-bug:0002620: Unable to copy user
-bug:0002618: bug/syntax error in html_utility.php
-bug:0002646: SQL injection in graph.php
-bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access
-bug:0002647: 0.8.8g rev 7767 Can add cacti devices to graph tree "Save Failed"
-bug:0002652: CVE-2015-8604: SQL injection in graphs_new.php
-bug:0002655: CVE-2015-8377: SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php
-bug:0002629: Cacti lacks tab icons in chrome from android
-bug:0002619: Fix incorrect placement of htmlspecialchars() in tree.php
-bug:0002642: ping.pl does not take into account host port numbers
-bug:0002567: RRDtool 1.5.x Support
-bug:0002269: |query_ifSpeed| in --upper-limit for graph template does not work with empty ifSpee

0.8.8f
-bug:0002599: 0.8.8e Poller Script Parser is Broken
-bug:0002600: cli/upgrade_database.php is missing releases
-bug:0002603: Graph managment graphs.php save button does not work
-bug:0002599: Poller Script Parser is Broken

0.8.8e
-bug: Fixed issue with graph zooming failing to work
-bug: Fixed various SQL Injection vectors
-bug#0002569: Impossible to have a URL pointing directly to a graph
-bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
-bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
-bug#0002579: SQL Injection Vulnerabilities in data sources
-bug#0002580: SQL Injection in cdef.php
-bug#0002582: SQL Injection in data_templates.php
-bug#0002583: SQL Injection in graph_templates.php
-bug#0002584: SQL Injection in host_templates.php
-bug#0002586: Cannot delete data sources from the GUI
-bug#0002592: graph_view.php - viewing host in new tab - Undefined index: nodeid
-bug#0002594: status_fail_date and status_rec_date are set incorrectly after host is marked down
-bug#0002597: Incorrect value in Hosts column on Host Templates page
-bug#0002598: Incorrect row number in Devices -> (Edit) page

0.8.8d
-feature: Remove un-needed fonts and javascript files
-bug: Fixed XSS VN: JVN#78187936 / TN:JPCERT#98968540
-bug#0002261: PHP 5.4.0 added new error_reporting variable, causing cacti to show errors
-bug#0002391: Odd Behaviour on ReIndex of Data Query Data
-bug#0002393: Broken thumbnail images for graph templates
-bug#0002402: Subtree must not have the same header as the parent header
-bug#0002474: CLI add_device.php dows not set availability_method correctly
-bug#0002449: The Save button does not work: Invalid html on page Console -> Cacti Settings: empty form tag
-bug#0002428: Fail to delete all data input items when removing more than 1000 data sources
-bug#0002439: Password with special character don't work with LDAP authentication
-bug#0002461: invalid bn with ldap and anonymous bind
-bug#0002465: Graph Export return empty CSV file
-bug#0002484: Incorrect SQL request in cli script repair_database.php
-bug#0002485: Broken pagenation on graph viewing
-bug#0002489: SNMP - Get Mounted Partitions using Re-index method of Index Count Changed causes recache event every time
-bug#0002490: Can not select page for multiple datasources per device
-bug#0002494: CSV export always shows last day
-bug#0002504: Data template search not functional
-bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification
-bug#0002543: Unable to switch pages within graphs_new.php due to invalid URL generation
-bug#0002544: Duplicate entry in $nav_url during list view
-bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342
-bug#0002572: SQL injection in graph templates CVE-2015-4454

0.8.8c
-bug#0002228: GPL incompatible files included in Cacti project in include/treeview
-bug#0002383: Sanitize the step and id variables CVE-2013-5588, CVE-2013-5589
-bug#0002385: Cannot export host templates while including dependencies
-bug#0002386: cli/upgrade_database.php is missing the last two releases
-bug#0002390: Poller/script issue with slash and backslash
-bug#0002405: SQL injection in graph_xport.php
-bug#0002431: CVE-2014-2326 Unspecified HTML Injection Vulnerability
-bug#0002432: CVE-2014-2327 Cross Site Request Forgery Vulnerability - Special Thanks to Deutsche Telekom CERT
-bug#0002433: CVE-2014-2328 Unspecified Remote Command Execution Vulnerability
-bug#0002434: Suppress SNMP UNITS Suffix from cacti_snmp_get() output
-bug#0002438: Down Host Detection issue when using SNMP Desc or SNMP getNext
-bug#0002446: Subtract plugin processing time from Poller sleep time
-bug#0002453: CVE-2014-4002 Cross-Site Scripting Vulnerability - Special Thanks to G. Geshev (munmap)
-bug#0002455: Incomplete and incorrect input parsing leads to remote code execution and SQL injection attack scenarios
-bug#0002456: CVE-2014-5025 / CVE-2014-5026 - Cross-Site Scripting Vulnerability - Special Thanks to Adan Alvarez and Paul Gevers
-bug#0002495: Graph Filter Date Range
-bug: Fix COMMENT handling, even in case COMMENT is empty, with or without HR and with variable substitution
-bug: Fix issues when SNMP data holds a "="; "explode" must be treated accordingly
-bug: Fix filter highlighting on data sources for the data template field
-bug: correct description of SNMP V3 parameters
-feature: Added native jquery, jqueryui, and jstree
-feature: Fixed issues with 'Clear' under preview not working
-feature: Added new Tree navigation
-feature: Added Columns and Thumbnails to Preview
-feature: Added Columns to Tree (Preview only)
-feature: Both Graphs and Columns default to 'Default'
-feature: Resolved Left hand navigation taking entire page
-feature: Added new graph zoom to tree view and preview offering a "quick" (default) and an "advanced" mode

0.8.8b
-bug: Fixed issue with custom data source information being lost when saved from edit
-bug: Repopulate the poller cache on new installations
-bug: Fix issue with poller not escaping the script query path correctly
-bug: Allow snmpv3 priv proto none
-bug: Fix issue where host activate may flush the entire poller item cache
-security: SQL injection and shell escaping issues

0.8.8a
-bug#0002207: cannot export graph templates
-bug#0002208: Graphs with CDEFs fail to generate
-bug#0002209: External auth does not work behind a reverse proxy
-bug#0002211: creating an index USING BTREE fails ony MySQL < 5.0.60
-bug#0002213: CLI upgrade script is missing 0.8.7i as a target
-bug#0002214: SQL error during non-PIA upgrade to 088 when giving a default for a text field in plugin_realms
-bug#0002216: use of define_syslog_variables() gone in PHP 5.4
-bug#0002217: url_path should default to /cacti/
-bug#0002221: Missing plugin directory causes endless loop in plugins.php
-bug#0002222: tail_logfile hangs when cacti.log not readable, filling apache log with fgets warnings

0.8.8
-bug#0002056: un-initialized datetime used for host status (was: Zero length string != NULL)
-bug#0002081: In Graph Management, search display graph title breaks when using pattern symbol "/"
-bug#0002132: need to include pa.sql with the 0.8.7i and future releases
-bug#0002134: rebuild_poller_cache.php --host-id deletes table poller_item completely
-bug#0002141: cacti.sql missing BTREE PRIMARY KEY for poller_output
-bug#0002146: Utilities -> View Log File -> refresh does not work
-bug#0002150: usort_data_query_index() is broken -> graph order for hosts with data query sort option fails
-bug#0002151: When building HTML forms with sub_checkbox on_change parameter is not used
-bug#0002152: Issue with filter on graphs_new.php
-bug#0002153: Cant search for patterns containing a forward-slash
-bug#0002156: CDEF strings are not escaped before passed to rrdtool command
-bug#0002158: Minor changes to grammar of displayed messages
-bug#0002165: Using data input field in data source name (related to 2079 in 0.8.7i)
-bug#0002167: New poller hook poller_finishing
-bug#0002172: structure_rra_paths.php does not handle disabled data sources
-bug#0002174: poller_item.host_id has wrong type
-bug#0002178: typo in include/global_form.php: Mimimum -> Minimum
-bug#0002181: session_unregister (use in functions.php) doesn't exist anymore in PHP 5.4
-bug#0002182: When there is no suitable (unique) index, graphs are not shown in data query ordering on host leafs
-bug#0002189: Proper graph hooks
-bug#0002191: Refresh issues
-bug#0002194: changing data query XML <index_order> does not propagate to existing data sources
-bug: Fix input validation on cli/api_device.php
-bug: Fix issue with data source template associate command line script inserting incorrect rra information
-bug: Fix minor display issue on data source pages
-bug: Fix minor issue with counting items in the poller_output table
-bug: Graph settings and settings check boxes do not allow unchecking to be saved
-bug: Fix minor issue with plugin library caused by non-session
-bug: Fix SQL error on data input save for non-templated graphs
-bug: user_log index added to increase performance
-feature: Merge Plugin Architecture into Cacti
-feature: Added index to data_template_data to increase performance

0.8.7i
-bug#0001963: Bandwidth summation "total in" and "total out" are always 0
-bug#0002040: ICMP ping errors for Windows 7 with PHP 5.3
-bug#0002062: Multiple security vulnerabilities
-bug#0002063: Multiple value poller output incorrectly interpreted as hexadecimal value
-bug#0002064: Removing "~" (tilde) by sanitize_uri() conflicts with Apache UserDir translation
-bug#0002066: Graph without host id "Notice: Undefined variable: host_id"
-bug#0002067: Custom time range filter not working
-bug#0002068: Missing header include in analyze_database.php
-bug#0002071: MySQL table poller_item is dropped always when "Data Input Method" is changed or added.
-bug#0002079: Using input field of a script in graph title does not work
-bug#0002080: Database password containing "@" does not connect
-bug#0002083: Adding a new users generates errors in apache logs
-bug#0002084: Incorrect normalization of hrStorageTable values over 2^31
-bug#0002086: Incorrect usage of mysql custom tcp port
-bug#0002087: PHP recache problems due to missing slashes in reindex table
-bug#0002093: Unit exponent value of 0 not imported with graph template
-bug#0002094: CDEF: "another cdef" references not included in template export
-bug#0002106: Command line add device does not accept "None" for host template
-bug: Update host template cli script help to fix incorrect options
-bug: Refresh of Cacti log viewer not working
-bug: Problems saving User Graph Permissions in IE9
-bug: Bandwidth summation fails if NAN values are present
-bug: Special Type Code "host_id" available in Data Queries by Not Data Input Methods
-bug: Do not generate error messages when creating non host based graphs
-bug: Wrong index used for Data Queries using VALUE/REGEXP
-bug: Fix issue with title variable replacement failing when no host is associated with graph
-bug: Cacti generating MySQL 1100 Errors when modifying the tree
-bug: Resolved "Fatal error: Cannot use string offset as an array" in lib/data_query.php
-feature: Properly support ifHighSpeed replacement variable
-feature: Increase granularity of availability options to correct spine bug
-feature: Replace "event count" with last changed date for host availability

0.8.7h
-bug#0001403: Reapply Suggested Names does not work correctly for graphs and data sources not associated with Data Queries
-bug#0001568: Remove PHP 5.3 deprecated functions
-bug#0001584: Concurrent changes to graph tree ordering can corrupt sort values
-bug#0001626: Symbol ($) does not appear in labels/gprint strings to rrdtool during graph generation
-bug#0001632: Script server treats quoted arguments with spaces incorrectly as multiple separate arguments
-bug#0001646: MySQL SSL connection support
-bug#0001660: Modifying data template values does not propagate as expected
-bug#0001678: Adding graphs to a device fails to add entries to poller_item if using the script server
-bug#0001768: Perform consistency check on ds maximum vs. ds minimum
-bug#0001783: Graph Export export date is incorrect
-bug#0001812: Data template copying ignores some item templating
-bug#0001814: Command line device add script fails when SNMP default is disabled
-bug#0001815: One minute polling not working correctly
-bug#0001816: Cannot export graph data to CSV with IE 8
-bug#0001819: MySQL "TYPE=" command deprecated since MySQL 4.1 removed in MySQL 5.4.4
-bug#0001826: Zoomed graph views should auto refresh
-bug#0001828: Reapply Suggested Name prompt as spelling problems
-bug#0001835: Graph edit page has more than one html form tag
-bug#0001847: Graph export API function has required argument not defined
-bug#0001851: Graph creation selector does not work with data query that has no associated graph templates
-bug#0001855: Improper formatting of data queries can result in SQL errors
-bug#0001862: Ping script does not process output of update ping utility
-bug#0001867: RRDtool Cacti fetch function does not work for some locales
-bug#0001876: PHP function strip_quotes causes HEX values to be truncated
-bug#0001880: Form validation error message does not highlight text area control
-bug#0001882: Cacti snmp_walk function fails if max_oids is an empty value
-bug#0001890: Default tree view mode set to single pane mode not working
-bug#0001893: Data input method description text does not make sense
-bug#0001900: Equal sign not correctly parsed in snmp data results
-bug#0001903: Undefined variable: mode in lib/ldap.php on line 375
-bug#0001918: Script server does not accept more than one blank space before the function name
-bug#0001926: Importing templates "using defaults for this installation" associates all rra's defined
-bug#0001928: graph_image.php does not check local_graph_id
-bug#0001929: Error when exporting templates are not properly reported
-bug#0001930: No error reporting for wrong RRA
-bug#0001934: Poller does not process SIGTERM signal correctly
-bug#0001936: Removing multiple data sources is inefficient
-bug#0001937: Technical support page uses check table which waits for table lock
-bug#0001939: Do not query for number or items per host if concurrent polling processes is set to one
-bug#0001954: Usage of PHP_SELF without basename in html.php (at least partly fixed)
-bug#0001956: Attempts to update existing tree item fail
-bug#0001967: Reflected XSS on Cacti 0.8.7g
-bug#0001989: IE9 breaks Cacti when objects are hidden using 'display:none;' style tag
-bug#0001993: Undefined index in lib/html.php
-bug#0001995: REQUEST_URI not properly escaped in graph_view.php for preview mode
-bug#0002005: Saving Script Server or Script Data Input Method Results in SQL Error
-bug#0002060: NAN values in hdd utilisation graphs (Poller Output Table not Empty)
-bug: Fix SQL injection issues in login page
-bug: RRDtool fetch in Cacti fails to function properly on rrdtool files with NaN values in the output
-bug: Accept "Connection refused" on TCP ping tests
-bug: Add missing row selection javascript to graph preview
-bug: Script server throws "undefined variable" error when in debug mode
-bug: Removing graphs does not take advantage of bulk deletes
-bug: Fixed issue with multiple "U" results for a data input method with multiple output parameters
-bug: SNMP v3 use AuthNoPriv when privacy passphrase is empty
-bug: Fixed sql errors when using template and search filter on graph management
-bug: Delete Data Source multi fails to perform bulk deletes on Data Source items
-bug: Allow Timespan Selector to work with $_REQUEST as well as $_POST
-bug: While in the mrtg view of Cacti Graphs, or in viewing graph properties zoom fails
-bug: The filepath api call should trim the filename before checking for the files existance
-bug: Fix issues with IE9 while editing templates
-bug: Form action in graph_items.php incorrect
-bug: Initial drawing of tree causing Next/Previous with malformed URI
-feature#0001519: Spine enhancement for parallel collection of data at device level
-feature#0001667: Get values of |host_*| variables in graph elements from data source
-feature#0001922: Reindex method "Index Count Changed" requires that OID_NUM_INDEXES is given for SNMP Data Queries
-feature#0001923: Implement counting for script (server) data queries just like OID_NUM_INDEXES
-feature#0001924: Allow for reindex method "Index Count Changed" to apply to script (server) queries as well
-feature#0001952: Ability to use input field of a script in graph title
-feature: Make reindexing and repopulating the poller cache a lossless process
-feature: Change default font sizes
-feature: Add analyze database and push out host cli scripts

0.8.7g
-bug: RRDtool 1.4.x not recognized during installation
-bug: Implement windows-aware shell escaping
-bug: Fixed multiple cross site scripting vulnerabilities reported by Tomas Hoger of the Red Hat Security Response Team
-bug#0001292: Over 8TByte Partition in Windows cant get correct data from snmp
-bug#0001486: Unable to login after redirection to access denied page
-bug#0001516: "Show the page that user pointed their browser" does not seem to work
-bug#0001561: Over zelous HTML excaping on filter strings
-bug#0001575: LDAP-Authentifications does not work due to ldap_host being set incorrect
-bug#0001587: Feature from bug#0001271 breaks on large values
-bug#0001607: Web Basic authentication does not work with fastcgi
-bug#0001620: Max OID's max value reported incorrectly in Web UI
-bug#0001747: oid_suffix do not work correctly for input direction on data queries
-bug#0001756: Alternate font styles do not work correctly
-bug#0001757: LDAP realm authentication outputs warning for undefined index
-bug#0001763: Unable to add graph permissions on a user
-bug#0001765: Tech support does not work correctly with RRDtool 1.4.x
-bug#0001766: Page refresh setting not being honored
-bug#0001771: "index count changed" not implemented for query_unix_partitions.pl, query_host_partitions.pl, query_cpu_partitions.pl, ss_host_cpu.php and ss_host_disk.php
-bug#0001773: Character encoding problem after upgrade to 0.8.7f
-bug#0001775: Tech support page does account for no memory limit set for PHP
-bug#0001776: Simultaneous databases connections are not supported

0.8.7f
-security: SQL injection and shell escaping issues reported by Bonsai Information Security (http://www.bonsai-sec.com)
-security: Cross-site scripting issues reported by VUPEN Security (http://www.vupen.com)
-security: MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability (http://php-security.org)
-bug#0001125: XML parse error on template import with degree symbol
-bug#0001311: Access denied for graph-only users when accessing index.php directly
-bug#0001366: Exported data templates do not import special characters properly
-bug#0001416: Graph Export fails with EXPORT FATAL ERROR: Export path /some/path/root/export is within a system path /root. Can not continue.
-bug#0001452: Missing "<" and ">" in "Collection Methods=>Data Input Methods=>"Input String" after importing template
-bug#0001461: Data query export/import fails
-bug#0001492: RRDtool 1.3 series fonts (fontconfig) support
-bug#0001506: Reindexing fails due to global include issue in lib/snmp.php
-bug#0001522: Special characters break parsing of template data
-bug#0001524: Export graphs and Classical Presentation does not honor per graph export rules
-bug#0001528: ICMP Ping availabilty broken in UI for Windows Servers using IIS
-bug#0001535: No display of parent ID in tree nodes for CLI tree add script
-bug#0001543: All graphs are exported dispite graph export rules
-bug#0001549: Function array_to_sql_or creates poor sql where clauses
-bug#0001557: Quotes in Text Format graph template field break graph rendering
-bug#0001587: 64bit HEX Strings do not convert to Decimal on 32bit Systems
-bug#0001604: HEX Counter values enclosed in quotes not recognized as HEX
-bug#0001609: Script server timeout too aggressive with 10 second poller interval
-bug#0001628: Inconsistent message for Change SNMP Options related to available buttons
-bug#0001695: Suppress deprecated warnings in Cacti code
-bug#0001725: PHP Fatal Error while trying to add a tree node via cli
-bug: When creating new graphs without a data source, print error to user instead of throwing php error
-bug: Browser query string does not contain arguments
-bug: Function inject_form_variables does not operate if more than 1 variable needs replacing
-bug: Script imposed memory limits cause issues with some scripts
-bug: Turn off process leveling if there are not enough poller items to substantiate it
-bug: Add device should allow no-snmp type devices
-bug: Firefox Autocomplete causes issues with password validation
-bug: Access Denied messages do not allow re-direction to login page
-bug: When clearing filter on new-graphs do not clear host or template
-bug: When clearing filter, reset page to 1 for all queries
-bug: Graph List selectors do not persist between pages
-bug: allow empty [upper|lower]_limit even without autoscaling
-bug: Availability method Ping or SNMP generates meaningless warnings
-feature: Add logging to SQL Save error handling
-feature: Add utility to convert database to InnoDB
-feature: Return nav as the title for the page
-feature: Detect and correct for RRDtool segfaults
-feature: Add rra_id for hosts and graphs to be used during tree export
-feature: Make the Graphs pages render like the rest of Cacti
-feature: Convert base Cacti UI to use buttons and not images
-feature: Make poller sane so that it can be used by other cacti processes
-feature: Add snmp timeout warnings for lib/snmp.php

0.8.7e
-bug#0001044: Creating a DS, Output field can't be selected for DT with a DIM when "Use Per-Data Source Value" is on
-bug#0001341: SNMP query: add oid_suffix for weird SNMP queries
-bug#0001345: Overwriting $snmp_index in query_snmp_host() breaks SNMP Data query if using get method
-bug#0001346: Strip out noisy 'No Such Instance currently exists at this OID'
-bug#0001404: timeout in "function ping_icmp" (lib/ping.php)
-bug#0001405: Spaces in DS when .rrd file is created, so it fails
-bug#0001407: Place graph thumbnail into div to lower page length changes on load graphs
-bug#0001410: Thumbnail Columns is not honored for host display with snmp index group style
-bug#0001411: Graph searching issue
-bug#0001413: strip_quotes fails
-bug#0001426: multiple form opening due to bug in draw_edit_form()
-bug#0001436: CSV Export Start Date and End Date are always 1970-01-01 01:00:00
-bug#0001443: format_snmp_string can return a number with a leading space
-bug#0001446: Wrong dates override in CSV export
-bug#0001456: oid_uptime is not parsed correctly
-bug#0001460: Skiping input parameters in data_query_field_list() may lead to SQL errors
-bug#0001464: Typo in install/index.php
-bug#0001467: Customisable oid index parse regexp for weird MIBs
-bug#0001468: Tree is not expanded correctly
-bug#0001469: Tree is not being expanded if user followed link outside of cacti
-bug#0001476: Mark stacked columns in rrdtool_function_xport() output
-bug#0001477: Spelling error in a variable in html_tree.php
-bug#0001478: Combo boxes on Graph Management page produce URLs with leading spaces
-bug: Top Graph Header Breaks When Plugins Used
-bug: SNMP v3 Password issue caused by Firefox's Password AutoFill
-bug: Strip Quotes does not properly handle the value 'U'
-bug: Changes to the graph tree would not show up immediately for current user

0.8.7d
-bug#0001336: Allow to specify on_change handler for checkbox_group
-bug#0001338: When Using Web Basic Authentication HTML Bookmarks Do Not Work
-bug#0001388: Spine uses illegal flag for ping on Mac OS X
-bug#0001351: Deleting 1000 graphs along with their Data Sources crashes the Server
-bug#0001361: SNMP query: 'No more variables left in this MIB View' instead of value of input field
-bug#0001374: ss_host_disk.php etc. error corrected when using SNMP V3 (index off by 1)
-bug#0001376: graph_items.php variable $id defined in wrong place
-bug#0001377: Several bugs in new cli script "structured_rra_paths"
-bug#0001378: ping.pl script fails when using tcp:hostname
-bug#0001382: cdef.php error due to wrong function name
-bug#0001383: syntax error in lib/rrd.php with PHP 4.4.4
-bug#0001384: utilities.php does not handle view_snmp_cache when host_id = -1 (Any)
-bug#0001385: LDAP Error: Group DN could not be found
-bug#0001391: parsing snmp string with "=" ?? --> WARNING: Result from SNMP not valid
-bug#0001392: Problem on CDEF function ALL|SIMILAR_DATA_SOURCES_(NO)?DUPS
-bug#0001394: Error of variable in lib/html_tree.php
-bug#0001398: Cross site scripting checking is overly protective on search filters
-bug#0001400: LDAP authentication results in PHP warning message
-bug: Resolved issue with reapply suggested names not working for data sources under certain conditions
-bug: Correct missing db_conn argument issue
-bug: Deleting large number of hosts results in SQL errors due to MySQL buffer overrun
-feature: SNMP cli version information added to tech support page

0.8.7c
-bug#0000157: Dual pane tree does not have the option of not rendering all trees in one page
-bug#0000486: RRA template edit allows invalid XFF values
-bug#0000626: Setting "Default Graph Tree" does not work with dual pane view
-bug#0000828: Truncated IOS description in |query_ifAlias|
-bug#0000909: ALL_DATA_SOURCES_NODUPS breaks graphing when using "Consolidation Function" MAX
-bug#0000943: scripts/ping.pl has incorrect response when "icmp hop redirect" occurs
-bug#0000948: Exporting graphs to a local path does not work correctly in some cases
-bug#0000986: Graphs that are done by graph type are not exported when using the tree view
-bug#0001022: strip_quotes incorrectly parses script output
-bug#0001090: LDAP authentication fails when using quote character in password
-bug#0001135: Graph export feature not exporting as per user level selected
-bug#0001136: Regex ambiguous for mbstring
-bug#0001138: Lack of error checking causes graphs to not update when rrdtool crashes
-bug#0001141: Script server appears broken for "index" and "query" requests (Documentation Fix)
-bug#0001145: Save Failed error when changing Graph Details
-bug#0001153: Undefined variable: local_graph_id in graphs.php on line 201
-bug#0001166: Installer does not properly handle disabled guest_user conversion
-bug#0001174: Unidentified index warning
-bug#0001175: Hide hosts in Graph Permissions that you already have access to
-bug#0001176: Problem validating IPv6 addresses
-bug#0001188: Graph export issues in tree mode
-bug#0001191: Faulty IP address validation by ping.php script
-bug#0001180: Graph Export to CSV failed by using IE 6 SP2
-bug#0001194: RRDtool URL is incorrect on the about page
-bug#0001204: Since upgrade to 0.87b the hosts with ip address with 255 are down and have no datas
-bug#0001206: Graphs are not zoom-able with PHP warnings turned on
-bug#0001211: Allow use of "REMOTE_USER" if "PHP_AUTH_USER" is not set for authentication
-bug#0001213: Template Copy does not hash copied template_items
-bug#0001215: Impossible to define a none availability with the client cli/add_device.php
-bug#0001216: CSV Export for zoomed graph, results in Validation error
-bug#0001217: Default Graph Tree is not reflected in Left Pane of the graph page
-bug#0001223: Missing Hard return on last GPRINT causes bad formatting
-bug#0001228: LDAP server port not honored
-bug#0001230: Poller stops updating rrd files
-bug#0001236: Set 'stats_recache' to zero when no re-index is present
-bug#0001238: Guest user has access to change password
-bug#0001239: Using the TOTAL_ALL_DATA_SOURCES in a graph where all item are using the MAX CF yields an invalid(empty) CDEF
-bug#0001240: SNMP string cleanup removes too many '=' signs
-bug#0001244: Missing closing </form> on host.php
-bug#0001247: Snmp ping won't work for snmp v3
-bug#0001256: Spine-poller.c : Bug in size string sysUptime
-bug#0001258: "Remove Verification" is an ambiguous definition, leads to data loss
-bug#0001259: LDAP Authentication using Solaris 10 standard ldap client fails
-bug#0001262: Do not allow deletion of Graph Export User
-bug#0001264: CDEFs can't recognize |query_*|
-bug#0001268: resource/snmp_queries/net-snmp_disk.xml has incorrect name for "Percent Available"
-bug#0001271: Hex string to decimal conversion for proper RRDtool storage
-bug#0001273: Escape windows paths to accommodate spaces
-bug#0001281: ICMP Ping fails if an octet == 255
-bug#0001283: graph_image.php causes PHP Notice errors on view
-bug#0001286: poller_item cache is not updated when "Data Input Method" is changed
-bug#0001288: A host with ICMP ping selected as method does not properly perform ping
-bug#0001291: Reapply Suggested Names fails on Script Queries
-bug#0001293: When Creating Data Query Graphs, Performing Search will Cause List to Disappear
-bug#0001294: Stack overflow if database is not correctly initialized
-bug#0001295: Division by zero when rrd_step < poller_interval
-bug#0001296: add_graphs.php does not add the graph template to the host
-bug#0001299: When creating graphs the entire poller cache is recreated for a host
-bug#0001314: Use Data Query variables as HRULE input for graph templates
-bug#0001318: Graph Export with 1 minute poller re-exports graphs 5 times
-bug#0001320: Invalid PHP_SELF Path
-bug#0001326: If a user's password contains a single quote the login fails
-bug#0001342: VRULE printed as HRULE on graph_templates.php graph template item list
-bug#0001380: Expand description of ping retries
-bug: Remove include/html files to mitigate XSS issues
-bug: IE generates errors on both the host and graph settings pages
-bug: Host save failed in FireFox 3 for non-SNMP V3 hosts, complaining about "password mismatch"
-bug: Initialization of snmp_auth when using SNMP=NONE
-bug: Speed up add_graphs.php in most cases (still slow only if --input-fields is used)
-bug: If the poller_output table is not empty, do not flood the log
-bug: Remove warnings appear in the httpd log relative to reset attempts on settings array
-bug: Add API Automation tool quietMode to additional functions
-bug: When Cacti is launched from within an iframe, cookies are dropped from IE6
-bug: Database upgrade and cacti.sql differ
-bug: drop color setting background on FF does not work
-bug: cli/add_tree.php requires as least a host-id for --list-graphs
-bug: add_tree.php did not allow nodes with propagating sort options
-bug: When adding a tree node via the api numeric and natural were reversed
-bug: When saving a data query based data templates, their data sources would become corrupt
-bug: If your system contains INNODB tables, the Technical Support page would hang
-bug: The default user tree link icon would not be properly highlighted when opening graphs
-bug: Severe performance problems when adding data query based graphs.
-bug: Default refresh on Cacti Log was too quick
-bug: Some users do not like the idea of automatic page refreshes
-bug: Allow more rows to be visible in Cacti pages
-bug: Ping and SNMP should test both conditions
-bug: When step is less than poller interval, item will stop polling for long period of time
-bug: When using Web Basic authentication, user is directed to default page and not REQUEST URI
-feature#0000284: Custom <path_rra> for each device
-feature#0000431: Add php-xml to requirements, verify required PHP extensions
-feature#0000852: Have "Previous" and "Next" disappear when not in use (only for graph display)
-feature#0001082: Mirror Graph Rename based on template function to work with Data Sources
-feature#0001140: CLI-Script to associate a graph template to a host
-feature#0001162: WEB UI now accepts max_oids on SNMP bulkwalks
-feature#0001177: CLI Reindexing - poller_reindex_hosts.php: allow filter on "host description"
-feature#0001189: Introducing |data_source_title| variable
-feature#0001195: Add graph title to graphs page
-feature#0001201: Reapply Suggested Names for Data Sources and cli/poller_data_sources_reapply_names.php
-feature#0001205: Add filtering and pagination to cdef management; add "Duplicate CDEF"
-feature#0001220: Disable snmpbulkwalk if max OIDS is less than 2
-feature#0001233: Move $export_types variable definition from templates_export.php to include/global_form.php
-feature#0001233: Move $export_types variable definition from templates_export.php to include/global_form.php
-feature#0001235: CLI script needs to activate a query: add_data_query.php
-feature#0001250: Dispatching job in poller can lead to unbalanced threads
-feature#0001249: New pseudo CDEF variables for "Count All|Similar Data Sources (NO)?DUPS"
-feature#0001289: Add "Graph Properties" wrench to tree+preview mode
-feature#0001323: List all graph template associated with a host template
-feature#0001306: Add Blank Line as possible graph item
-feature: Paginate Treeview Dual Pane
-feature: Allow user to specify maximum graphs per page from Treeview Dual Pane
-feature: Allow Treeview Dual Pane to be filtered for graph titles
-feature: Allow the user to add or remove graph text from page for searching with the browser
-feature: Add links to Graph Management and Data Sources to Device Edit Screen
-feature: Add links to Graph Template and Host Edit to Graph Edit Screen
-feature: Add links to Data Template and Host Edit to Data Source Edit Screen
-feature: Support using the cacti database api with more than one connection
-feature: Add some more debug lines to Data Query debugging (Verbose Query)
-feature: Fix compatibility issues for RRDtool 1.3
-feature: Make the tabs section work a little better with existing plugins
-feature: Add additional options to speed data query graph automation process
-feature: Add additional indexes to speed data query graph creation
-feature: Allow the cli reindexing of hosts to be limited to a single query
-feature: New cli command host_update_template to allow re-templating of hosts using an updated template
-feature: When reindexing hosts, allow a queryid to be specified
-feature: Add command line Database upgrade script
-feature: Add api call to associate graphs with their data sources
-feature: Move the notes field to bottom of page
-feature: New availability option "Ping or SNMP"
-feature: Allow for specification of a default reindex method
-feature: Show more colors on a single color's page
-feature: Exit is either a database or table does not exist
-feature: Add developer debug level to reduce SQL messages in DEBUG
-feature: Add support for group membership for LDAP authenication

0.8.7b
-bug#0000855: Unnecessary (and faulty) DEF generation for CF:AVERAGE
-bug#0001083: Small visual fix for Cacti in "View Cacti Log File"
-bug#0001089: Graph xport modification to increase default rows output
-bug#0001091: Poller incorrectly identifies unique hosts
-bug#0001093: CLI Scripts bring MySQL down on large installations
-bug#0001094: Filtering broken on Data Sources page
-bug#0001103: Fix looping poller recache events
-bug#0001107: ss_fping.php 100% "Pkt Loss" does not work properly
-bug#0001114: Graphs with no template and/or no host cause filtering errors on Graph Management page
-bug#0001115: View Poller Cache does not show Data Sources that have no host
-bug#0001118: Graph Generation fails if e.g. ifDescr contains some blanks
-bug#0001132: TCP/UDP ping port ignored
-bug#0001133: Downed Device Detection: None leads to database errors
-bug#0001134: update_host_status handles ping_availability incorrectly
-bug#0001143: "U" not allowed as min/max RRD value
-bug#0001158: Deleted user causes error on user log viewer
-bug#0001161: Re-assign duplicate radio button IDs
-bug#0001164: Add HTML title attributes for certain pages
-bug#0001168: ALL_DATA_SOURCES_NODUPS includes DUPs? SIMILAR_DATA_SOURCES_DUPS is available again
-bug: Cacti does not guarentee RRA consolidation functions exist in RRA's
-bug: Alert on changing logarithmic scaling removed
-bug: add_hosts.php did not accept privacy protocol
-security: Fix several security vulnerabilities
-feature: show basic RRDtool graph options on Graph Template edit
-feature: Add additional logging to Graph Xport
-feature: Add rows dropdown to devices, graphs and data sources
-feature: Add device_id and event count to devices
-feature: Add ids to devices, graphs and data sources pages
-feature: Add database repair utility
-feature: Default Script Server/Script Queries now accept host specific ping_retries, max_oids
-feature: Support for new variables |host_ping_retries| and |host_max_oids|

0.8.7a
-bug#0000895: "Use Per-Data Source Value (Ignore this Value)" runs only when when checking "Allow Empty Input"
-bug#0001029: Add --autoscale-min (rrdtool 1.2.x only) and --autoscale-max (using upper AND lower limit)
-bug#0001035: Allow for --logarithmic scaling without autoscaling
-bug#0001038: Data sources in RRAs have random order, messing up predefined CDEFs
-bug#0001043: Graph Templates drop down populates with duplicates
-bug#0001046: Upgrade from 0.8.6j to 0.8.7 defaults to Authentication Method NONE
-bug#0001052: Graph template - GRINT creates CF function DEF
-bug#0001055: Invalid date format - "half hour" not the GNU Date format
-bug#0001057: SQL error when using 'Auth Method' None when no 'guest' user exists
-bug#0001058: Graph Filter dropdowns do not respect user graph permissions
-bug#0001059: Potential SQL injection vulnerability
-bug#0001060: RRDtool 1.2.15 complain for garbage characters when rrdtool_function_xport is used
-bug#0001061: cmd.php: potential call to invalid "availability_method" key on wrong hash
-bug#0001064: Log file viewer inefficient filtering uses excess memory
-bug#0001066: doc change for using COUNTERs as integers only
-bug#0001067: Fixed extra spaces in GPRINT. Better Alignment for Autopadding
-bug#0001068: doc change for patching cacti when running SELinux
-bug#0001070: Cron interval detection causes multiple pollers to run
-bug#0001073: Max OIDS is not saved in device view
-bug#0001078: Undefined variable: rra in graph.php on line 241
-bug#0001079: Dates are not stored in host table using correct format
-bug#0001080: Graph Export Generates SQL Errors
-bug#0001081: Usernames with spaces and dashes are not able to save
-feature#0001035: Allow for --units=si on logarithmic scaled graphs (rrdtool-1.2.x only).
-feature#0001069: add opacity/alpha channel to graph items (rrdtool-1.2.x only).
-feature#0001065: Move to Top for List and Tree View. Omit boring scrolling
-feature: add availability pings to host interface

0.8.7
-bug#0000480: Fix error after altering graphs displayed per page
-bug#0000740: Add support for setting the PHP session name of Cacti
-bug#0000829: Add support for an specifying an uptime OID for SNMP queries
-bug#0000830: Add filtering graphs by Graph Template
-bug#0000833: Add favicon.ico support
-bug#0000850: Add Select All for graph list view
-bug#0000854: Move "Downed Host Detection" into the device edit screen
-bug#0000873: Fix issues with the poller hanging in certain situations
-bug#0000876: Add ability to search for host with a not UP status
-bug#0000898: Selecting a CUSTOM timespan and then CLEARing yields "LAST HALF HOUR" preset
-bug#0000899: Add local checking to the Paths tab on the Settings page
-bug#0000902: Fix issues with cmd.php and PHP 4.4.1 under windows
-bug#0000903: snmpgetnext function does not exist in PHP less than 5.0
-bug#0000904: Data Source creation fails without php-snmp
-bug#0000906: Every tenth host does not show on tree during console edit
-bug#0000907: Sorting of data sources when interface numbers are used without leading zeros are incorrectly sorted
-bug#0000908: Graphs created by SNMP data queries are losing their specific names if the template is modified
-bug#0000910: Cacti complains when trying to set the data source "maximum value" to any number with a decimal point
-bug#0000912: Nth Percentile thumbnail graphs fail with RRDtool 1.2.15, 1.2.18
-bug#0000913: Allow direct linking to specific graph pages
-bug#0000919: Fix problem with ping_tcp function
-bug#0000920: Improved handling of rrdtool --font parameter
-bug#0000921: Improvement to ping.pl script
-bug#0000925: Support for host_* variables in the legend
-bug#0000926: Stop removing useful characters when searching
-bug#0000927: Classic export does not recognize thumbnail columns properly
-bug#0000931: New rrdtool fails on empty comment
-bug#0000934: Column 'status_last_error' in table 'host' too short.
-bug#0000937: System output in hosts.php poor for Alcatel
-bug#0000946: Timetick of zero returns down for device
-bug#0000947: Trailing blank on OID in form causes problems
-bug#0000953: SNMP Passphrase is displayed in cleartext
-bug#0000954: Y-grid lables are not informative when using --alt-autoscale
-bug#0000955: Fixed possible denial of service attack by modifying graph image URL
-bug#0000956: Additional editing help with tree management
-bug#0000957: Script server output's beginning/trailing data during "Include" causing a synchronization issue
-bug#0000958: Slope Mode is now selectable
-bug#0000959: Alarming added when poller output table is not empty
-bug#0000963: TCP/UDP capitalization
-bug#0000965: When setting filters under utilities, pressing enter takes you back to the main page
-bug#0000966: Log file viewing utility has no ability to filter
-bug#0000969: In some versions of PHP, the graph tree will not view properly
-bug#0000970: Incorrect debug messages in lib/ping.php for failed UDP ping
-bug#0000974: No graphs on Fedora core6 using sunone/iplanet 6.1 SP5
-bug#0000975: Add Nth Percentile aggregate_current - Summing Multiple Data Sources with like names for Nth Percentile
-bug#0000982: Remove invalid references to the "output_string" column in the "data_input" table
-bug#0000983: Bad SQL: snmp_query_graph_rrd.snmp_query_graph_id=
-bug#0000984: Poller does not correctly flush poller_output table after a memory error
-bug#0000989: hyphen - host description used with Data Source Path
-bug#0001001: "Purge User Log" keeps invalid entries
-bug#0001002: Cacti reports incomplete interface status
-bug#0001007: SNMPv3 password field allows command injection
-bug: ss_sql.php causes the script server to crash
-bug: Timeshifter added to base code
-bug: Allow query_ and host_ substitution in COMMENT and CDEF's.
-bug: Command line interface scripts to add devices, graphs, tree's and permissions.
-bug: Correct index error when creating graphs when you have no hosts on your system.
-bug: More recent versions of net-snmp broke SNMP walk functions.
-bug: Adjust for problematic responses from some SNMP agents (IBM AIX).
-bug: Improve logging in cmd.php and poller.php when parameters are not specified correctly.
-bug: Reduce the total number of SQL queries called
-bug: Replace inefficient strip function in process_poller_output
-bug: Some php_snmp implementations return strings as "Hex-STRING:".  In these cases properly resolve the string
-bug: Correctly assign right and left click actions for Opera
-bug: Fix SQL error when viewing an invalid Data Source via the Log Viewer
-bug: Fix command line user copy utility
-feature: Paginate the Graph Creation Page
-feature: Add SNMPv3 Support to Cacti
-feature: Add a Notes field to the Device that can contain arbitrary information
-feature: Add Availability Methods to Cacti including per Host Ping Methods and Timeouts
-feature: Add Max OID's to te Host Level
-feature: Allow CSV Export from the various Graphs page
-feature: Add rra_path as a global.php config variable
-feature: Add drop down actions to data queries
-feature: Add drop down actions to data input methods
-feature: Add drop down actions to user administration
-feature: Add filtering and pagination to data queries
-feature: Add filtering and pagination to data input methods
-feature: Add filtering and pagination to host templates
-feature: Add filtering and pagination to user administration
-feature: Add extended LDAP authentication support
-feature: Add Web Basic authentication
-feature: Add authentication realm to modifiable user parameters
-feature: Add multiple polling intervals
-feature: Moved command line scripts to cli sub directory
-feature: include/config.php now only includes database configuration
-feature: include/config_* have been renamed to include/global_*. Note: Script servers need to be updated.
-feature: Allow VRULE's in Cacti to specify an absolute timestamp in addition to [+/-]HH:MM
-feature: Add 1 minute RRA
-feature: Add item select highlighting to main pages
-feature: Let poller.php be more intelligent about poller intervals less than 60 seconds
-feature: Add consistency to Filters by adding nowrap to td items
-feature: Add Graph and Data Source counts to Device page
-feature: Add Poller Interval to Data Sources page
-feature: Keep filters aligned with main page content on window resize
-feature: Add Enable/Disable user
-feature: Add copy and batch copy of users
-feature: Reduce ADODB memory consumption during polling
-feature: Add new RRDtool Function to facilitate CSV export
-feature: Add the ability to ignore custom RRA settings when importing templates and use this behavior by default
-feature: Add technical support output to System Utilities
-compat: Add additional checking due to php-snmp changes in Windows
-compat: Remove GIF as a supported file type for RRDtool 1.2.x and added SVG file type

0.8.6j
-bug#0000842: SNMPv3 password field does not check if entered passwords match.
-bug#0000848: Fix "PHP Script Server communications lost" error in the poller under high network load.
-bug#0000859: User log "purge" now keeps the last successful login.
-bug#0000861: Use downed host detection even when the SNMP community is blank.
-bug#0000864: Apply natural sort to graph items in the tree.
-bug#0000867: Apply various cleanups to poller.php and lib/poller.php.
-bug#0000870: Add sorting to the graph templates list on the "Change Graph Template" page.
-bug#0000877: Fix issue that caused PHP 5.2.0 to break the Windows cmd.php poller.
-bug#0000882: Add "collapsible" branches to the graph tree editor.
-bug#0000883: Fix exploit in cmd.php with register_argc_argv enabled in PHP.
-bug#0000884: Add bottom navigation bar to graph viewing.
-bug#0000885: Fix issue causing spaces to be removed when importing/exporting data input methods.
-bug#0000886: Allow SNMP ping to utilize the snmpgetnext call instead of snmpget.
-bug#0000890: Fix issue with dec-vulnerability-poller patch breaking graph_view.php.
-bug#0000892: Fix hostname sorting on the devices page for IP addresses.
-bug#0000894: poller.php does not give any output with MySQL disabled in CLI's php.ini.
-bug: Template export produces invalid XML escaped character encoding.
-bug: Data queries were not sorted properly during initial display.
-bug: Apply various graph changes required for Boost plugin.
-bug: If your system has no hosts or graphs, you would get a warning when creating new graphs.
-bug: If using the CGI version of PHP, the script server risked not starting properly.

0.8.6i
-bug#0000188: Add ability to sort columns by selecting column headers.
-bug#0000199: Exported thumbnail graphics shows limited time range only.
-bug#0000207: Correct unit size displayed in the default 'Localhost - Memory Usage' graph.
-bug#0000286: Fix issue with bandwidth summation on exported graphs.
-bug#0000313/#0000561: Don't print menu/titlebar by using CSS class noprint.
-bug#0000316: Take the unit value field into account when creating graphs.
-bug#0000395: Fix graph export FTP functionality in Unix environments.
-bug#0000430: Add natural sort order option for graph trees.
-bug#0000433: Remove script server restriction on varying case path names.
-bug#0000488: Remove reliance on HTTP_USER_AGENT to prevent possible notices.
-bug#0000527: Fix issue updating the RRA for a graph tree item.
-bug#0000584: Add barometer decimal fix to scripts/weatherbug.pl.
-bug#0000624: Generate DEFs for graph items other than AREA, STACK, and LINE.
-bug#0000643: Always display a human readable sysUpTime in the device edit page.
-bug#0000665: Invalid index error on empty or 0 return set from rrdfetch with Nth Percentile.
-bug#0000672: When creating a device, the Host Template was not properly validated.
-bug#0000678: Allow graph export to a Cacti sub directory.
-bug#0000681: Increase the size of the arg1, arg2, and arg3 fields in the poller_item table.
-bug#0000692: Fix problems with FTP and the tree export method.
-bug#0000693: Fix problems with the "Expand Host" option and the tree export method.
-bug#0000698: Make arguments to 'df' more compatible with FreeBSD 6.0 in the "Get Unix Partitions" data query.
-bug#0000705: Fix problem with the current selected data source item and SIMILAR_DATA_SOURCES_NODUPS (again).
-bug#0000709: Fix problems with FTP and the tree export method (duplicate).
-bug#0000720: Fix undefined variable message in script_server.php.
-bug#0000721: SNMPv2 Query has issues with ifAlias & ifName when none present.
-bug#0000727: Allow a user with specific graph permissions to be used when exporting graphs.
-bug#0000730: Allow non-standard MySQL ports to be specified.
-bug#0000731: Use proper defaults when adding a device to a tree from the Devices page.
-bug#0000739: Stop ignoring the "Unit value" parameter in the graph template.
-bug#0000741: Fix issue with links getting mismatched after using zoom on a graph.
-bug#0000746: Make sure clearing Cacti log file from web interface preserves file permissions.
-bug#0000752: Allow OID's greater than 255 characters except for the index OID because of MySQL index limitations.
-bug#0000758: LDAP user with non-alphanumeric characters in the password failed to authenticate.
-bug#0000761: Correct input validation to allow all possible numbers in the RRAs form.
-bug#0000766: Increase the size of the id field in the graph tree items table.
-bug#0000769: Use only selected RRA's when exporting graphs.
-bug#0000775: Add pagination to the SNMP cache viewer to handle large numbers of items.
-bug#0000779: Scale down the size of text when viewing thumbnail graphs.
-bug#0000781: Add an "enabled" filter status item in the devices list.
-bug#0000785: Fix issue with Graph Tree View and Data Query Index Sorting showing "Non Indexed" even if empty.
-bug#0000786: Expose the SNMP port field to data sources that use SNMP.
-bug#0000789: Remove use of "action" attribute on graph tree image which is incompatible with newer Opera browsers and HTML4.
-bug#0000797: Fix issue with filtering on multiple fields on the Data Sources and Graph Management pages.
-bug#0000809: Add an option to "purge" the user_log table.
-bug#0000814: Prevent Apache from segfaulting if the database permissions are not correct.
-bug#0000815: Paginated the Cacti log file viewer to handle large numbers of items.
-bug#0000821: Add missing menuarrow.gif image.
-bug#0000823: Prevent Cacti from overwriting data during the creation of a new data template.
-bug: Do not allow the device filter on the graph items editor to clear the selected data source.
-bug: SQL query incorrectly formatted causing SQL queries to fail in preview mode.
-bug: Setting a host template filter in devices, followed by moving off and then back on the page generated an error.
-bug: PHP 5.1 snmpwalks utilize the bulk method by default.  Therefore, prefer them over the bulkwalk binary.
-bug: Allow read_config_option to force a database refresh when one is wanted.
-bug: Fix to resolve script server script not returning data as expected.
-bug: Make load average script compatible with Mac OS X systems.
-bug: Correct an issue where under certain circumstances, |query_ifSize| was being implemented as the maximum value for an RRD.
-bug: Correct issue where DHTML caching was not working with expand hosts enabled.
-bug: Add SNMP retries option to Cacti's SNMP functions.
-bug: Once Graph Export has been enabled, do not allow Cacti to run even after it has been disabled.
-bug: Correct alphabetic tree sorting to be more natural.
-bug: Fix meta refresh tags to use proper URL syntax.
-bug: Do not allow the graphs setting page to use the refresh interval, which can cause it to refresh while the user is inputting data.
-bug: Make sure that data query index ordering with the "index_order" XML field is always respected.
-bug: Limit the number of rows retrieved from the poller_output table to minimize the impact low memory system configurations.

0.8.6h
-bug#0000383: Add more verbose RRDtool debug output from Graph Management.
-bug#0000522: Take 'oid_index_parse' into consideration when handling 'OID/REGEXP:' data query fields.
-bug#0000528: Allow template_import.php to return without error when XML file is invalid in PHP 4.4 and above.
-bug#0000557: Changing filter value resulted in invalid page/row selection.
-bug#0000572: Added $database_port to config.php.
-bug#0000570: Grammar edit for text about already up-to-date.
-bug#0000571: Misleading diagnostic error messages during install have been updated.
-bug#0000582: Ampersand present in graph template graph name causes XML import to fail.
-bug#0000585: Graphing fails using AREA/STACK/LINE/HRULE/VRULE without defined color.
-bug#0000586: Remove static reference to RRA ID #1.
-bug#0000596: Proper escape of ' in graph titles.
-bug#0000599: Add filtering to graphs and data templates.
-bug#0000601: Add ability to add multiple hosts to a tree.
-bug#0000603: user_log.ip field not ipv6 compatible.
-bug#0000608: Minor coding error in lib/poller.php with a erroneous pclose statement.
-bug#0000615: Add sysContact and sysLocation output to device edit page.
-bug#0000619: Host templates not alphabetized on device creation form.
-bug#0000625: Cannot modify/create a user with a period in the username.
-bug#0000631: Invalid information concerning delimiter for index_order in SNMP Query documentation.
-bug#0000650: Clicking Cancel in Create Graphs for this Host does nothing.
-bug#0000656: Perl scripts using back ticks is not portable.
-bug: Stop MySQL connect messages from appearing in user interface.
-bug: Allow primary keys other than "ID" to work in sql_save and in HTML code.
-bug: Save statistics even when the poller times out.
-bug: Only call poller_commands.php or poller_export.php if they require calling.
-bug: Incorporate a timeout to ss_fping.php so that a host that takes to long to finish at least returns data.
-bug: Correct the display of custom data under data input methods to follow the proper order.
-bug: Change the default behavior of ping.php to mark a host as up if either SNMP or ping are successful.
-bug: Don't allow graph_export to delete your web site.
-bug: Correct issue where SNMP was not returning both hex and text data under certain circumstances.
-bug: Prevent a never ending table lock in lib/tree.php.
-bug: Correct issue where either AREA or LINEx without color were causing RRD_NL without any elements in rrdtool_graph.
-bug: Allow hostname to include the TCP: prefix for TCP based snmp and keep tcp, icmp, udp ping functional
-bug: Better error reporting for Clear Cacti Log File in Utilities
-bug: Graphs with items having Legend text defined but no color will fail under RRDtool 1.2.x.
-feature: Add MySQL 5.x support.
-feature: Add IPv6 support to lib/ping.php.
-feature: When utilizing cmd.php, do not run the script_server if it is not required for a process.
-feature: Incorporate snmpbulkwalk binary path to user interface to speed snmpv2 and snmpv3 walk calls.
-feature: Incorporate snmpgetnext binary path to user interface to make available for certain plugins.
-feature; Add support for Nth percentile functions, not just 95th.
-feature: Add support for new Nth percentile variables: aggregate, aggregate_max, aggregate_sum.
-feature: Allow additional filtering for graph item adding while creating graphs.
-feature: Add Command line script to copy users: copy_cacti_user.php.
-feature: Add Command line script to reindex hosts: poller_reindex_hosts.php.
-feature: Add Command line script to rebuild the poller cache: rebuild_poller_cache.php.

0.8.6g
-bug#0000351: Fix zooming capability in Safari.
-bug#0000491: Allow underscore, dash, and forward slash characters through search string validation.
-bug#0000498: Fix issue where editing data input methods damaged portions of the database.
-bug#0000502: Fix Syslog support in unix.
-bug#0000506/#0000517: Properly handle special XML characters when importing/exporting templates.
-bug#0000508: Fix issues where filter functionality would not work in preview mode.
-bug#0000512: Increase script server buffer size for large output.
-bug#0000520: Fix issue where LDAP authentication causes crash/abort.
-bug#0000521: Add graph/data source title mouseover support.
-bug#0000525: Make sure that all files in the Cacti distribution contain an EOF character.
-bug#0000530: Remove 132 character limitation for OID's during polling.
-bug#0000531: Make sure that quote characters in suggested value fields are properly escaped.
-bug#0000535: Fix template export support for PHP 4.4.
-bug#0000536: Fix printing of zoomed graphs where in IE where a white box would appear over the graph.
-bug#0000537: Re-implement functional SNMPv3 support (authNoPriv only)
-bug#0000543: Always allow non-templated graph/data template fields to be blank.
-bug#0000544: See graph tree export contrib below.
-bug#0000547: Fix issue with escaping certain control characters, causing the graph tree to break.
-bug#0000552: Fix typo on the Settings page.
-bug: Fix multiple output support in the script server.
-bug: Fix incompatible binary SNMP calling parameter issue with NET-SNMP versions earlier than 5.1.
-bug: Fix issues encountered when polling invalid data sources.
-bug: Fix issue where if a host was deleted, re-indexing would continue to attempt to be performed on it.
-bug: Allow lib/ping.php to be included in user script server scripts.
-bug: Eliminate the need to run php-win.exe in Windows environment.  Will now work with just php.exe.
-feature: Add a great new graph export format "Tree Presentation", thanks to our friend from Toulouse France (forums user: jaybob).
-feature: Allow data query |query_*| variables to be used within a CDEF string.
-feature: Force export functions into a separate poller process.
-feature: Force re-caching of data queries into a separate poller process.
-feature: Added filter capability to graph list view mode.
-feature: Enhanced ss_fping.php and ping.php to inclue ICMP, TCP and UDP ping functionality and to specify a port.

0.8.6f
-security: Hardened PHP Project Advisory #042005 - Cacti Authentification/Addslashes Bypass Vulnerability
-security: Hardened PHP Project Advisory #022005 - Cacti Multiple SQL Injection Vulnerabilities
-security: Hardened PHP Project Advisory #032005 - Cacti Remote Command Execution Vulnerability

0.8.6e
-bug#0000143: Allow the user to enter 'U' for unknown minimum and maximum data source input values.
-bug#0000377: Fix logarithmic graph creation issues.
-bug#0000392: Implement caching to reduce the number of SQL queries needed to render the graph tree.
-bug#0000402/#0000457: Allow bounds to be set properly for logarithmic graph creation.
-bug#0000428: Unable to try login again after Access Denied.
-bug#0000450: Force strict checking for data query parsing to prevent numeric values from being incorrectly handled.
-bug#0000453: SPAN tag between each character of GraphTitle in Graph Management.
-bug#0000458: Generate and error message and exit poller.php if the cactid binary path is invalid.
-bug#0000463: Fix Syslog logging of poller statistics.
-bug#0000464: Remove dates from Syslog generated messages.
-bug#0000465: Allow for the mass resize of graphs.
-bug#0000471: Remove the graph 'Settings' tab if the user is not allowed to save graph settings.
-bug#0000478: Validate field input values on the Data Templates page. Prevent duplicate data template items from appearing as a result of this bug.
-bug#0000481: Add several checks to prevent PHP errors when parsing data query XML files.
-bug: Graph zoom feature had incorrect bounding box when using RRD 1.2.x
-bug: Speed the generation of the Tree View Dual Pane by caching the Tree to a local session variable.
-bug: Handle STACK graph items properly in RRDtool 1.2.
-bug: Prevent data query recaches if the device returns empty input.
-bug: Fix potential issues with graph gaps when using a large number of poller processes.
-bug: Fix issues when zooming with new RRDtool 1.2 title fonts with a point size other than 10
-bug: Fix issues when zooming outside of the select areas causing a broken graph
-bug: Fix issues experienced when users attempted to create custom graphs and thousands of data sources exist
-feature: Add ability to filter by host status as well as add ability to filter accross both description and hostname
-feature: Add additional options to control RRDtool 1.2 fonts.
-feature: Allow the user to Enable/Disable Data Sources from the user interface and automatically disable hosts when deleting a device.
-feature: Add Data Source information to the Cacti Log File to assist with troubleshooting.
-feature: Add html links to both hosts and data sources in the Cacti Log File.
-security: Fix several remote inclusion bugs that were exploitable when PHP's 'register_global' feature is turned on [IDEF0941], [IDEF1023], [IDEF1024].
-security: Fix several SQL injection bugs due to improper input validation [IDEF1001].

0.8.6d
-bug#0000416: Speed up binary net-snmp calls by removing MIB lookup requirement.
-bug#0000434/#0000403: Allow for periods in script return variable names.
-bug#0000436: Made snmp.php more like version 0.9 code base.
-bug#0000419: Fixed session initialization problems with some browsers.
-bug#0000394: Fixed a web server crash when reordering items in a graph tree.
-bug#0000390: Remove deep linking in Cacti.
-bug#0000389: Implement directory security in Cacti.
-bug#0000443: Add SNMP port/timeout to the Host MIB CPU/disk script queries.
-bug: Corrected issues encountered when creating multiple graphs from a single graph template.
-bug: Corrected a problem where no graphs are displayed in the graph tree when authentication is turned off.
-bug: Allow RRDtool fetch command to retrieve negative numbers.
-bug: Increased some field lengths for very long OID's.
-bug: Removed references to non-existing code when attempting to make database connections.
-bug: Give poller cache more time to process entries during a clear operation, give it more memory.
-bug: Changed default value in Unix ping script to correct for template bug.
-bug: Fixed page refresh issue.
-bug: Fixed include ordering in config.php to accommodate MySQL bugs and logging.
-bug: Changed SNMP ping OID to be sysUptime because it is more common.
-bug: Increased PHP timeout to accommodate for long running recache events causing poller issues.
-bug: LDAP Auth with no DN specified and blank username would allow login.
-feature: Basic support for RRDtool 1.2 including specifying a default True Type Font.
-feature: Added support for spike suppression within the cmd.php poller.
-feature: Support php_snmp version 2 builtin functions.

0.8.6c
-bug#0000354: User Name field always displays "admin" in Mozilla web browser.
-bug#0000293: JavaScript selection bug on the "New Graphs" page.
-bug#0000352: Problem with the current data source item when using the "Similar Data Sources" special data source.
-bug#0000348: Scale problems with the "ucd/net - Memory Usage" graph template.
-bug#0000358: Problems adding the same graph to more than one graph tree.
-bug#0000355: Allow scientific and negative numbers to be returned from a script.
-bug#0000347: Change Order of Graph Templates and Data Queries in Host.
-bug#0000339: LDAP description misspell 'allow'.
-bug: Maximum runtime issues with the script server.
-bug: User could select a data query graph type from "Graph Templates", causing duplicate data source items.
-bug: Auto-recache failed and caused the poller to crash under specific circumstances.
-bug: Problems saving a user's graph settings from the user admin page.
-bug: Poller cache not being updated properly for some host types upon change.
-bug: Hope it's final this time: 95th percentile and bandwidth summation fixes.
-bug: Added more verbose error handling with template XML importing.
-bug: Sort host templates when creating a host.
-bug: Corrected user form edit array problem that didn't show the graph options for an edited user.
-bug: Access Denied error when user doesn't have console access.
-bug: Return type bug in cacti_snmp_walk() which could cause extra blank data query rows.
-feature: Data queries now support indexes that span multiple OIDs (see the manual).
-feature: Re-apply suggested naming to graphs from the user interface.
-feature: TreeView-specific feature to speed up rendering the tree for large databases.
-feature: Added retry logic to the MySQL connect statements.
-feature: Changed default connect method to a 'pconnect' from a 'connect' to improve performance with large implementations.
-feature: Add support for Safari on the graph zoom page.

0.8.6b
-bug#0000318: Only delete the Cacti system user when uninstalling the RPM package rather than during each upgrade.
-bug: Problems with the 95th percentile and bandwidth summation graph variables.
-bug: Problem with random gaps in some or all graphs caused by staggered RRDtool update times.

0.8.6a
-bug#0000287: Non-host based scripts failing to populate the poller cache (0.8.6).
-bug#0000285: Data query variables on graphs should reflect the data source of each individual graph item (0.8.6).
-bug#0000289: Check the value of PHP's "magic_quotes_gpc" setting to prevent potential security holes (0.8.6).
-bug#0000295: Problem with the DHTML tree when Cacti is included inside of a parent frame.
-bug#0000311: Set PHP's "max_execution_time" to "0" during all upgrades.
-bug#0000303: Correct the logic that checks if the export path directory exists or not.
-bug#0000310: Problems viewing data templates with the "Data Input Method" set to "None".
-bug#0000304: Problems displaying duplicate data templates on the main "Data Templates" screen.
-bug#0000302: Update the Windows install documentation to mention the "PHPRC" environment variable.
-bug#0000293: Problem with the JavaScript that grays out already created graphs on the "New Graphs" page.
-bug#0000312: Make sure that the "host_graph" table is populated in the installer for users coming from a version less than 0.8.4.
-bug#0000296: Remove references to PHP's ob_flush() function it doesn't exist until verion 4.2.
-bug#0000314: Respect graph export timing settings.
-bug: Problem saving a templated graph or data source that contained a checkbox field that had a value different from the default.
-bug: Typo in graphs.php when placing graph(s) on a tree.
-bug: Make sure that there is a user logged in before trying to read a per-user graph configuration value.
-bug: Fix support for multiple cmd.php/cactid polling sessions in a single poller.php session.
-bug: Revert back to older RRDtool update method as to correct several poller related issues with 0.8.6.
-bug: Fix PHP-SNMP support in cmd.php.
-bug: Fix multiple graph/data template corruption issues when converting from graphs or data sources.

0.8.6
-bug#0000051: HTTP header caching problems (0.8.5).
-bug#0000121: It is no longer possible to add the same graph twice to a single graph tree branch.
-bug#0000123: Several UI fixes on the tree item edit page (0.8.5).
-bug#0000124: Select all check boxes would actually invert the selection.
-bug#0000128: Graph template item corruption issues (0.8.5a).
-bug#0000139: Graph tree deletion corruption issue (0.8.5a).
-bug#0000140: Replaced the 'None' option in several host drop downs with 'Any' and redefined 'None' to mean host = 0 (0.8.5a).
-bug#0000144: Possible corruption issues when deleting tree items from the root of the tree.
-bug#0000149: Error using the 'total' type for 95th percentile or bandwidth summation.
-bug#0000151: Added the ability to duplicate a host template.
-bug#0000160: A change in Mozilla 1.5+ caused extra vertical space to appear on many table rows throughout the console.
-bug#0000164: HostMIB scripts do not respect SNMP port and timeout parameters.
-bug#0000173: Increase the number of characters dedicated to each tier from 2 to 3 which increases the item per tier/branch limit to 999.
-bug#0000174: Broken thumbnail graphs that contained a 95th percentile HRULE item.
-bug#0000175: Strip quotes from SNMP output to prevent UI escaping issues.
-bug#0000176: Added the '-P' argument to 'df' to prevent multi-line output for the query_unix_partitions.pl script.
-bug#0000179: Updated ADODB to version 4.23 which enabled Cacti work with PHP 5.
-bug#0000198: Strip greater and less than characters from SNMP output to prevent UI escaping issues.
-bug#0000214: Rename 'Utilities' to 'System Utilities' and move it under the 'Utilities' menu heading.
-bug#0000235: Limit the number of pages displayed for graph management, data sources, and devices.
-bug#0000244: Prevent PHP errors from being displayed during summation/95th percentile calculation when the .rrd file does not exist.
-bug#0000253: Fixed recursive CDEFs.
-bug#0000254: CDEF dropdown list in adding another CDEF is not sorted.
-bug#0000265: Removed "CANNOT FIND GUEST USER" error message.
-bug#0000273: Fixed 'rrdtool fetch' parsing for RRDtool 1.0.9.
-bug: A hash was not being generated for duplicated graph and data templates which would cause import/export for those templates to fail.
-bug: A user's graph permissions may fail to delete properly after removing that user.
-bug: The "Export Every x Times" feature did not work correctly.
-bug: Work correctly with PHP's get_magic_quotes_gpc() turned off.
-bug: Eliminated potential password injection attack in auth_login.php.
-bug: Eliminated popen issues in cactid win32 with threads > 1.
-feature/bug#0000118: Data source screen UI enhancements (0.8.5).
-feature/bug#0000120: Deleting a tree header should delete all child items (0.8.4).
-feature/bug#0000125: A forced sort type can be specified for data query indexes which will be used to sort data query results in the UI.
-feature/bug#0000152: Added filter/search/pagination capabilities to the Devices page.
-feature/bug#0000155: Allow hosts on the graph tree to be grouped by data query index (ie. switch port, partition, etc) instead of only graph template.
-feature/bug#0000156: Added the ability to sort a graph tree branch alphabetically or numerically.
-feature/bug#0000161: Removing a graph now gives the user the option to remove all associated data sources.
-feature/bug#0000172: Added the ability to control which graph viewing areas should display thumbnail graphs and which ones should display full sized graphs.
-feature/bug#0000185: Deleting a device gives the user the option of deleting all associated graphs and data sources.
-feature/bug#0000187: Add host availability and device enabled/disable controls to the main devices page.
-feature/bug#0000189: Add a system-wide defaults for SNMP community, version, port, timeout and retries configurable under 'Cacti Settings'.
-feature/bug#0000192: Add the ability to log poller runtime statistics to the log.
-feature/bug#0000194: Add host availability capability which allows Cacti to track of downed devices as well as a device's uptime history.
-feature/bug#0000200: Implement three different auto re-index methods which allow Cacti to automatically 'refresh' a data query when an indexes changes.
-feature/bug#0000213: Add a 'Clear' button to all filter forms which resets the form to its default state.
-feature/bug#0000240: Add moonman's SIMILAR_DATA_SOURCES_NODUPS CDEF patch.
-feature/bug#0000250: Allow host/graph tree items to change parents.
-feature: Data query index types are now automatically selected which eliminates the need to prompt the user for this information at graph creation time.
-feature: Better message handling on the "New Graphs" page.
-feature: Get rid of the "Data Input Method" box from the data query edit screen as this data can be automatically derived.
-feature: Customizable log levels.
-feature: Ability to log to syslog (Unix) and event log (Windows) in addition to the log file.
-feature: UDP/ICMP/SNMP ping support used to determine a host's availability status.
-feature: A PHP script server which enables PHP script to be interpreted by the poller without spawning a separate PHP process for each item. See the manual for more details.
-feature: Ability to choose the type of poller (cmd.php, cactid) and number of threads (cactid only) from the UI.
-feature: Ability to spawn multiple simultaneous cmd.php/cactid processes to speed up the polling process.
-feature: Allow data templates and data sources that use SNMP to override host fields (hostname, snmp port, etc) in the poller cache.
-feature: Added Eric Steffen's Bonsai patch which enables users to zoom a graph by dragging a box around the area of interest.
-feature: Added branix's graph export enhancements patch which adds many more graph export configuration options including remote FTP support.
-feature: Ability to view/clear the log file from the console.
-feature: Use a single RRDtool stdin pipe for all update, create, and graph export actions.
-feature: Advanced timespan selector which provides a large number of presets and a calendar control for custom timespans.
-feature: Better support for SNMP v2 from UI.  Speed up some UI queries.
-feature: Enable/Disable Poller from UI.
-feature: Added ifOperStatus to Graph Creation page to show either Up or Down.
-feature: Rearchitected poller subsystem to prepare for multiple poller architecture in future releases.
-feature: Added validation logic in the pollers to prevent system and log anomalies.
-feature: Removed SNMP v3 options until SNMP v3 is supported.

0.8.5a
-bug#84: Updated internal CDEF caching to take CFs into account.
-bug#86: Updated the LDAP code to correctly copy template users.
-bug#136: Inaccurate total bandwidth readings for RRAs with a step > 1.
-bug#138: Typo on install/index.php
-bug#141: Incorrect pre-requisite file check when doing a graph export.
-bug#142: Added the '-t' option when calling ucd-snmp or net-snmp to support numeric timeticks.
-bug#145: phpMyAdmin was choking on the import of cacti.sql.
-bug#146: Minor HTML fix in lib/form.php
-bug: Fixed potential graph item input corruption when saving a graph template item.
-bug: Fixed problem saving a data source using a template that had more than one item.
-bug: Correctly display the console menu when authentication has been turned off.
-bug: Correctly display the two pane tree when authentication has been turned off.
-bug: Support regular expression characters in passwords: \+*?[^]$(){}=!<>|:
-bug: Fixed certain re-ordering problems when deleting branches from a graph tree.
-bug: Add support for a 3 digit exponents in RRDtool fetch output on Windows.
-bug: Correctly escape community strings with a quotation mark under Windows.
-bug: 95th percentile and bandwidth summation code should result in less errors when things don't go as planned.
-bug: Fix 'data_input_data_fcache' orphan when deleting a data source.
-feature: Make the 'None' option on the graph management and data sources host filter dropdowns only display items with no host assigned. Add an 'Any' option to display items assigned to all hosts.
-cactid: Fix segfault problems on all platforms when performing SNMP queries.
-cactid: Fix deadlock issues on Windows and Solaris when making popen calls.

0.8.5
-bug#102: Fix problem with SNMP community strings that contain certain variable shell characters.
-bug#103: Under "New Graphs", make sure to highlight the host template line when the right-hand checkbox is selected.
-bug#104: Typo in the usage for the query_unix_partitions.pl script.
-bug#105: On the data query edit page, only display compatible items in the "Data Input Method" dropdown.
-bug#106: Render the main menu based on a user's permissions so graph-only users cannot see a list of menu options when attempting to view 'index.php'.
-bug#109: Replaced all instances of 'ifDesc' with the correct 'ifDescr' when dealing with the IF MIB.
-bug#110: Be smarter about redirecting the user to the correct page when the user's login option is set to "Show the page that user pointed their browser to".
-bug#111: Take host permissions into account when rendering the left-hand pane in tree view.
-bug#112: Every 10th tree item was not being displayed.
-bug#115: Fixed a bunch of misspellings of the word 'substitute' throughout the code.
-bug#116: Restructured the edit screens for CDEF items and tree items, making them less confusing to users.
-bug#119: Added a "Search:" label to the filter textboxes on the "Graph Management" and "Data Sources" pages.
-bug#127: Added an HTML "title" tag to the three graph mode images.
-bug#129: Added support for correctly parsing timeticks in both cmd.php and cactid.
-bug#130: Users are sometimes redirected to the incorrect host when selecting the "Create Graphs for this Host" link under "Polling Hosts".
-bug#131: Load averages above '10' were not being returned correctly from the loadavg_multi.pl script.
-bug#133: Non-SNMP data sources were not being removed from the poller cache when a host became 'disabled'.
-bug#134: Make sure to delete associated 'host' tree items when deleting a host.
-bug#135: Fix the navigation display so it doesn't display errors when directly linking to a graph.
-bug#137: Remove the 'td.shadow' CSS class as it isn't being used and contains an incorrect image reference.
-bug: Allow the user to enter a "Unit Exponent Value" of '0'.
-bug: Remove all references to $_SERVER["HTTP_REFERER"] for web servers that do not include this variable.
-bug: Extend the "Maximum JavaScript Rows" feature to work for host templates as well.
-bug: Fixed a few parsing problems that were causing problems for users including a '\' or '/' in their script's input string.
-bug: The correct representation of memory usage using net-snmp should be 'free memory + cache memory + buffered memory'.
-bug: Fixed a problem importing CDEF items correctly from an XML file.
-bug: Deleting a GPRINT preset now correctly displays the name of the item about to be removed.
-bug: Problems importing XML that contained a host template with more than one associated graph template.
-bug: Added a potential workaround for the PHP session/popen bug which occurs on Windows systems using PHP in ISAPI mode.
-feature: Data query variables such as |query_ifAlias| can now be included on the actual graph in the "Text Format" or "Value" field.
-feature: Added two new special data sources to CDEFs, which enable users to use the data source's maximum or minimum value in a CDEF.
-feature: Added a new SNMP query source type, "VALUE/REGEXP", which enables users to parse the SNMP value with a regular expression before passing it onto Cacti.
-feature: Hide the "Console" tab from users that only have rights to view graphs.
-feature: Added a new 95th percentile type, "max", which calculates 95th percentile based on the maximum of either inbound or outbound for each sample. This is how most co-location facilities calculate 95th percentile for billing purposes.
-feature: Update ADODB to version 4.05.
-feature: Data source graph inputs are automatically added and maintained by Cacti for new graph templates as to reduce user confusion.
-feature: The "Graph Management" and "Data Sources" edit pages are much improved when using a template.
-feature: Renamed "Polling Hosts" to "Devices" since polling hosts technically implies that you are managing the hosts that poll data, which could be reserved for later use.
-feature: If you enter a value for a "host field" in the data template, Cacti will use that value rather than always defaulting to the host. If you leave it blank, Cacti will use the value from the host.
-feature: Data input method type codes 'snmp_timeout' and 'snmp_port' are now supported.
-feature: Users will only see tabs for the graph viewing modes that they have access to.
-doc: Completely re-written manual in SGML/Docbook so HTML, PDF, and ASCII versions of the manual are now possible. The new manual also includes a better introduction to Cacti for new users and makes use of screen shots to illustrate various portions of the user interface.
-cactid: Fixed segfault problems using cactid on Solaris platforms.

0.8.4
-bug#87: Deleting top level branches without children on the tree caused ordering problems.
-bug#88: Possibly popen/pclose concurrency problem with cactid.
-bug#89: Missing "check all" checkbox on polling hosts page when an empty column was drawn.
-bug#91: Fix undefined index errors on data source checkbox popups.
-bug#92: Fix undefined index errors on graph management checkbox popups.
-bug#96: Problems creating graphs from data queries where there was only row row total in the query result.
-bug#97: Typo in cmd.php
-bug#98: Creating a data source or graph with no host or template, would result in an extra empty item.
-bug#99: Deleting a graph or data template that was still attached to one or more items would cause the graph/data source to appear to still have the deleted template still attached.
-bug: Removed size limits on Linux memory data template.
-bug: Undefined variable errors when creating new graphs/data sources without a template.
-bug: multiple problems that caused the Windows disk space and CPU graphs to stop working.
-bug: Broken images for bandwidth summation graphs that were less than a day old.
-bug: Graph order changes on the tree would affect other graph trees.
-bug: Problem with the "Host MIB - Hard Drive Space" data template that broke Windows disk spaces graphs.
-bug: Fixed the LDAP authentication code, which was partially broken in 0.8.3.
-bug: Fixed a cmd.php parsing problem when input and output fields are sharing the same name.
-bug: Added basename() to all PHP_SELF references to make sure all hrefs stay absolute.
-bug: The RRA field is now honored for the dual pane tree view.
-bug: The |date_time| graph variable now displays the current day of the month.
-feature: The "Total All Items" CDEF is now able to total NaN's without becoming 'U'.
-feature: Data query results are now grayed out if they have already been created.
-feature: The "cacti Web Root" and "Web Server Document Root" settings are completely auto-detected now.
-feature: Add SNMP port and SNMP timeout fields to each host.
-feature: Removed the "Management IP" field in polling hosts in favor of "Hostname".
-feature: Re-organized the menus expand/contract for less used items to help save vertical space.
-feature: Added complete template to XML import and export support.
-feature: Moved the graph creation features of "Polling Hosts" to a new menu item,"New Graphs".
-feature: Added verbose debugging support for data queries.
-doc: Added a FAQ.
-cactid: Removed lots of potential buffer overflows.
-cactid: Several libz/openssl autoconf fixes that improve FreeBSD 5.x support.
-cactid: Fixed some potential segfaults on FreeBSD when reading information from the targets table.
-cactid: The snmp_get() function now respects the SNMP version chosen under "Polling Hosts", so 64-bit counters should work.

0.8.3a
-bug#81: Partial/complete poller cache rebuild failure after an upgrade.
-bug#82: Undefined variable error messages under win32/IIS.
-bug: Problems with overlapping graph permissions with multiple users.

0.8.3
-bug#50: When viewing a graph, only display it for the RRAs used on the graph.
-bug#66: Users can see a list of all hosts in graph preview mode.
-bug#71: Extra escape characters in the |date_time| variable output.
-bug#72: Disk space graph for ucd/net was broken for original 0.8 users.
-bug#75: Problems monitoring more than one CPU with query_host_cpu.php.
-bug#76: Cactid segfault on Solaris caused by unchecked use of NULL with sprintf.
-bug#77: Cactid segfault upon a MySQL connect error.
-bug#79: Check for unique/valid data when the user selects a field to index their new data sources off of.
-bug: Redirect user to the correct page after a forced password change.
-bug: Problems entering negative numbers for upper/lower limit fields on graph pages.
-bug: Never try to use internal SNMP support if SNMP version 2 or 3 is selected.
-bug: Adding or removing data source items in a data template should update attached data sources as well.
-bug: Problems updating certain fields when switching or turning off both graph and data templates.
-bug: Got rid of the "Use Per-Data Source Value" checkbox where it isn't usable.
-bug: Strange sequence/ordering behavior after updating an already created tree item.
-bug: Error message displayed instead of 'Access Denied' message.
-feature: Added host and graph template permissions for graph viewing users.
-feature: Added a new 'dual pane' tree view type that draws the graph trees on a DHTML tree on the left side of the page.
-feature: Added the ability to add hosts to a tree.
-feature: Added a 'timespan' field to "Round Robin Archives" to determine the timespan (in seconds) of graphs using each RRA.
-feature: Completely replaced the header images/layout for both the console and graph viewing pages
-feature: Added a navigation bar in the header so you can keep track of you location in the UI.
-feature: Added bandwidth summation support. See the manual for more information.
-feature: Made the installer more verbose about SQL it runs during an upgrade.
-cactid: Changed threading strategy to spawn threads based on hosts.
-cactid: Created header files for each source file and moved precasts out of cactid.h.
-cactid: A bunch of autoconf updates.

0.8.2a
-bug: Fixed various problems updating the poller cache.
-bug: Fixed the Weatherbug script to work under Redhat 9.
-cactid: Updated poller to use detached threads based on each host.

0.8.2
-bug#47: The 'cacti_server_os' variable is now auto-detected.
-bug#56: Possible endless loop for non 0.8 users in version upgrade loop.
-bug#57: Cacti does not take the 'graph_tree_id' column into account when re-ordering trees which can cause unexpected results.
-bug#59: Regular expression bug that caused 'query_unix_partitions.pl' not to function on FreeBSD.
-bug#60: Incorrect index OID in the (currently unused) 'host_disk.xml' SNMP query.
-bug#61: Problems adding additional graph items to an input after the template is in use by graphs.
-bug#64: Cactid now checks for the RRDtool path in the 'settings' table.\
-bug#67: Problems with wrapping and 'diskfree.pl'.
-bug: Problems deleting GPRINT presets.
-bug: Undefined variable errors on the graph settings page if built in user authentication was turned off.
-bug: Kill cached field value when messages are displayed.
-bug: Graph trees now honor the RRA selected when creating the tree (andyfud.org.nz)
-bug: Graph and data source titles are now properly updated when making changes to graph or data templates.
-bug: Unexpected results when trying to delete top level branches from a graph tree.
-bug: Problems expanding/contracting trees when two or more nested branches had the hidden flag set.
-feature: Added ability to turn off checks for an entire host.
-feature: Added SNMP and operating system variable printout to the about page.
-feature: Added 95th percentile support. See the manual for more information.
-feature: Added setting for data query maximum field length.
-cactid: Added downed host detection.
-cactid: Code cleanup: formatting, compiler warnings, and removal of unused functions.
-cactid: Daemon support has been removed from cactid for the time being, it must be run out of CRON.
-cactid: Have autoconf detect net-snmp before trying ucd-snmp to prevent failure on default Redhat installs.

0.8.1
-bug#40: Fixed OIDs in serveral Netware data templates.
-bug#41: Data source and graph names are lost when created from a  template.
-bug#44: Fixed Host MIB logged in users OID in data template.
-bug#46: Fixed an RRDtool/PHP binary variable mixup on the install page for win32 users.
-bug#48: Changed the "Create" button on the settings page to "Save".
-bug#52: Make sure the data source/graph names are pulled down after clicking "Create", so the user can press cancel.
-bug: Changed references from $_SERVER["SCRIPT_NAME"] to $_SERVER["PHP_SELF"] because of strange behavior on PHP 4.3.2 under Windows.
-bug: Make sure to filter on the "cached title" for on both the data sources and graph management pages.
-bug: Fixed error when debug mode was on and the user tried to add a new graph or data source.
-bug: Take tree permissions into account when displaying the "Default Tree" dropdown on the graph settings page.
-bug: Incorrect graph title was displayed on graph tree delete confirmation.
-bug: Win32: Graphs were being exported even when the graph export path was left blank.
-bug: Exported graphs were displayed in the incorrect order.
-bug: Legends were not displayed on exported graphs.
-bug: HRULE items caused graphs to break.
-feature: You can now use negative VRULE items, such as '-12:00' to display a line 12 hours ago.
-bug: Data queries that had a non-integer index would not render graph/data source titles properly.
-auth: LDAP authentication updates

0.8
-feature: Added support for graph, data source, and host templates.
-feature: Added a stricter concept of hosts which enables better organization and easier graph creation.
-feature: Created data queries which enable the retrieval of indexable data in the form of a query.
-feature: Revised the entire UI creating more functional and attractive forms.
-feature: New generic poller interface enables other pollers to handle the data gathering for Cacti.
-feature: Added support for net-snmp 5.x.
-docs: Revised the install documentation and re-wrote the manual for this version.
-feature: The beginnings of a threaded c-based poller (cactid), which is not completely function at this point.
-feature: And much much more...

0.6.8a
-bug: Unchecked string being passed to rrdtool caused a potential security problem.
-bug: The logout funtionality was broken for some users because of a missing fourth argument.
-bug: Fixed some SNMP parsing problems.
-bug: Fixed a problem with using quotes for data source input.

0.6.8
-feature: Added the following new rrdtool graph options: --units-exponent value, --unit, and --logarithmic.
-feature: Added the ability to show exact numbers in GPRINT, users can now specify a custom GPRINT string on a per-graph item basis.
-bug: Any data input source with more than one output would be added as a multi-data source .rrd file.
-bug: Some data source file name issues.
-bug: Cacti now checks to see if a host exists when adding it to be graphed.
-feature: There is now an optional "remove verification" for most of cacti's dialogs.
-feature: There is a "logout" button when viewing graphs (not for the guest user).
-docs: Updated the Win32 docs (thanks Larry).
-bug: Fixed some rare HTML "multipart/form" bugs with PHP.
-feature: Added a "Default View Mode" for each user when viewing graphs.
-bug: Fixed some bugs where you would change a parent graph item to a child or a child graph item to a parent when graph grouping was turned on.
-bug: Fixed some potential security bugs by eliminating cacti's use of cookies.

0.6.7
-feature: Added a "none" option for a data source when creating a CDEF. This can be used if you check the "Use the current data source being used on the graph instead of a preset one" box.
-feature: Each user has a default graph policy: ALLOW or DENY for their graph permissions.
-bug: Unique .rrd filename/data source name issues for SNMP "Make Graph" have been fixed.
-feature: Changing the data source for a graph group parent will change the data sources for each of the child items.
-bug: Logging has been fixed so errors do not show up in the Apache error_log any more.
-bug: VRULE's work correctly now. Enter a time in the "value" field to use them, such as "00:00" or "14:00".
-feature: If you select a graph to be added to the graph hierarchy, the "This Item is a Graph" checkbox is automatically selected.
-docs: Install docs have been updated for Unix/Win32, documentation on upgrading cacti has been added. See the 'docs/' directory for more information.
-bug: SNMP can function on win32/unix without snmpwalk/snmpget binaries. This will only work if you have php-snmp support compiled into both your php binary and web server modules. This is already the case for win32.
-bug: A bug when more than one data source was created using the same data input source with multiple outputs has been fixed.
-feature: The default install/upgrade screen has been revised.

0.6.6
-feature: Multiple data sources per .rrd is supported. To use this feature, simply create a data input source with multiple outputs that 'Update RRA'.
-feature: Graph item grouping, which enables you to delete/reorder groups of similair graph items.
-feature: Graph preview and output preview in the console, which allows you to preview what a graph will look like/what rrdtool's output is.
-feature: Graph-based permissions have added, you can also show/hide certain hierarchies per user.
-feature: Multiple data source per .rrd file support, read the docs for more information.
-feature: You can now export graphs to static png's/html's every n times.
-feature: By default, SNMP data source names come from <IP>_<IFNUM>, instead of just <IFDESC> which is more unique.
-feature: More options for users such as where to go when the user logs in and whether the user can have their own settings or not.

0.6.5
-bug: Fixed some of the data source naming issues. You can now use any data source name you want; cacti will take care of making the name "rrdtool friendly".
-feature: Cacti will use PHP's builtin SNMP support if detected, SNMP is overall faster now too. NOTE: PHP's SNMP support may not work with all of your MIB names, you may have to use the OID instead!
-feature: Basic high speed counter support has been added, use 'hcin'/'hcout' to use it. Also may not work with PHP's builtin SNMP support yet.
-bug: Using the MAX consolidation function with graph data works better now. You can make graphs that look like the MRTG ones (5 minute maximum). This code still needs a little work though.

0.6.4
-bug: You can now add the same CDEF to multiple data sources in the same graph.
-feature: Ability to "sync" changes with the .rrd file with rrdtool's TUNE function. Cacti also tries to fill in internal data source path and name information to keep graphs from "breaking" when possible.
-settings: You can now change the PHP Binary path from within cacti.
-feature: Cacti can now export static images/html files when it gathers data like MRTG did.
-feature: Multiple graph hierarchies are supported.
-feature: You can now "zoom in" on any portion of the graph hierarchy by clicking on a header item.
-bug: Some changes were made to make cacti more win32 complaint; a tutorial on how to setup cacti on win32 can be found on the raXnet page.
-feature: You can now create all graphs for an SNMP host with one click.
-feature: You can customize the graph title when creating graphs using the 'Make Graph' or 'Make All Graphs' link.
-feature: Data sources in cacti are no longer limited to 19 characters. If you create a data source name that rrdtool will not like, cacti will automatically modify the name and save it internally for rrdtool-only use.

0.6.3
-feature: Put limits (HTML 'maxlength') on fields that have a maximum length.
-feature: Added 'cacti Settings' and 'User Administration' to the cacti menu.
-feature: Added a 'Step' field for Data Sources to graph data at non-300 second intervals.
-feature: Added a '--rigid' on/off option, plus the ability to choose between '--alt-autoscale' and '--alt-autoscale-max' when using auto scale.
-feature: Added a 'Base Value' field to the graphs to adjust how the vertical axis is displayed.
-feature: Updated the menu/header graphics for a smoother look and easier navigation.
-feature: cacti now stores its settings in the database instead of config.php, so they can be manipulated under 'cacti Settings'. Database credentials are still located in config.php however.
-feature: Added a preview of the rrdtool source when creating data sources.
-feature: Added a "data source duplicate" function and moved "graph duplicate" to "Graphs" on the cacti menu.
-settings: You can now turn on/off cacti's builtin authentication.
-settings: You can control what is logged (create, graph, snmp, update).
-feature: Added a "Total All Data Sources" CDEF, which can be used to represent the total of all of the data on a graph.
-bug: Fixed a few add/edit/delete form-related bugs.
-docs: Added some more content to the documentation and made it more visible from within cacti.

0.6.2
-bug: Fixed some bugs when creating CDEF's using multiple data sources.
-bug: Fixed more SNMP parsing bugs with some versions of net-snmp.
-feature: added an "auto-refresh" feature to the graphs (thanks Nossie).
-bug: HRULE's and VRULE's acually work now.
-docs: the beginnings of some real documentation.
-bug: you can select the color black now.

0.6.1
-bug: Fixed a parsing bug with snmp, more parsing is done in cacti's code and not via arguments passed to snmpget.
-auth: Updated the function used to hash passwords (more compatible with older MySQL versions), more strict on document caching.
-feature: Easier installation: cacti now checks for common problems and gives suggestions. Database updates are also done at this time.
-bug: Fixed a problem with adding new data input sources.
-bug: Problem saving the wrong numbers for 'Round Robin Archives'.
-feature: Ability to preview the output of the cron script from a web browser under 'Cron Printout'.
-feature: Added 'Logout User' to the menu.
-bug: Removed some occurances of /var/www/html and replaced them with more dynamic variables.

0.6
-new tree code
-some html table issues in graph view mode
-fixed the settings code for saved graph-view data

0.5
-initial release