Release Notes for Open-AudIT v5.0.2

Released 2023-12-12

md5sum: d1712558f7e75325a13f91c02f9fe7b5

sha256sum: 28ddba82a11b92e5d763809d7414ea83c05fb8b6d86522623de7fc98665d8174


Apologies - we have had to re-release 5.0.2 due to issues (mostly) on Windows (we did make a new Linux build as well).

The below above have been updated. The new releases went live on 2023-12-13 a bit after 4pm Brisbane time.

md5sum: ae5f255f9e01ccaff8e3dbd849cb888f

sha256sum: 1cb34a7f229c7ea8b470b155b0401296df44a5ab4458002d0df279930d6c1e64


This is a bugfix release to address an issue with the Windows version (mostly).

There have been additional improvements for both Linux and Windows and users are encouraged to upgrade from 5.0.0 or 5.0.1.

For Redhat-based installs, we enable the remi PHP repo so we can use the PHP sodium extension. Redhat do not ship this extension, but it is used in our encryption of credentials, hence it is essential. Redhat based installs will use PHP 8.2 (and associated extensions) from the remi repository.


Please note: If you use NMIS 9, you will need to update the Modules menu to take you to Open-AudIT 5.0 with the command 

sudo /usr/local/nmis9/admin/patch_config.pl /usr/local/nmis9/conf/Modules.nmis "/Open-AudIT Enterprise/link"=/open-audit/index.php



VersionTypeCollectionDescription
AllBugDiscoveriesAdd Apple M Series processor speeds.
AllBugDiscoveriesWindows path to spawn process was incorrect - resulting in no discoveries being run.
AllImprovementDiscoveriesWindows would not throw a warning if the Apache user account had not been changed - resulting in no discoveries being run.
AllImprovementDiscoveriesSome items retrieved via SNMP were 'false' instead of an array. We attempted to count them, but PHP 8.2 is more strict and would fail. Fixed.
AllBugAllFix bug with line endings on Windows vs Linux when populating some "create" HTML forms, in particular the Credentials form (among others).
AllBugAllAdd more language files.
AllBugSupportAdd the Samba version to the Support Output.
AllImprovementDiscoveries

In DiscoveryLogModel, use CI RawSql option for a discovery log timestamp. This will use the timestamp / timezone of the MySQL server, not that from PHP.

AllImprovementDiscoveries

Update PHPSecLib to 3.0.34 to address a reported vulnerability.

AllImprovementDiscoveries

Improve SQL for device list for DiscoveriesRead template.

AllImprovementDiscoveries

Add the discovery log ID on the devicesRead template to make sorting more intuitive.

AllImprovementDiscoveries

Revise query in discoveriesModel to mark as complete and discoveries not logged to for over 30 minutes.

AllImprovementDiscoveries

Improve discoveriesModel::queue to use a last_finished time of the standard 2001 and not 1 second in the future.

AllImprovementDiscoveries

On discoveriesRead, show improved 'duration' times per device.

AllImprovementDiscoveries

Improved logging in RulesModel, better determine and use IP.

AllImprovementDiscoveries

Improved discovery logging when we cannot build and audit script and add the device IP to the logging for the RulesModel->execute calls.

AllImprovementSupport

Improved SupportModel tests. Nmap version, lang files.

AllImprovementDevices

Fix some items for CSS dark mode on devicesRead.

AllImprovementAll

Ensure we return a 401 for a failed login for non-HTML requests.

AllImprovementConfig

Fix App config to determine the BASEURL even when running from spark.

AllImprovementDevices, Discoveries

On devicesCollection and discoveriesRead, add a space on either side of IPs in the dataTable. Users can now search for 192.168.1.1<space> and not return 192.168.1.11.

AllImprovementAll

CodeIgniter upgrade to 4.4.3 (latest).