The Memory Remains 1.36.34

Changes since 1.36.33

• fix mouseEvent property names, allowing zooming into recorded events
• Handle ffmpeg5 channel deprecations
• add debian Add bookworm support
• add Help text for OPTIONS_ALARMMAXFPS
• remove Remove chowning /usr/share/zoneminder from docs.
• docs: Spelling, fix missing db in database create for bullseye, add bookworm instructions
• Clean up help text for ZM_LOG_DEBUG_FILE to not say that it can include a directory. It should be JUST a filename.
• Do not allow directory names in ZM_LOG_DEBUG_FILE. Only log to ZM_LOG_DIR
• Load the ZM::Event using the Event Model data instead of loading by Id which goes back to db for performance (API faster)
• If no next bulk frame use Event data to estimate the delta to supply an image
• remove duplicate event save when updating Disk Space
• Allow caching of images in view=image
• Improve logging wrt insufficient permissions
• Update fail2ban.rules
• Don't show bandwidth options if there are none to choose from
• Update redhat build docs
• Fix missing auth_relay on alarm xhr
• Make objdetect modals 65% width to make it easier to see
• Don't exit on segfault, perhaps allowing graceful shutdown
• Switch from utf8 to utf8mb4 so that collation works
• Handle failure to db query more gracefully
• Transform date string to int to satisfy newer php
• Add auth_relay to control command
• ONVIF: Handle RateControl being undef
• Restrict mid to a cardinal value. Fixes GHSA-9cmr-7437-v9fj
• in detaintPath also strip :// because php:// is a way to inject code
• Only allow Events Columns for sort. Fixes GHSA-2qp3-fwpv-mc96. Fixes GHSA-9cmr-7437-v9fj
• Use https proxy instead of http since we now access an https url
• Fix Auto Unarchive not deselecting
• define count. Fixes #3799
• Add quotes around dbUser and dbPass to prevent command injection in zmcamtool.pl and zmupdate.pl
• If group is empty, return false for canview so that it doesn't appear in dropdowns etc.
• Only show groups that we can view
• Revert change to cookie and cookie expire to fix loss of bootstrap table preferences. Add samesite
• Info to Debug for login.
• API: Always return an array in getCredentialsDeprecated
• API: Don't try to do auth if auth is turned off
• When ZM_AUTH_HASH_IPS is off, don't use remote ip in storing auth hash in session. If ips are constantly changing it breaks.
• API: Don't assume findByEventidAndType actually returns a frame. If we are only recoridng, then there will be no alarm frames in the db
• Make view does not exist an error instead of fatal
• Handle ffmpeg 7 deprecations
• Set fps and bandwidth to 0 on start and stop of zmc.
• When editing buffer settings, ensure that MaxImageBuffers > PreEventCount.
• Use either version or version.txt. Fixes #3798
• clear packet images even when there is an event, because we send it to the event, which will use the images and so we don't need them anymore. ALso free analysis images even when not passthrough.
• Set default value for rows per page using WEB_EVENTS_PER_PAGE. Fixes #3728
• When save cookies via PHP >= 7.3.0, add handling of the "path" value in the options (session.php)
• Change save button to a regular button that calls validateForm and don't set form.subit to validateForm. ValidateForm will now alert and switch tabs to better inform what the incorrect value is. Built-in validation doesn't work due to tabs and the invalid input not being focusable
• Add UpdatedOn field to Monitor_Status and update it when updating Monitor_Status
• Delete Monitor_Status records that havn't been updated in over a minute
• Sanitise displayinterval,speed and scale parameters. Fixes GHSA-pjjm-3qxp-6hj8
• Sanitise filter[Id] when parsing filter. Fixes GHSA-6rrw-66rf-6g5f
• Move code to shutdown the process properly into exit_zms and use it when auth fails. The stops a segfault.
• Limit scale to 16x mainly to put an upper bound on the amount of ram we might use.
• Limit scale in montagereview to 1.1 to prevent requesting images larger than 100%
• Add dependencies for ubuntu noble
• Redo the event thread. Instead of analysis adding packets to an event specific queue, just pass in the iterator and let the event thread do it's own locking. This allows us to free ram in packet in the event, and not segfault.
• move image_count to shared mem. Use it in monitorstream to detect when last_write_time % buffer_count hasn't changed, but there is in fact a new image. Should improve streaming when ImageBufferCount<=3. Should allow = 2.
• Reset last_capture_image_count in connect so that we don't get negative fps reports and possible floating point exceptions
• Don't log failure to get packet. Can only happen when stopping the packetqueue.
• Handle non increasing timestamps from ffmpeg
• Use last duration instead of 1 when adjusting dts when non-monotonic. Some googling indicates this might be a better approach. What I am seeing with a tapo C520WS agrees.
• Update charset header in ja_jp.php from Shift_JIS to UTF-8
• Always re-apply the latest update. Mainly because sometimes Isaac forgets to add the zm_update file when bumping versions, also in release branches, we increment version before release. zm_update scripts are always supposed to be re-runnable.
• Limit segfaults to 1
• Put swap file File::find into an eval because it can die in zmaudit.pl
• Put back code that looks for iterators when cleaning packet queue. event thread can now have an iterator that follows analysis
• Sometimes the initial keyframe packet will have AV_NOPTS for pts and dts. When this happenes, set last_dts to -1 instead of 0, so that when the next packet comes in and sets the first_dts value, the resulting dts will be 0 which is > -1.
• Update debian.rst, enable autostart of ZM at boot
• If the css in cookie is invalid, clear it so that the logs don't fill up with the warnings
• Don't log error when ignoring action if it is an ajax request
• Handle more than one level of output buffering when cleaning and ending them so we can send the video file so we don't run out of ram. Fixes #4110