Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 1b6db53af15245cd78bbd2ef564fe4483066c561
https://github.com/tribe29/checkmk/commit/1b6db53af15245cd78bbd2ef564fe4483…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2019-11-25 (Mon, 25 Nov 2019)
Changed paths:
M omd/packages/python-modules/python-modules.make
A omd/packages/python-modules/src/snmpsim-0.4.6.tar.gz
R omd/packages/python-modules/src/snmpsim-0.4.7.tar.gz
M virtual-envs/2.7/Pipfile
M virtual-envs/2.7/Pipfile.lock
Log Message:
-----------
Revert "Try to fix integration test issues"
This reverts commit ee53ad8069f0fcb0b3cdda6375d42f02c2124ab5.
Branch: refs/heads/1.5.0
Home: https://github.com/tribe29/checkmk
Commit: 111fbb5ed552e616cf98403a6862932762a2a576
https://github.com/tribe29/checkmk/commit/111fbb5ed552e616cf98403a686293276…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2019-11-25 (Mon, 25 Nov 2019)
Changed paths:
A .werks/10462
M web/htdocs/backup.py
Log Message:
-----------
10462 SEC WATO backups: Fix file path traversal vulnerability
The backup target directory was not validated correctly which made it possible
for an attacker that has access to WATO backups to compromise the site.
Using this vulnerability it was possible to write backup files to directories
that are writable by the site user.
FEED-4352
Change-Id: I71494e247859c4ef229a003a1b7c2716acca1546
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 113d5f04c321635a39eaa84c65785f5fb52ad36f
https://github.com/tribe29/checkmk/commit/113d5f04c321635a39eaa84c65785f5fb…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2019-11-25 (Mon, 25 Nov 2019)
Changed paths:
A .werks/10462
M cmk/gui/backup.py
A tests/unit/cmk/gui/test_backup.py
Log Message:
-----------
10462 SEC WATO backups: Fix file path traversal vulnerability
The backup target directory was not validated correctly which made it possible
for an attacker that has access to WATO backups to compromise the site.
Using this vulnerability it was possible to write backup files to directories
that are writable by the site user.
FEED-4352
Change-Id: I71494e247859c4ef229a003a1b7c2716acca1546
Branch: refs/heads/1.6.0
Home: https://github.com/tribe29/checkmk
Commit: ff3a14d583a5fe3f923f385d029b6ecdc802fd23
https://github.com/tribe29/checkmk/commit/ff3a14d583a5fe3f923f385d029b6ecdc…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2019-11-25 (Mon, 25 Nov 2019)
Changed paths:
A .werks/10462
M cmk/gui/backup.py
A tests/unit/cmk/gui/test_backup.py
Log Message:
-----------
10462 SEC WATO backups: Fix file path traversal vulnerability
The backup target directory was not validated correctly which made it possible
for an attacker that has access to WATO backups to compromise the site.
Using this vulnerability it was possible to write backup files to directories
that are writable by the site user.
FEED-4352
Change-Id: I71494e247859c4ef229a003a1b7c2716acca1546