Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 9ece278c95931576a4a8d1e374311646a4bf4fe3
https://github.com/tribe29/checkmk/commit/9ece278c95931576a4a8d1e374311646a…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
M omd/packages/navicli/navicli-0.7.1/lib/seccli/libccme_base.so
M omd/packages/navicli/navicli-0.7.1/lib/seccli/libcryptocme2.so
Log Message:
-----------
Clear stack execution bit for 3rd party libraries
The 3rd party libraries libccme_base.so and libcryptocme2.so from the
navicli package previously had the stack execution bit set. To prevent
stack-overflow exploits, the stack of a binary or shared library must be
marked as not executable.
These libraries were only used by our special agent for monitoring EMC
VNX storage systems.
Have look here for further information: https://www.ibm.com/support/knowledgecenter/linuxonibm/com.ibm.linux.z.lkdd…
Change-Id: Iad1bab24a9a41a880e70329a6f87059dcaa3a221
Commit: 7e186fe9ba2b416e7fd224ec5e9bc95e6d2f7ca2
https://github.com/tribe29/checkmk/commit/7e186fe9ba2b416e7fd224ec5e9bc95e6…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
M cmk/gui/sites.py
Log Message:
-----------
GUI: Add some debug output for tracking down composition test issues
Change-Id: I448f802741449d7cf1de28e89c87a1b7a8a2cf20
Commit: c1781f126facd8447184e38733bdf75e020c8a06
https://github.com/tribe29/checkmk/commit/c1781f126facd8447184e38733bdf75e0…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
A .werks/11747
M cmk/gui/plugins/views/mkeventd.py
Log Message:
-----------
11747 SEC Fix stored XSS triggered by received syslog messages
You are only affected by this issue in case you use the Event Console.
An attacker could send messages to the Event Console, e.g. via syslog,
containing arbitrary HTML code. This was executed in the browser context of any
user viewing the event in the Checkmk user interface.
The information is now properly escaped in a generic way to prevent these
issues.
Change-Id: I5d4f3594e69de7980aa474b8e3b9aa94d7342bb2
Compare: https://github.com/tribe29/checkmk/compare/7bb0eb57b339...c1781f126fac
Branch: refs/heads/2.0.0
Home: https://github.com/tribe29/checkmk
Commit: 25d62664d0e4ed48a8cae7f95a584d222647a564
https://github.com/tribe29/checkmk/commit/25d62664d0e4ed48a8cae7f95a584d222…
Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
A .werks/11349
M cmk/gui/config.py
M cmk/gui/dashboard.py
M cmk/gui/pagetypes.py
M cmk/gui/wato/pages/users.py
Log Message:
-----------
11349 FIX Do not access ntop from CRE
Editing a user in the raw edition resulted in a crash as the ntop integration is not available there.
Change-Id: I3511bc135122a38e1a4dc51e8de92a893adaad69
Commit: fb7454f8700c42e09cb4d316b04732a7f9261bd3
https://github.com/tribe29/checkmk/commit/fb7454f8700c42e09cb4d316b04732a7f…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
A .werks/11747
M cmk/gui/plugins/views/mkeventd.py
Log Message:
-----------
11747 SEC Fix stored XSS triggered by received syslog messages
You are only affected by this issue in case you use the Event Console.
An attacker could send messages to the Event Console, e.g. via syslog,
containing arbitrary HTML code. This was executed in the browser context of any
user viewing the event in the Checkmk user interface.
The information is now properly escaped in a generic way to prevent these
issues.
Change-Id: I5d4f3594e69de7980aa474b8e3b9aa94d7342bb2
Compare: https://github.com/tribe29/checkmk/compare/a1d0e1b5d69b...fb7454f8700c
Branch: refs/heads/2.0.0
Home: https://github.com/tribe29/checkmk
Commit: a1d0e1b5d69bbb059f3da0d8614359d9952d18eb
https://github.com/tribe29/checkmk/commit/a1d0e1b5d69bbb059f3da0d8614359d99…
Author: Sergey Kipnis <sergey.kipnis(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
M agents/wnx/src/engine/cfg.cpp
M agents/wnx/src/engine/cfg.h
M agents/wnx/watest/test-cfg.cpp
Log Message:
-----------
[CMK-6598] - repair determination of the installation type. #2
- set packaged type if check_mk.install.yml exists and [global][install] == "no"
- extend few unit-tests
Change-Id: I4141e337637333b1722fb9ab25a791bf00ee2ef1
Branch: refs/heads/1.6.0
Home: https://github.com/tribe29/checkmk
Commit: 5ba43974636684161e07ac5652afc5b2fe8815e8
https://github.com/tribe29/checkmk/commit/5ba43974636684161e07ac5652afc5b2f…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
A .werks/11747
M cmk/gui/plugins/views/mkeventd.py
Log Message:
-----------
11747 SEC Fix stored XSS triggered by received syslog messages
You are only affected by this issue in case you use the Event Console.
An attacker could send messages to the Event Console, e.g. via syslog,
containing arbitrary HTML code. This was executed in the browser context of any
user viewing the event in the Checkmk user interface.
The information is now properly escaped in a generic way to prevent these
issues.
Change-Id: I5d4f3594e69de7980aa474b8e3b9aa94d7342bb2
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 4778eb6a06ad2ce885b34ef3a4af20048ca0c48c
https://github.com/tribe29/checkmk/commit/4778eb6a06ad2ce885b34ef3a4af20048…
Author: Ronny Bruska <ronny.bruska(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
M cmk/gui/pagetypes.py
Log Message:
-----------
Remove "Business reporting" from customize menu in cre edition
CMK-6613
Change-Id: I2fe63df938cdae94d69d09d698a648809a920c7a
Commit: a798e7f6b85af973d64753435458c8acbdad3d79
https://github.com/tribe29/checkmk/commit/a798e7f6b85af973d64753435458c8acb…
Author: Lukas Lengler <lukas.lengler(a)tribe29.com>
Date: 2020-12-03 (Thu, 03 Dec 2020)
Changed paths:
M cmk/fetchers/factory.py
M tests/unit/cmk/fetchers/test_factory.py
Log Message:
-----------
Fix Travis CI
The Checkmk GitHub repository has no Enterprise features.
Thats why we can't test them in these unit tests.
Change-Id: I6dd4485ae1a9363d53d1564ed6d7ac04192dbbbd
Compare: https://github.com/tribe29/checkmk/compare/98b78e01234b...a798e7f6b85a