Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: a0d9f29f1baebe39e7bca7e3347a930216ed7044
https://github.com/tribe29/checkmk/commit/a0d9f29f1baebe39e7bca7e3347a93021…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
M cmk/gui/htmllib/__init__.py
M cmk/gui/plugins/visuals/filters.py
Log Message:
-----------
Make html.write() private
html.write() was the source of some XSS vulnerabilities in the past. It
is not used outside the class (at least after this commit :-))
Change-Id: I5a764fb8bee0a131b7894aab6d56dd686af28b62
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: e462d3411a179e5ec4263603c208703eab69505f
https://github.com/tribe29/checkmk/commit/e462d3411a179e5ec4263603c208703ea…
Author: Joerg Herbel <joerg.herbel(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
M cmk/automations/results.py
M cmk/base/agent_based/discovery/__init__.py
M cmk/base/automations/check_mk.py
M cmk/base/discovered_labels.py
M cmk/gui/plugins/webapi/webapi.py
M cmk/gui/watolib/__init__.py
M cmk/gui/watolib/bulk_discovery.py
M cmk/gui/watolib/check_mk_automations.py
M cmk/gui/watolib/services.py
M cmk/utils/type_defs/_misc.py
M tests/integration/cmk/base/test_automations.py
M tests/unit/cmk/automations/test_results.py
M tests/unit/cmk/gui/plugins/openapi/test_openapi_service_discovery.py
Log Message:
-----------
Implement dedicated functions for automation calls I
- inventory
- try-inventory
CMK-8604
Change-Id: I49e492cb61be29c9f9c5e34f9dc6821c79009f45
Commit: 0ae7579f6a6c89342c2e7e271891a691b831fb31
https://github.com/tribe29/checkmk/commit/0ae7579f6a6c89342c2e7e271891a691b…
Author: Joerg Herbel <joerg.herbel(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
M cmk/automations/results.py
M cmk/base/automations/check_mk.py
M cmk/gui/wato/pages/object_parameters.py
M cmk/gui/wato/pages/services.py
M cmk/gui/watolib/__init__.py
M cmk/gui/watolib/check_mk_automations.py
M cmk/gui/watolib/host_rename.py
M cmk/gui/watolib/hosts_and_folders.py
M cmk/gui/watolib/services.py
M tests/integration/cmk/base/test_automations.py
M tests/unit/cmk/base/test_unit_automations.py
M tests/unit/cmk/gui/conftest.py
M tests/unit/cmk/gui/plugins/openapi/test_openapi_activate_changes.py
M tests/unit/cmk/gui/plugins/openapi/test_openapi_host_config.py
M tests/unit/cmk/gui/plugins/openapi/test_openapi_service_discovery.py
Log Message:
-----------
Implement dedicated functions for automation calls II
- set-autochecks
- update-host-labels
- rename-hosts
- analyse-service
- analyse-host
- delete-hosts
CMK-8604
Change-Id: Iaaf9df962e2e9337661cf30c485ce3d3333fbbe2
Commit: 9081cf4679446b5568537e5d1f241b53ebbe3d38
https://github.com/tribe29/checkmk/commit/9081cf4679446b5568537e5d1f241b53e…
Author: Joerg Herbel <joerg.herbel(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
M cmk/automations/results.py
M cmk/base/automations/check_mk.py
M cmk/gui/wato/pages/diagnostics.py
M cmk/gui/wato/pages/host_diagnose.py
M cmk/gui/wato/pages/hosts.py
M cmk/gui/wato/pages/parentscan.py
M cmk/gui/wato/pages/services.py
M cmk/gui/watolib/__init__.py
M cmk/gui/watolib/check_mk_automations.py
M tests/integration/cmk/base/test_automations.py
M tests/unit/cmk/base/test_automations_check_mk.py
Log Message:
-----------
Implement dedicated functions for automation calls III
- scan-parents
- diag-host
- active-check
- update-dns-cache
- create-diagnostics-dump
CMK-8604
Change-Id: I2a101251f518b538efc85d2e726f4e65195d6df1
Commit: a4f71b9ec45fb9eb80a8564e1ecf8c76251407c2
https://github.com/tribe29/checkmk/commit/a4f71b9ec45fb9eb80a8564e1ecf8c762…
Author: Joerg Herbel <joerg.herbel(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
M cmk/automations/results.py
M cmk/base/automations/check_mk.py
M cmk/gui/plugins/wato/utils/__init__.py
M cmk/gui/wato/pages/check_catalog.py
M cmk/gui/wato/pages/notifications.py
M cmk/gui/wato/pages/rulesets.py
M cmk/gui/watolib/__init__.py
M cmk/gui/watolib/check_mk_automations.py
M cmk/gui/watolib/config_domains.py
M cmk/gui/watolib/rulespecs.py
M tests/integration/cmk/base/test_automations.py
M tests/unit/cmk/gui/watolib/test_watolib_search.py
Log Message:
-----------
Implement dedicated functions for automation calls IV
- restart
- reload
- get-configuration
- get-check-information
- get-section-information
- notification-replay
- notification-analyse
- notification-get-bulks
- bake-agents
CMK-8604
Change-Id: I5b9c92fb88d9411c9b999f45b8e1919b901a4522
Compare: https://github.com/tribe29/checkmk/compare/a11c8cfebd39...a4f71b9ec45f
Branch: refs/heads/1.6.0
Home: https://github.com/tribe29/checkmk
Commit: 014847b95ce463a46e0e04e25dd709fe1481ec75
https://github.com/tribe29/checkmk/commit/014847b95ce463a46e0e04e25dd709fe1…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
A .werks/13193
Log Message:
-----------
13193 SEC XSS in report editing
It was possible to Inject HTML code in various Content elments. This could also be used in shared reports.
CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 9.0
Affected Versions: all below
Workarounds: Disallow users to customize reports (Set 'General Permissions' > 'Customize reports and use them' to no)
Exploit detections: Check `var/check_mk/web/*/user_reports.mk` for html specialchars.
FEED-6407
Change-Id: I45be0dc7ad4e4932766f2f018a225afffdd52bef
Branch: refs/heads/2.0.0
Home: https://github.com/tribe29/checkmk
Commit: ea4f9f77d1a4efc55efac0fd3d5a53087c903953
https://github.com/tribe29/checkmk/commit/ea4f9f77d1a4efc55efac0fd3d5a53087…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
A .werks/13193
Log Message:
-----------
13193 SEC XSS in report editing
It was possible to Inject HTML code in various Content elments. This could also be used in shared reports.
CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 9.0
Affected Versions: all below
Workarounds: Disallow users to customize reports (Set 'General Permissions' > 'Customize reports and use them' to no)
Exploit detections: Check `var/check_mk/web/*/user_reports.mk` for html specialchars.
FEED-6407
Change-Id: I45be0dc7ad4e4932766f2f018a225afffdd52bef
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 14a0f1800d3fd59b935ee5060831442548abb23b
https://github.com/tribe29/checkmk/commit/14a0f1800d3fd59b935ee506083144254…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
A .werks/13329
M cmk/gui/wato/pages/analyze_configuration.py
Log Message:
-----------
13329 FIX Add missing state colors in analyze configuration
The state colors in the right columns in the analyze configuration
page of the setup menu was missing.
Change-Id: I34bb536a35cc53359a88e8a470344aed8fcc6a90
Branch: refs/heads/2.0.0
Home: https://github.com/tribe29/checkmk
Commit: bb2b3e860c76a3b27a25343a30ea6db4252144c0
https://github.com/tribe29/checkmk/commit/bb2b3e860c76a3b27a25343a30ea6db42…
Author: Sergey Kipnis <sergey.kipnis(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
A .werks/12330
M agents/wnx/src/common/mailslot_transport.h
Log Message:
-----------
12330 FIX Disable Windows agent mail API tracing
With this release Windows agent writes no more information in
<tt>Users\Public\cmc_mail.log</tt>.
Change-Id: I7c7ff01baac7cb548f4b93c7fd49478903eab955
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 4e6ee7d18812e164e1a6c95f3ebee2429a80a035
https://github.com/tribe29/checkmk/commit/4e6ee7d18812e164e1a6c95f3ebee2429…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-09-24 (Fri, 24 Sep 2021)
Changed paths:
A .werks/13193
Log Message:
-----------
13193 SEC XSS in report editing
It was possible to Inject HTML code in various Content elments. This could also be used in shared reports.
CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 9.0
Affected Versions: all below
Workarounds: Disallow users to customize reports (Set 'General Permissions' > 'Customize reports and use them' to no)
Exploit detections: Check `var/check_mk/web/*/user_reports.mk` for html specialchars.
FEED-6407
Change-Id: I9b21735938f234579e37ef3390af955f47860531