Checkmk git commits October 2022

checkmk-commits@lists.checkmk.com

1 participants
575 discussions

[tribe29/checkmk] 8fd4db: 14919 SEC Do not log host secret (2)

by Maximilian

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 8fd4db3c8c649a1be5e1460af04425137fd4f2f6 https://github.com/tribe29/checkmk/commit/8fd4db3c8c649a1be5e1460af04425137… Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A .werks/14919 Log Message: ----------- 14919 SEC Do not log host secret (2) Unfortunately Werk #14916 was insufficient. Therefore the vulnerability still exists. This Werk fixes the problem. When using the <i>Agent updater</i> the Checkmk server needs a secret in order to allow the agent to download new agents. For security reasons this secret is unique for each host and generated with the <tt>cmk-update-agent register</tt> command. Unfortunately the generated host secret was written to the cmk-update-agent.log. This logfile is not protected and usually world-readable. With this secret one can download the current agent from the Checkmk server. Included in that agent package are the plugin configs which can contain other secrets. (e.g. database credentials) Mitigations without updating: LI: Reregister the agent-updater. Then sanitize the cmk-update-agent.log files. LI: If you cannot rule out that any unauthorized user read <tt>/var/lib/check_mk_agent/cmk-update-agent.log</tt> respectively <tt>C:\ProgramData\checkmk\agent\log\cmk-update-agent.log</tt> you should rotate all secrets that might be or were included in the agent configurations. Steps needed with the update: LI: Update your agent. LI: Reregister the agent-updater. All versions including 1.5 are subject to this vulnerability. We found this vulnerability internally and have no indication of any exploitation. We calculated a CVSS 3.1 score of 6.5 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Change-Id: I0451ef054f04ca77257ca8d46bd1cb1c6d87acfe

1 year, 11 months

[tribe29/checkmk] 83f435: Extract implicit dependency on permitted_views fro...

by Lars

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 83f4352633bf0f1c8cf1e4043326fac5c4bcc159 https://github.com/tribe29/checkmk/commit/83f4352633bf0f1c8cf1e4043326fac5c… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/gui/plugins/views/utils.py M cmk/gui/views/page_show_view.py Log Message: ----------- Extract implicit dependency on permitted_views from Cell Next we can remove the import cycle between data_source and Cell. Change-Id: Ib4c13ba00005f5133802877f205f81ef88690508 Commit: 8abe1b1f5ecacb5dc1a8521e93c4746b6a04a50c https://github.com/tribe29/checkmk/commit/8abe1b1f5ecacb5dc1a8521e93c4746b6… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/gui/plugins/views/layouts.py M cmk/gui/plugins/views/mobile.py M cmk/gui/plugins/views/utils.py M tests/unit/cmk/gui/plugins/views/test_painters.py Log Message: ----------- Had over link renderer to cell to prevent import cycle This is a preparation to remove the cycle between data_source and Cell. Change-Id: Ief889be11d29b2f842dd9bcd2ae30c726f349d47 Commit: 9159a8f9ae580a931f1c7e02d120d76df306699c https://github.com/tribe29/checkmk/commit/9159a8f9ae580a931f1c7e02d120d76df… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/gui/plugins/views/utils.py M cmk/gui/view.py M cmk/gui/view_renderer.py M cmk/gui/views/page_show_view.py Log Message: ----------- Move view specific painter option computation to View class The function is responsible for computing the painter options based on the different parts of a view configuration. Change-Id: I7e3b986c8a2f6f2c450403af81f1a4e62e1696b8 Commit: 7768f80391d6ed6af866a06043c0882218f4b786 https://github.com/tribe29/checkmk/commit/7768f80391d6ed6af866a06043c088221… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/gui/logwatch.py M cmk/gui/painter_options.py M cmk/gui/plugins/views/utils.py M cmk/gui/prediction.py M cmk/gui/robotmk.py M cmk/gui/view.py A cmk/gui/view_breadcrumbs.py M cmk/gui/views/__init__.py M cmk/gui/wato/pages/fetch_agent_output.py M tests/Makefile Log Message: ----------- Move internal code to cmk.gui This change now finally clears the import cycle between data_source and Cell. Change-Id: Ieba955430acb59b2efe59881df2f6adbee305f79 Compare: https://github.com/tribe29/checkmk/compare/255a50a23dbe...7768f80391d6

1 year, 11 months

[tribe29/checkmk] 255a50: agent_kube: Implement namespace filtering for Cron...

by SoloJacobs

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 255a50a23dbea238873b3855df8b843a09bc3609 https://github.com/tribe29/checkmk/commit/255a50a23dbea238873b3855df8b843a0… Author: Solomon Jacobs <solomon.jacobs(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/special_agents/agent_kube.py Log Message: ----------- agent_kube: Implement namespace filtering for Cronjobs Change-Id: I183f737f8bc414e6d2c7f76af2c5b7b7699f446e

1 year, 11 months

[tribe29/checkmk] b64fcf: inventory: Simplify table row inventory

by Simon

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: b64fcfaf1e74f9221a1d3622e3acaeb72bdd24a3 https://github.com/tribe29/checkmk/commit/b64fcfaf1e74f9221a1d3622e3acaeb72… Author: Simon Jess <simon.jess(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/base/agent_based/inventory/_tree_aggregator.py Log Message: ----------- inventory: Simplify table row inventory Change-Id: Icf011b8b20c9ec84a182926603f031924bf1d0d1 Commit: 5ab70a6b6e213a7706e7c3e57a5851de99c004cd https://github.com/tribe29/checkmk/commit/5ab70a6b6e213a7706e7c3e57a5851de9… Author: Simon Jess <simon.jess(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/base/agent_based/inventory/_inventory.py M cmk/base/agent_based/inventory/_tree_aggregator.py M cmk/base/agent_based/inventory/active.py Log Message: ----------- inventory: Return explicit results Change-Id: Icfc6c27be3c4ffe813d74ad41e3f5c76e3c6140b Compare: https://github.com/tribe29/checkmk/compare/0e15fab0f78c...5ab70a6b6e21

1 year, 11 months

[tribe29/checkmk] f3588b: 3par_volumes: Added unit tests

by racicLuka

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: f3588b4784cde1d47374284881173efb984317df https://github.com/tribe29/checkmk/commit/f3588b4784cde1d47374284881173efb9… Author: LukaRacic <luka.racic(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A tests/unit/checks/test_3par_volumes.py Log Message: ----------- 3par_volumes: Added unit tests Change-Id: I6fadfe7008f0120cffbd70f49d06a80568179728 Commit: 0e15fab0f78c49b421b5b379d34936065e9764fc https://github.com/tribe29/checkmk/commit/0e15fab0f78c49b421b5b379d34936065… Author: LukaRacic <luka.racic(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: R checks/enviromux_sems_digital R checks/enviromux_sems_external R checks/enviromux_sems_internal R cmk/base/check_legacy_includes/enviromux.py A cmk/base/plugins/agent_based/enviromux_sems_digital.py A cmk/base/plugins/agent_based/enviromux_sems_external.py A cmk/base/plugins/agent_based/enviromux_sems_internal.py M tests/unit/checks/test_generic_legacy_conversion.py R tests/unit/cmk/base/check_legacy_includes/test_enviromux.py Log Message: ----------- nti_enviromux: Migrated second bucket of checks to new API Change-Id: Ibe53522cc3a5369cf655b47f503ffa3d443d6afd Compare: https://github.com/tribe29/checkmk/compare/952a67627922...0e15fab0f78c

1 year, 11 months

[tribe29/checkmk] c9b726: 14892 FIX ServiceNow: Fix empty notification rule ...

by rb

Branch: refs/heads/2.1.0 Home: https://github.com/tribe29/checkmk Commit: c9b72627759780604bde9dcb8c24a7e305aa229b https://github.com/tribe29/checkmk/commit/c9b72627759780604bde9dcb8c24a7e30… Author: Ronny Bruska <ronny.bruska(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A .werks/14892 M cmk/update_config.py M tests/unit/cmk/test_update_config.py Log Message: ----------- 14892 FIX ServiceNow: Fix empty notification rule after update SUP-12125 Change-Id: I45bfc346d5b618a67d82700e4216bbf1db8ba413

1 year, 11 months

[tribe29/checkmk] 37c91c: Add base image alias

by Timotheus Bachinger

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 37c91cdb4fb7c4f447814268f4ee9fcd8eaf61a9 https://github.com/tribe29/checkmk/commit/37c91cdb4fb7c4f447814268f4ee9fcd8… Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A buildscripts/docker_image_aliases/IMAGE_SLES_15SP4/Dockerfile A buildscripts/docker_image_aliases/IMAGE_SLES_15SP4/meta.yml Log Message: ----------- Add base image alias CMK-11458 Change-Id: I050dd1e9bc183124bf96eecdea5644f15df7cdf6 Commit: 2f18c44c7a3eada4fc36dbba4fda0fff58493daf https://github.com/tribe29/checkmk/commit/2f18c44c7a3eada4fc36dbba4fda0fff5… Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A buildscripts/infrastructure/build-nodes/sles-15sp4/Dockerfile Log Message: ----------- Add build node for sles-15sp4 CMK-11458 Change-Id: I755e7b03ef8585db77e239487808f61a6732ff54 Commit: d19c42bdcd7837b76aed115f7c1673ef76334d3f https://github.com/tribe29/checkmk/commit/d19c42bdcd7837b76aed115f7c1673ef7… Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A .werks/14783 M editions.json A omd/distros/SLES_15SP4.mk M omd/packages/libgsf/libgsf.make M omd/packages/msitools/msitools.make M omd/packages/omd/omd.make A omd/packages/omd/pdftoppm_system_openssl Log Message: ----------- 14783 Add Support for SLES15sp4 With this werk, Checkmk is build for SUSE Linux Enterprise Server 15SP4. CMK-11458 Change-Id: I50767cb807bf6ac3c10b2167b02538d6819226b3 Commit: 952a67627922ac4b2af987d09acab6161bd9b9c9 https://github.com/tribe29/checkmk/commit/952a67627922ac4b2af987d09acab6161… Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M omd/packages/omd/omd.make R omd/packages/omd/pdftoppm_system_openssl R omd/packages/omd/ssh_system_openssl A omd/packages/omd/use_system_openssl Log Message: ----------- Streamline using system openssl ... for omd binaries which need to use system openssl CMK-11458 Change-Id: Icc08178c09bc54bae9692409a23ab56365f3da57 Compare: https://github.com/tribe29/checkmk/compare/c7ff95dd6380...952a67627922

1 year, 11 months

[tribe29/checkmk] c7ff95: agent_kube: add CronJob option

by SoloJacobs

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: c7ff95dd6380c93648808efe512ffe022d60af57 https://github.com/tribe29/checkmk/commit/c7ff95dd6380c93648808efe512ffe022… Author: Solomon Jacobs <solomon.jacobs(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/gui/plugins/wato/special_agents/kube.py M cmk/special_agents/agent_kube.py Log Message: ----------- agent_kube: add CronJob option CMK-11546 Change-Id: I665f9bbf09e34d1513f8a45220f766da284bfd50

1 year, 11 months

[tribe29/checkmk] fbf4f3: 14769 FIX Activate Changes does not respect site-s...

by Lisa Pichler

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: fbf4f3b79f32586bd9dbb5571b39e333fccfd178 https://github.com/tribe29/checkmk/commit/fbf4f3b79f32586bd9dbb5571b39e333f… Author: Lisa Pichler <lisa.pichler(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: A .werks/14769 M cmk/gui/watolib/activate_changes.py M tests/unit/cmk/gui/watolib/test_config_sync.py Log Message: ----------- 14769 FIX Activate Changes does not respect site-specific synchronisation settings * it does not matter whether the snapshots of the sites contain the exluded paths * excluded paths are removed from the site snapshot settings in _get_replication_components * site snapshot settings are the basis of the files chosen for config sync in _incremental_config_sync CMK-11136 Change-Id: I71cfbd38c44847e752057738e282a6183890c244

1 year, 11 months

[tribe29/checkmk] 3aabee: inventory: Move cluster inventory to related tree ...

by Simon

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 3aabeea42cbd1998b9bddc99993fd0a11addb6e0 https://github.com/tribe29/checkmk/commit/3aabeea42cbd1998b9bddc99993fd0a11… Author: Simon Jess <simon.jess(a)tribe29.com> Date: 2022-10-31 (Mon, 31 Oct 2022) Changed paths: M cmk/base/agent_based/inventory/_inventory.py M cmk/base/agent_based/inventory/_tree_aggregator.py Log Message: ----------- inventory: Move cluster inventory to related tree aggregator Change-Id: I937491a3ec54db3d341fea3502b4ecf2b375126f

1 year, 11 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits October 2022