Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 637baf9ce714c47fe055211dcfb8bf197b209852
https://github.com/tribe29/checkmk/commit/637baf9ce714c47fe055211dcfb8bf197…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
A omd/packages/apache-omd/.f12
M omd/packages/apache-omd/skel/etc/apache/conf.d/security.conf
M tests/packaging/test_files.py
Log Message:
-----------
CSP fix for Apache 2.4.6
Centos7 comes with apache 2.4.6 which does not support `setifempty`.
Also added a f12 file for testing the config and a test to make sure
these f12 files don't make it into a release.
Change-Id: Ieedb6f9bf48ded08e893ada0ff7047be463c0f5d
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 85292cb00f4d1dbac85d85a2bdf54737a5cf4fa1
https://github.com/tribe29/checkmk/commit/85292cb00f4d1dbac85d85a2bdf54737a…
Author: Anastasiya Liatsetskaya <anastasiya.liatsetskaya(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M cmk/gui/plugins/openapi/endpoints/bi.py
M tests/unit/checks/test_hp_proliant_raid.py
M tests/unit/cmk/base/plugins/agent_based/test_kube_cpu.py
M tests/unit/cmk/base/plugins/agent_based/test_kube_pod_containers.py
M tests/unit/cmk/base/plugins/agent_based/test_mobileiron_compliance.py
M tests/unit/cmk/base/plugins/agent_based/test_mssql_datafiles_transactionlogs.py
M tests/unit/cmk/base/plugins/agent_based/test_netapp_api_qtree_quota.py
M tests/unit/cmk/base/plugins/agent_based/test_ps_section.py
M tests/unit/cmk/gui/utils/test_flashed_messages.py
M tests/unit/cmk/gui/watolib/test_groups.py
Log Message:
-----------
Missing types added, p22
CMK-10552
Change-Id: I5dbefa254b3ea240968777f6b6796b705d890a39
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: ef9c96327efeb73dfb6dea3587dea7bcfa0a77fd
https://github.com/tribe29/checkmk/commit/ef9c96327efeb73dfb6dea3587dea7bcf…
Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
A .werks/15183
M cmk/gui/userdb/__init__.py
M cmk/gui/userdb/htpasswd.py
A cmk/update_config/plugins/actions/password_hashes.py
M cmk/utils/crypto/password_hashing.py
M tests/testlib/users.py
M tests/unit/cmk/gui/test_userdb_htpasswd_connector.py
M tests/unit/cmk/update_config/conftest.py
A tests/unit/cmk/update_config/plugins/actions/test_password_hashes.py
M tests/unit/cmk/update_config/plugins/actions/test_user_attributes.py
M tests/unit/cmk/utils/crypto/test_password_hashing.py
Log Message:
-----------
15183 SEC Drop support for outdated password hashing schemes
With Checkmk 2.2.0 the support for older and in part insecure password
hashing schemes has been removed.
As a result, it is possible that some local users cannot log in anymore.
`omd update` will now inform about these cases.
Since Werk #14391 old password hashes were either automatically updated
upon login or users were asked to choose new passwords, depending on how
old and insecure their hashes were. However, if a user has not logged in
at all since Werk #14391 it is possible that they still use the old
hashing scheme. These users will not be able to log in after the update,
since support for these schemes has been removed. The login will fail
with the message "Invalid login".
In order to restore access for affected users, you need to manually
reset their password. This can be done either via user management in
Setup > Users or via the commandline using cmk-passwd.
Even though this Werk is related to security, it does not fix any
exploitable issue. To aid automatic scanners, we assign a CVSS score
of 0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).
CMK-11608
Change-Id: I0102b3601f0cf0d19aad2023058b2541b302bdd9
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 65dbc78a10dd08f061a57caa7f6103072c1d33ac
https://github.com/tribe29/checkmk/commit/65dbc78a10dd08f061a57caa7f6103072…
Author: Sven Panne <sven.panne(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M livestatus/src/NagiosCore.cc
M livestatus/src/NagiosCore.h
M livestatus/src/NebHost.h
M livestatus/src/NebService.h
M livestatus/src/TableHosts.cc
M livestatus/src/TableServices.cc
Log Message:
-----------
Introduced findCustomAttributeValue().
Although this temporarily leads to some copy-n-paste, it helps to figure
out which kind of API we really need. The cleanup will be done later.
Change-Id: I45d5acd09cdd3d2f375120ede09d4856233fade0
Commit: 3072e7fc75f2949d8694278d22f204d2611ce92b
https://github.com/tribe29/checkmk/commit/3072e7fc75f2949d8694278d22f204d26…
Author: Sven Panne <sven.panne(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
R .werks/14689
M livestatus/src/TableHosts.cc
M livestatus/src/TableServices.cc
Log Message:
-----------
Fixed offset calculation for various columns, fixing lying types.
Due to our type-unaware ColumnOffsets "technology", we had incorrect types
at several places which could not be detected as such by the compiler. In
an attempt to fix type errors resulting from those incorrect types, an
incorrect fix/werk was attempted, leading to crashes.
The real fix is to fix the offset calculations. An even better fix would be
making our ColumnOffsets stuff used for joining tables really typed, without
going via intermediate void*. But with the current code structure, this is
not trivial. :-/
Change-Id: I12f4c7f69335690a3f4aeb5b8bb31149c0eecc83
Compare: https://github.com/tribe29/checkmk/compare/79febcd78cda...3072e7fc75f2
Branch: refs/heads/2.1.0
Home: https://github.com/tribe29/checkmk
Commit: 3c6b711a89d0624249779559f081a1aa9dff153d
https://github.com/tribe29/checkmk/commit/3c6b711a89d0624249779559f081a1aa9…
Author: Wontek Hong <wontek.hong(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M cmk/gui/watolib/simple_config_file.py
Log Message:
-----------
simple_config_file: refactor WatoSimpleConfigFile to allow for multiple config file types
Change-Id: I53224cbf7482aac6281f6c34674c81e65958d8bf
Commit: e83142cc871314a80d8c6db55c99b30f7ec1adc3
https://github.com/tribe29/checkmk/commit/e83142cc871314a80d8c6db55c99b30f7…
Author: Wontek Hong <wontek.hong(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
A .werks/15170
M cmk/gui/plugins/watolib/utils.py
M cmk/gui/watolib/changes.py
M cmk/gui/watolib/users.py
M cmk/utils/password_store.py
Log Message:
-----------
15170 FIX DCD: fix REST API authentication problems
Prior to this werk, the DCD raised a REST API authentication error
when the user's automation password was changed after it was started.
In addition, the same error was also raised when the "Individual
automation user credentials" option in the "Connection to the REST API"
global setting was configured. This werk fixes both error sources.
CMK-10397
Change-Id: I2f58772ffbb89ddf1ed04870c77106c7654bbe44
Commit: 078a2d862deff5f3f215f2691b84f837f1092e7d
https://github.com/tribe29/checkmk/commit/078a2d862deff5f3f215f2691b84f837f…
Author: Wontek Hong <wontek.hong(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M cmk/gui/watolib/users.py
Log Message:
-----------
users: add pylint ignore statement for cee import
Change-Id: I28178036aa1031287556b5f33e0cb2a3a64a8eb2
Commit: f6e238d50f2e5e76f553dbd4054b332c694a0eca
https://github.com/tribe29/checkmk/commit/f6e238d50f2e5e76f553dbd4054b332c6…
Author: Wontek Hong <wontek.hong(a)tribe29.com>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M cmk/gui/watolib/users.py
Log Message:
-----------
users: add pylint ignore statement for cee import part 2
Change-Id: I457026cd4e2abfe09bd4eb58b5b0bdec0d8c2bcd
Compare: https://github.com/tribe29/checkmk/compare/2fc99a2db7cc...f6e238d50f2e