Branch: refs/heads/2.2.0
Home: https://github.com/tribe29/checkmk
Commit: 4af2dab385cd9ec6926a64b89912a112553c53be
https://github.com/tribe29/checkmk/commit/4af2dab385cd9ec6926a64b89912a1125…
Author: Timotheus Bachinger <timotheus.bachinger(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M buildscripts/scripts/build-cmk-packages.groovy
Log Message:
-----------
Add missing credentials context
... after removing anonymous access from nexus
Change-Id: I9ec0edd09ec0d581ab54f04a6077b981b6388239
Commit: 4bff01fd78b906d4f435c30ffd80e4c36414ac99
https://github.com/tribe29/checkmk/commit/4bff01fd78b906d4f435c30ffd80e4c36…
Author: Timotheus Bachinger <timotheus.bachinger(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
A .werks/15560
Log Message:
-----------
15560 FIX Drop support for Debian-9
Checkmk won't be built anymore for Debian-9 (stretch) from 2.2.0 and upwards as Debian-9's LTS support ended on June 30, 2022:
https://wiki.debian.org/LTS
The support from our side was already dropped during the beta phase with <tt>2.2.0b5</tt>.
Change-Id: I7ed2a4b4856444103879e24040b43bf587b8d5fe
Compare: https://github.com/tribe29/checkmk/compare/f31635720ff3...4bff01fd78b9
Branch: refs/heads/2.1.0
Home: https://github.com/tribe29/checkmk
Commit: b7b227223c633755c440a7beba0ad8b6514397c6
https://github.com/tribe29/checkmk/commit/b7b227223c633755c440a7beba0ad8b65…
Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
A .werks/15189
M cmk/base/diagnostics.py
Log Message:
-----------
15189 SEC Don't log automation user credentials when generating performance graph diagnostics
Prior to this Werk, creating a Support Diagnostic report including the
option "Performance Graphs of Checkmk Server" caused the automation
secret of the user "automation" to be logged to the site Apache access
log file (var/log/apache/access_log). This affected both creating the
diagnostic report via the GUI (Setup > Maintenance > Support diagnostics)
and via the command line
(cmk --create-diagnostics-dump --performance-graphs).
With this Werk the credentials are no longer written to the log file.
Note that no automatic sanitization of the log file is attempted by
applying this patch.
This issue was discovered during internal review.
Affected Versions:
- 2.2.0 (beta)
- 2.1.0
- 2.0.0
Mitigations:
Users are advised to change the secret of the user "automation" via the
User Management UI.
If this is not an option for you, delete or manually sanitize the Apache
access log file and any backup of the file. Remove any line that
contains a POST to
<your site URL>/report.py?_username=automation&_secret=<...>.
Refrain from using the affected functionality before applying this patch
or manually sanitize the file afterwards.
Vulnerability Management:
We have rated the issue with a CVSS Score of 4.4 (Medium) with the
following CVSS vector:
<tt>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N</tt>.
We have assigned CVE-2023-31207.
Change-Id: I5b903fb3c1d186219f7718acf3d6efa498e9f5cf
Commit: d00dbe64b3174bd6da83b72b53a0dc33cf4d3a38
https://github.com/tribe29/checkmk/commit/d00dbe64b3174bd6da83b72b53a0dc33c…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
R .werks/15480
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "15480 FIX Do not show rules of folders the user has no permission for"
This reverts commit 83ef3f4c3b15df713e1c43671af62626884bac3b.
Reason for revert: not needed
Change-Id: I54ac5decc6b2cab8e74ee280e8809160fbd66703
Commit: 0e294f9407875a07cc29d7b45df5ced88d00b034
https://github.com/tribe29/checkmk/commit/0e294f9407875a07cc29d7b45df5ced88…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "Do not allow to view rules without permission via url"
This reverts commit 48dcf08ab7730182d59b74a93476260981a6b394.
Reason for revert: not needed
Change-Id: I735d87e6f5db65ee98e3f852dc56b19152ead70c
Compare: https://github.com/tribe29/checkmk/compare/a00911841ee9...0e294f940787
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 0bf695c4059b677105eb83266996b50286b4977e
https://github.com/tribe29/checkmk/commit/0bf695c4059b677105eb83266996b5028…
Author: Alex Zurhake <alex.zurhake(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M omd/WORKSPACE
A omd/packages/libgsf/BUILD
A omd/packages/libgsf/BUILD.libgsf.bazel
R omd/packages/libgsf/libgsf-1.14.44.tar.xz
M omd/packages/libgsf/libgsf.make
A omd/packages/libgsf/libgsf_http.bzl
Log Message:
-----------
Bazelize libgsf
Change-Id: Ic9c0be2b1de0d0cda222f237f9e5f24bb10293a5
Commit: 4f67db261afbad7077f7e8b6ba2dfe1f9eaa29f3
https://github.com/tribe29/checkmk/commit/4f67db261afbad7077f7e8b6ba2dfe1f9…
Author: Matteo Stifano <matteo.stifano(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M tests/update/conftest.py
Log Message:
-----------
Include assertion over executed command return status
Change-Id: I24c2e75f0654eba49e88f0bb818c2bfb35831a51
(cherry picked from commit be5bf65b85320cdba6aa40ca02c50c828461701a)
Commit: 45f2de418b5e9eca1c084164a287fa25b6ba8f5e
https://github.com/tribe29/checkmk/commit/45f2de418b5e9eca1c084164a287fa25b…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
R .werks/15480
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "15480 FIX Do not show rules of folders the user has no permission for"
This reverts commit 6ffbfe1917442db400b9ace76a5713c8abb4013f.
Reason for revert: not needed
Change-Id: I021b0e1274b3c0a3e501a54f0f4d4ff4a744b9f9
Commit: bfab66688ad59edbddbf0eb71fb197e115314b15
https://github.com/tribe29/checkmk/commit/bfab66688ad59edbddbf0eb71fb197e11…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "Do not allow to view rules without permission via url"
This reverts commit 0a9b7cac0e1265121ad80ecc315e181ae94339b8.
Reason for revert: not needed
Change-Id: I36f9a7760b1465308cd53177813c908e804472a2
Compare: https://github.com/tribe29/checkmk/compare/62e4c8fcbe42...bfab66688ad5
Branch: refs/heads/2.2.0
Home: https://github.com/tribe29/checkmk
Commit: 7af2ad2f17b7deb33acbe88b64ffae8f4835572c
https://github.com/tribe29/checkmk/commit/7af2ad2f17b7deb33acbe88b64ffae8f4…
Author: Matteo Stifano <matteo.stifano(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M tests/testlib/utils.py
Log Message:
-----------
Simplify spawn_expect_process logic and improve logging
Change-Id: I400f1a05e98a39c335a250b34cce94ab7e3ca381
Commit: 80543cdb85c56531ec3517e7bf33b97163989bd6
https://github.com/tribe29/checkmk/commit/80543cdb85c56531ec3517e7bf33b9716…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
R .werks/15480
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "15480 FIX Do not show rules of folders the user has no permission for"
This reverts commit ae327278d2f01ca6da5b62016f2ab6cbb461139f.
Reason for revert: not needed
Change-Id: I6d4fff203092c9adcfd9c6c7e694e8e968dc0c1a
Commit: f31635720ff38d0e602259c329892c0d698b23c7
https://github.com/tribe29/checkmk/commit/f31635720ff38d0e602259c329892c0d6…
Author: Ronny Bruska <ronny.bruska(a)checkmk.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M cmk/gui/wato/pages/rulesets.py
Log Message:
-----------
Revert "Do not allow to view rules without permission via url"
This reverts commit 15e2500a63b9a913fcd23eadf04ea064d8c9dd45.
Reason for revert: not needed
Change-Id: I0d349716cca565ed7e188f4064fcc151cb721ddc
Compare: https://github.com/tribe29/checkmk/compare/ead683f4a9a6...f31635720ff3
Branch: refs/heads/master
Home: https://github.com/tribe29/checkmk
Commit: 63d5d58520fe9887ca10b3fc0307321353c9b4e2
https://github.com/tribe29/checkmk/commit/63d5d58520fe9887ca10b3fc030732135…
Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M buildscripts/scripts/utils/notify.groovy
Log Message:
-----------
Migrate buildscripts to @checkmk
Change-Id: I1df082877927349f187eb49557147d27f739f286
Commit: 5d1f24cce2c60d1adf9e41127864716dd172c174
https://github.com/tribe29/checkmk/commit/5d1f24cce2c60d1adf9e41127864716dd…
Author: Simon Jess <simon.jess(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
A .werks/15393
M cmk/base/plugins/agent_based/cisco_meraki_org_device_info.py
M cmk/special_agents/agent_cisco_meraki.py
M tests/unit/cmk/base/plugins/agent_based/test_cisco_meraki_org_device_info.py
M tests/unit/cmk/special_agents/test_agent_cisco_meraki.py
Log Message:
-----------
15393 cisco_meraki_org_device_info: Add more information to HW/SW inventory
The following fields of a device are added:
<ul>
<li>Address</li>
<li>Product type (if available)</li>
<li>Organisation ID</li>
<li>Organisation name</li>
</ul>
Change-Id: I13fba3aa69dc7d073dcb56a273001cdac847a469
Commit: 62e4c8fcbe42f121855fea742aba6e8694a3fd4a
https://github.com/tribe29/checkmk/commit/62e4c8fcbe42f121855fea742aba6e869…
Author: Zoey Hilton <zoey.hilton(a)tribe29.com>
Date: 2023-05-02 (Tue, 02 May 2023)
Changed paths:
M agents/plugins/apache_status.py
M bandit.yaml
M cmk/ec/history.py
M cmk/gui/plugins/openapi/restful_objects/code_examples.py
M cmk/gui/plugins/openapi/restful_objects/documentation.py
M cmk/special_agents/agent_zerto.py
M cmk/utils/agent_simulator.py
M cmk/utils/crypto/__init__.py
M cmk/utils/livestatus_helpers/tables/_create_table.py
M doc/helpers/import-memory
M omd/packages/omd/omdlib/main.py
M tests/bandit-nosec-markers/bandit-exclusions.md
Log Message:
-----------
Updated annotations
Added instances of BNS:2b5952 where it would be best to review again. This includes areas were subprocess is not optimal with "with" or intended functionaility require "os" to stay in use.
Annotated any SSL nosecs
Replaced most ocurances of os.system or os.popen with subprocess shell=False
Change-Id: I9d0f87eca45bf164f1eec44611a7127422f0735d
Compare: https://github.com/tribe29/checkmk/compare/a0c5567484a9...62e4c8fcbe42