Checkmk git commits August 2023

checkmk-commits@lists.checkmk.com

1 participants
477 discussions

[Checkmk/checkmk] dd0cbb: 15705 FIX Warning about agent updater rule on CME ...

by Checkmk git commit messages

Branch: refs/heads/2.1.0 Home: https://github.com/Checkmk/checkmk Commit: dd0cbb37405fd003ed2219033d60246c6b71f8c4 https://github.com/Checkmk/checkmk/commit/dd0cbb37405fd003ed2219033d60246c6… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15705 Log Message: ----------- 15705 FIX Warning about agent updater rule on CME remote site update When updating a remote site in a distributed site setup using the Checkmk Managed Services Edition, the update process may issue a warning like this: C+: -| WARNING: Invalid rule configuration detected (Ruleset: agent_config:cmk_update_agent, Title: Agent updater (Linux, Windows, Solaris), Folder: , -| Rule nr: 1, Exception: -----BEGIN CERTIFICATE----- -| MII... -| ...HqQ== -| -----END CERTIFICATE----- -| is not an allowed value) -| Detected 1 issue(s) in configured rules. -| To correct these issues, we recommend to open the affected rules in the GUI. -| Upon attempting to save them, any problematic fields will be highlighted. C-: The root cause for this warning is that on the CME remote site, the underlying agent signing certificates are not available, so the ruleset referring to them can't be verified. As a workaround you can safely ignore this warning, since the cmk_update_agent rule is never used on a remote site. However, from now on the warning won't be displayed any longer. Change-Id: Iecd2c270a4e77f21d4b942e6a659ce5ad4a9f4f8

1 year, 1 month

[Checkmk/checkmk] df842b: 15705 FIX Warning about agent updater rule on CME ...

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: df842b30a377bfac98bb8332b5b1c47345530bc9 https://github.com/Checkmk/checkmk/commit/df842b30a377bfac98bb8332b5b1c4734… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15705 Log Message: ----------- 15705 FIX Warning about agent updater rule on CME remote site update When updating a remote site in a distributed site setup using the Checkmk Managed Services Edition, the update process may issue a warning like this: C+: -| WARNING: Invalid rule configuration detected (Ruleset: agent_config:cmk_update_agent, Title: Agent updater (Linux, Windows, Solaris), Folder: , -| Rule nr: 1, Exception: -----BEGIN CERTIFICATE----- -| MII... -| ...HqQ== -| -----END CERTIFICATE----- -| is not an allowed value) -| Detected 1 issue(s) in configured rules. -| To correct these issues, we recommend to open the affected rules in the GUI. -| Upon attempting to save them, any problematic fields will be highlighted. C-: The root cause for this warning is that on the CME remote site, the underlying agent signing certificates are not available, so the ruleset referring to them can't be verified. As a workaround you can safely ignore this warning, since the cmk_update_agent rule is never used on a remote site. However, from now on the warning won't be displayed any longer. Change-Id: Iecd2c270a4e77f21d4b942e6a659ce5ad4a9f4f8

1 year, 1 month

[Checkmk/checkmk] 412cde: Removed dead handle() methods.

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 412cde9906b64ffbf37e71baadd3cecd94f992ac https://github.com/Checkmk/checkmk/commit/412cde9906b64ffbf37e71baadd3cecd9… Author: Sven Panne <sven.panne(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: M packages/livestatus/include/livestatus/Interface.h M packages/neb/include/neb/NebContactGroup.h M packages/neb/include/neb/NebHostGroup.h M packages/neb/include/neb/NebServiceGroup.h Log Message: ----------- Removed dead handle() methods. Change-Id: I5641d52ae50903df137724f2b508a1baae50ba32

1 year, 1 month

[Checkmk/checkmk] c4fbae: 16031 FIX ntop: interface and vlan dropdown

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: c4fbae8686d17797ad4128307c593f4d65a44944 https://github.com/Checkmk/checkmk/commit/c4fbae8686d17797ad4128307c593f4d6… Author: Lukas Lengler <lukas.lengler(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/16031 Log Message: ----------- 16031 FIX ntop: interface and vlan dropdown When selecting a new interface or vlan id via the dropdown the data was not automatically updated and the page had to be refreshed manually. Now the data is updated after selecting the interface or vlan. CMK-8154 Change-Id: I48c28e6c979773149d2d1fd2c77961287eed3e83 Commit: f80b66732b3d1e00483cd062f0cb5b0351d0b2ec https://github.com/Checkmk/checkmk/commit/f80b66732b3d1e00483cd062f0cb5b035… Author: Gav <gavin.mcguigan(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15892 M cmk/gui/page_menu_utils.py Log Message: ----------- 15892 FIX ntop_alerts: rename alert tabs in ntop alerts dashboard Previously, the alert tabs were named Engaged, Host, Flow. This didn't align correctly with ntopng's own dashboard. They have now been renamed to Engaged Host, Past Host and Past Flow. Change-Id: I6cddd8d33f84ec06589478214e3e1531d54a11f2 Commit: b11304763a9df6f24802b3a481ce3ba67dc191af https://github.com/Checkmk/checkmk/commit/b11304763a9df6f24802b3a481ce3ba67… Author: Gav <gavin.mcguigan(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15893 Log Message: ----------- 15893 FIX ntop_alerts: introduce pagination to ntop alerts dashboard Previously the alerts dashboard would fetch 5 hours of alert data by default or the time range selected by the user via the time series graphs. This caused performance issues since the number of alerts could vary greatly, often resulting in timeouts. This werk addresses this problem by introducing pagination on the backend. We now only fetch 20 alerts in any given api call. The user can then request more using the next button. Change-Id: I47c6bb1fd4bff1b1276f67541ab5d75326602a91 Commit: 63745c5e605d18546c30edb0044df6126875dd10 https://github.com/Checkmk/checkmk/commit/63745c5e605d18546c30edb0044df6126… Author: Gav <gavin.mcguigan(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15959 Log Message: ----------- 15959 FIX ntop_alerts: populate alert type dropdown list in alerts dashboards This werk fixes an issue with the alert type dropdown menu in the alerts dashboards. Previously, it was only populated with All, meaning you couldn't filter the alerts on alert type. Now the dropdown is populated with all possible alert type values. Change-Id: I64a59af935ea665565abfad78f732fbabd63f4fb Compare: https://github.com/Checkmk/checkmk/compare/a347f8468616...63745c5e605d

1 year, 1 month

[Checkmk/checkmk] 355ee9: 15691 SEC Fix XSS in business intelligence

by Checkmk git commit messages

Branch: refs/heads/2.1.0 Home: https://github.com/Checkmk/checkmk Commit: 355ee9eb6c1cbb2aa86db5f6f11a72ec71a3b77a https://github.com/Checkmk/checkmk/commit/355ee9eb6c1cbb2aa86db5f6f11a72ec7… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15691 M cmk/gui/plugins/wato/bi_config.py Log Message: ----------- 15691 SEC Fix XSS in business intelligence Prior to this Werk it was possible to inject HTML or Javascript (Reflected XSS). A legitimate user tricked to click on a prepared link would then run arbitrary Javascript code in a valid session. This vulnerability is only triggerable if another Business Intelligence BI pack (next to the default) was created. We found this vulnerability internally. Affected Versions: LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 LI: 1.6.0 (probably older versions as well) Indicators of Compromise: To check for exploitation one can check the site apache access log <tt>var/log/apache/access_log</tt> for entries like <tt>/$SITENAME/check_mk/wato.py?mode=bi_aggregations&bulk_moveto=</tt>. The order of the URL paramters can be changed by an attacker. Potential injected code would be in the parameter <tt>bulk_moveto</tt>. Vulnerability Management: We have rated the issue with a CVSS Score of 5.4 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N</tt>. We assigned CVE-2023-23548 to this vulnerability. Changes: This Werk introduces escaping for the vulnerable parameter. CMK-14034 Change-Id: Ic48e5580a612bc34af8dcf31acacb2fbc1ee742c

1 year, 1 month

[Checkmk/checkmk] 2cb628: 15691 SEC Fix XSS in business intelligence

by Checkmk git commit messages

Branch: refs/heads/2.0.0 Home: https://github.com/Checkmk/checkmk Commit: 2cb6285b371b82d20210a733103a1ab1d72d612b https://github.com/Checkmk/checkmk/commit/2cb6285b371b82d20210a733103a1ab1d… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2023-07-25 (Tue, 25 Jul 2023) Changed paths: A .werks/15691 M cmk/gui/plugins/wato/bi_config.py Log Message: ----------- 15691 SEC Fix XSS in business intelligence Prior to this Werk it was possible to inject HTML or Javascript (Reflected XSS). A legitimate user tricked to click on a prepared link would then run arbitrary Javascript code in a valid session. This vulnerability is only triggerable if another Business Intelligence BI pack (next to the default) was created. We found this vulnerability internally. Affected Versions: LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 LI: 1.6.0 (probably older versions as well) Indicators of Compromise: To check for exploitation one can check the site apache access log <tt>var/log/apache/access_log</tt> for entries like <tt>/$SITENAME/check_mk/wato.py?mode=bi_aggregations&bulk_moveto=</tt>. The order of the URL paramters can be changed by an attacker. Potential injected code would be in the parameter <tt>bulk_moveto</tt>. Vulnerability Management: We have rated the issue with a CVSS Score of 5.4 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N</tt>. We assigned CVE-2023-23548 to this vulnerability. Changes: This Werk introduces escaping for the vulnerable parameter. CMK-14034 Change-Id: Ic48e5580a612bc34af8dcf31acacb2fbc1ee742c

1 year, 1 month

[Checkmk/checkmk] 73a938: 15691 SEC Fix XSS in business intelligence

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 73a9380677d83feecff34d1d0528c04aa8860efa https://github.com/Checkmk/checkmk/commit/73a9380677d83feecff34d1d0528c04aa… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15691 M cmk/gui/plugins/wato/bi_config.py Log Message: ----------- 15691 SEC Fix XSS in business intelligence Prior to this Werk it was possible to inject HTML or Javascript (Reflected XSS). A legitimate user tricked to click on a prepared link would then run arbitrary Javascript code in a valid session. This vulnerability is only triggerable if another Business Intelligence BI pack (next to the default) was created. We found this vulnerability internally. Affected Versions: LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 LI: 1.6.0 (probably older versions as well) Indicators of Compromise: To check for exploitation one can check the site apache access log <tt>var/log/apache/access_log</tt> for entries like <tt>/$SITENAME/check_mk/wato.py?mode=bi_aggregations&bulk_moveto=</tt>. The order of the URL paramters can be changed by an attacker. Potential injected code would be in the parameter <tt>bulk_moveto</tt>. Vulnerability Management: We have rated the issue with a CVSS Score of 5.4 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N</tt>. We assigned CVE-2023-23548 to this vulnerability. Changes: This Werk introduces escaping for the vulnerable parameter. CMK-14034 Change-Id: Ic48e5580a612bc34af8dcf31acacb2fbc1ee742c

1 year, 1 month

[Checkmk/checkmk] a347f8: 15691 SEC Fix XSS in business intelligence

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: a347f8468616180a492ccd93f126fa948834e59a https://github.com/Checkmk/checkmk/commit/a347f8468616180a492ccd93f126fa948… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A .werks/15691 M cmk/gui/plugins/wato/bi_config.py Log Message: ----------- 15691 SEC Fix XSS in business intelligence Prior to this Werk it was possible to inject HTML or Javascript (Reflected XSS). A legitimate user tricked to click on a prepared link would then run arbitrary Javascript code in a valid session. This vulnerability is only triggerable if another Business Intelligence BI pack (next to the default) was created. We found this vulnerability internally. Affected Versions: LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 LI: 1.6.0 (probably older versions as well) Indicators of Compromise: To check for exploitation one can check the site apache access log <tt>var/log/apache/access_log</tt> for entries like <tt>/$SITENAME/check_mk/wato.py?mode=bi_aggregations&bulk_moveto=</tt>. The order of the URL paramters can be changed by an attacker. Potential injected code would be in the parameter <tt>bulk_moveto</tt>. Vulnerability Management: We have rated the issue with a CVSS Score of 5.4 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N</tt>. We assigned CVE-2023-23548 to this vulnerability. Changes: This Werk introduces escaping for the vulnerable parameter. CMK-14034 Change-Id: Ic48e5580a612bc34af8dcf31acacb2fbc1ee742c

1 year, 1 month

[Checkmk/checkmk] 7fa4b1: Pipfile cleanups

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 7fa4b14eaf62787e79f7e9932c1b25c4a28f02b0 https://github.com/Checkmk/checkmk/commit/7fa4b14eaf62787e79f7e9932c1b25c4a… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: M Pipfile M Pipfile.lock M tests/code_quality/test_pipfile.py Log Message: ----------- Pipfile cleanups Change-Id: I6642761fa67792da749e75dcef4d969c7f7889ea

1 year, 1 month

[Checkmk/checkmk] a7ec12: SaaS: Deactivate the Event Console for the CSE

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: a7ec12bdc58648cfeb8bc412728b6c8ad407af98 https://github.com/Checkmk/checkmk/commit/a7ec12bdc58648cfeb8bc412728b6c8ad… Author: Kenneth Okoh <kenneth.okoh(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: A cmk/gui/mkeventd/_sidebar_snapin.py M cmk/gui/mkeventd/registration.py M cmk/gui/mkeventd/wato.py M cmk/gui/pagetypes.py M cmk/gui/plugins/config/base.py M cmk/gui/plugins/main_modules/registration.py R cmk/gui/plugins/sidebar/mkeventd.py M cmk/gui/plugins/wato/active_checks/mailbox.py M cmk/gui/plugins/wato/check_parameters/logwatch_ec.py M cmk/gui/plugins/wato/globals_notification.py M cmk/gui/plugins/wato/notifications.py M cmk/gui/plugins/wato/omd_configuration.py M cmk/gui/plugins/wato/special_agents/datadog.py M cmk/gui/plugins/wato/utils/__init__.py M cmk/gui/wato/pages/notifications.py M cmk/gui/wato/pages/users.py M omd/packages/check_mk/MKEVENTD M omd/packages/omd/omdlib/config_hooks.py Log Message: ----------- SaaS: Deactivate the Event Console for the CSE CMK-13868 Change-Id: Id520f09feb66ce8b1109949c6f46d8cc76a0984b Commit: 690129f856b29858adeed8fc5e196fcc1c1e03cc https://github.com/Checkmk/checkmk/commit/690129f856b29858adeed8fc5e196fcc1… Author: Mazen Alkatlabee <mazen.alkatlabee(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: M tsconfig.strict.json M web/htdocs/js/modules/figures/cmk_figures.ts M web/htdocs/js/modules/figures/figure_types.ts M web/htdocs/js/modules/graphs.ts Log Message: ----------- add types to cmk_timeseries.ts Change-Id: I0ef59adf343cdf53ad054db39fd9f9f17e0d14eb Commit: 430c157ced6109b6ae46b59b609227babb5aa3f3 https://github.com/Checkmk/checkmk/commit/430c157ced6109b6ae46b59b609227bab… Author: Mazen Alkatlabee <mazen.alkatlabee(a)checkmk.com> Date: 2023-08-01 (Tue, 01 Aug 2023) Changed paths: M tsconfig.strict.json Log Message: ----------- add types to graphs_cee.ts Change-Id: Ic2f184824782e7fab07d1b7098ef9e72ffdae40d Compare: https://github.com/Checkmk/checkmk/compare/2b1abafe1290...430c157ced61

1 year, 1 month

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits August 2023