Checkmk git commits June 2024

checkmk-commits@lists.checkmk.com

1 participants
722 discussions

[Checkmk/checkmk] 74dd5c: 17009 SEC XSS in inventory tree

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: 74dd5ce0dd6947930e05a3ece2f62e790e1646d0 https://github.com/Checkmk/checkmk/commit/74dd5ce0dd6947930e05a3ece2f62e790… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/17009 M cmk/gui/views/inventory/__init__.py Log Message: ----------- 17009 SEC XSS in inventory tree Prior to this Werk an attacker with control over an agent was able to inject HTML in the output which was then rendered in the inventory tree of the coresponding host. This problem exists only if the rule *Do hardware/software inventory* is set for the compromised agent/host. We found this vulnerability internally. **Affected Versions:** * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 **Mitigations**: If you are unable to patch you can disable inventory scanning for all hosts. **Indicators of Compromise:** You can check `var/check_mk/inventory/` for inventories with embedded HTML. This only indicates current 'attacks'. Previous attacks (where the agent does not output the payload anymore) are not discoverable after some time (caching). **Vulnerability Management:** We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector: `CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L` We assigned CVE-2024-5741 to this vulnerability. **Changes:** This Werk adds sanitation to the HTML output. Change-Id: I5b93ac74128384c910fb17c54906bd62ee785d34 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] ff392d: Put computation of min/max together

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: ff392d467d35abab38dd7d19ed76562918542ae4 https://github.com/Checkmk/checkmk/commit/ff392d467d35abab38dd7d19ed7656291… Author: Simon Jess <simon.jess(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M cmk/gui/graphing/_artwork.py M tests/unit/cmk/gui/graphing/test_artwork.py Log Message: ----------- Put computation of min/max together Change-Id: I28158e67e2a130ca871dedfa7c5cc8bdb15ab62b Commit: 09ac54f9bf4d723ae3481039a3f83e1825ed0701 https://github.com/Checkmk/checkmk/commit/09ac54f9bf4d723ae3481039a3f83e182… Author: Simon Jess <simon.jess(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M cmk/gui/graphing/_artwork.py Log Message: ----------- Move '_apply_mirrored' Change-Id: Idfc6c69ee6ba3b9438f9b99283c6e3a709f692d7 Commit: d39d9332d79eadf25c95e0067f6197d15651702b https://github.com/Checkmk/checkmk/commit/d39d9332d79eadf25c95e0067f6197d15… Author: Simon Jess <simon.jess(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M cmk/gui/graphing/_artwork.py M tests/unit/cmk/gui/graphing/test_artwork.py Log Message: ----------- Put label min/max together Change-Id: I15d053960ba135ef16fe01d1ff0b7df7992c780a Compare: https://github.com/Checkmk/checkmk/compare/99edb493b66c...d39d9332d79e To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] 99edb4: gui_e2e: create PoM object for change password page

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 99edb493b66ca7b4e80cfeacc38e095ca9fa6d99 https://github.com/Checkmk/checkmk/commit/99edb493b66ca7b4e80cfeacc38e095ca… Author: Anastasiia Shevchuk <anastasiia.shevchuk(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M tests/gui_e2e/test_asvs.py M tests/gui_e2e/test_change_password.py A tests/testlib/playwright/pom/change_password.py Log Message: ----------- gui_e2e: create PoM object for change password page Add a new object for the Change Password page and refactor the tests for this page accordingly (CMK-17723) Change-Id: Ic01e48bade446bdb3c4e92225e08f776ccdd403f To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] 5ddfca: 16246 FIX Rittal temperature check regression

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 5ddfcaa66017b4dfed3a60892d034d547eae9a1f https://github.com/Checkmk/checkmk/commit/5ddfcaa66017b4dfed3a60892d034d547… Author: Timotheus Bachinger <timotheus.bachinger(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/16246.md M cmk/plugins/cmctc/agent_based/cmctc_lcp.py Log Message: ----------- 16246 FIX Rittal temperature check regression You're affected if you're using rittal temperature checks under 2.3.0. This regression exists since 2.3.0b1 and creates the following crash: ``` File "/omd/sites/YOURSITE/lib/python3/cmk/plugins/lib/temperature.py", line 319, in check_temperature raise ValueError (Cannot compute trend. Either specify both variables 'unique_name' and 'value_store' or none.) ``` Change-Id: I90cd4c1f46dd1f7301fb5024a1a4825262ee0da9 JIRA-Ref: SUP-18502 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] 02f388: 16432 FIX cisco_temperature: Handle Invalid Device...

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 02f388ae3a212fb64b5479fb681c3033f8bde6ea https://github.com/Checkmk/checkmk/commit/02f388ae3a212fb64b5479fb681c3033f… Author: Solomon Jacobs <solomon.jacobs(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/16432.md M cmk/base/plugins/agent_based/cisco_temperature.py M tests/unit/cmk/base/plugins/agent_based/test_cisco_temperature.py Log Message: ----------- 16432 FIX cisco_temperature: Handle Invalid Device Readings SUP-18995 Change-Id: I2449e9e0a0c9215be1cde02976805dd0700db85b To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] c7db36: 16432 FIX cisco_temperature: Handle Invalid Device...

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: c7db364901de7e260c2f41a08cb4b4f696f8475f https://github.com/Checkmk/checkmk/commit/c7db364901de7e260c2f41a08cb4b4f69… Author: Solomon Jacobs <solomon.jacobs(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/16432 M cmk/base/plugins/agent_based/cisco_temperature.py Log Message: ----------- 16432 FIX cisco_temperature: Handle Invalid Device Readings SUP-18995 Change-Id: I2449e9e0a0c9215be1cde02976805dd0700db85b To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] 36b75d: pylintrc: remove redundant comments.

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 36b75db0a8aad0216235e07676619978fb3f4454 https://github.com/Checkmk/checkmk/commit/36b75db0a8aad0216235e07676619978f… Author: Dhananjay Shah <dhananjay.shah(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M .pylintrc Log Message: ----------- pylintrc: remove redundant comments. `test.conftest` is not used to update python paths anymore. Change-Id: I06e8c888115e439a30553f98c426b432d8f54d1d To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] dc2e50: 16860 FIX aws_ec2_summary: Update catalog document...

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: dc2e501c2c249e36f5d74f5c8e24daa6f8864fd3 https://github.com/Checkmk/checkmk/commit/dc2e501c2c249e36f5d74f5c8e24daa6f… Author: Sofia Colakovic <sofia.colakovic(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/16860.md M cmk/plugins/aws/checkman/aws_ec2_summary Log Message: ----------- 16860 FIX aws_ec2_summary: Update catalog documentation SUP-18736 Change-Id: I27314e512e50bda7fac5b9ac79a874e01e690585 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] b3f917: 16860 FIX aws_ec2_summary: Update catalog document...

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: b3f917b70800baad6c8ea2e4fe5a8a8519f1f632 https://github.com/Checkmk/checkmk/commit/b3f917b70800baad6c8ea2e4fe5a8a851… Author: Sofia Colakovic <sofia.colakovic(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: A .werks/16860 M checkman/aws_ec2_summary Log Message: ----------- 16860 FIX aws_ec2_summary: Update catalog documentation SUP-18736 Change-Id: I27314e512e50bda7fac5b9ac79a874e01e690585 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

[Checkmk/checkmk] fadc51: Refactoring: Move pathsSince to its single use site

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: fadc51d346ded181259298e09a0f1dd9cf6841a6 https://github.com/Checkmk/checkmk/commit/fadc51d346ded181259298e09a0f1dd9c… Author: Sven Panne <sven.panne(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M packages/livestatus/include/livestatus/LogCache.h M packages/livestatus/src/LogCache.cc Log Message: ----------- Refactoring: Move pathsSince to its single use site In the end, LogCache should have a nice & simple API with something like "give me all log entries for this given range", without any abstraction violations like seeing individual log files, etc. Currently we have to go into the opposite direction: Move everything beyond a minimal, abstraction-breaking API to its use sites, make the use sites more similar, and then do the right abstraction. Change-Id: Ic6afd3a731c4732e4c26c3780baad0c51d8f07fc Commit: af6e46242bb1ff4c210489fca9921fabae84c3c4 https://github.com/Checkmk/checkmk/commit/af6e46242bb1ff4c210489fca9921faba… Author: Sven Panne <sven.panne(a)checkmk.com> Date: 2024-06-14 (Fri, 14 Jun 2024) Changed paths: M packages/livestatus/include/livestatus/LogCache.h M packages/livestatus/src/LogCache.cc M packages/livestatus/src/TableLog.cc Log Message: ----------- Refactoring: Move LogCache::for_each() to its single use site Same reason for this change as the previous one for LogCache::pathsSince(): Minimize LogCache API first => unify usages => rework API Change-Id: I69b7c55d8db509828e3d163367f1de78e8708242 Compare: https://github.com/Checkmk/checkmk/compare/c26f5941b2b8...af6e46242bb1 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 months, 3 weeks

← Newer
1
...
39
40
41
42
43
44
45
...
73
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits June 2024