From noreply@github.com Wed Jan 15 14:11:54 2020 From: Lars To: checkmk-commits@lists.checkmk.com Subject: [checkmk-commits] [tribe29/checkmk] bb44a5: CMK-3565: cmk-update-agent.exe: Update to PyInstal... Date: Wed, 15 Jan 2020 05:11:52 -0800 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0965886936188381288==" --===============0965886936188381288== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Branch: refs/heads/1.6.0 Home: https://github.com/tribe29/checkmk Commit: bb44a5ca7f9b6afb89b62dd5da1f057545555969 https://github.com/tribe29/checkmk/commit/bb44a5ca7f9b6afb89b62dd5da1f0= 57545555969 Author: Andreas Umbreit Date: 2020-01-15 (Wed, 15 Jan 2020) Changed paths: M agents/windows/frozen_binaries/pyinstaller-deps.make R agents/windows/frozen_binaries/src/pip/PyInstaller-3.4.tar.gz A agents/windows/frozen_binaries/src/pip/PyInstaller-3.6.tar.gz Log Message: ----------- CMK-3565: cmk-update-agent.exe: Update to PyInstaller 3.6 to fix vulnerabil= ity Change-Id: I1926a851727ae90c41e42bc784d3d4cba1b79a9e Commit: e25dde395660f274cee3590b27bc1d28bb8c9aff https://github.com/tribe29/checkmk/commit/e25dde395660f274cee3590b27bc1= d28bb8c9aff Author: Andreas Umbreit Date: 2020-01-15 (Wed, 15 Jan 2020) Changed paths: A .werks/10432 Log Message: ----------- 10432 SEC cmk-update-agent.exe: Fix security issue on Windows Recently, a vulnerability of PyInstaller, that we use to compile the cmk-update-agent.exe executable on windows to one file, has been discovered, see here Only the windows version of the cmk-update-agent binary is affected. Unix ver= sions and the python script are not affected. We fix this issue by updating to PyIntaller 3.6. Jira: CMK-3565 Change-Id: Ia3774a8b29057e8d56df7678c3f9afeb39a751f4 Compare: https://github.com/tribe29/checkmk/compare/0431c7bd1d3d...e25dde3956= 60 --===============0965886936188381288==--