Checkmk git commits

checkmk-commits@lists.checkmk.com

1 participants
64160 discussions

[Checkmk/checkmk] f129d1: Add internal onboarding endpoint

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: f129d14c745596e5bf975edc4ff6778196c54596 https://github.com/Checkmk/checkmk/commit/f129d14c745596e5bf975edc4ff677819… Author: Max Linke <max.linke(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M cmk/gui/openapi/restful_objects/type_defs.py M scripts/create_test_idp_cse.sh Log Message: ----------- Add internal onboarding endpoint For the CSE we use a separate onboarding guide. The guide is loaded per checkmk instance and shown on the first login. Here we want to allow us to load the secret for an automation user. The exact user has to be configured. This will be done during setup of the site in the saas platform. We are creating a user with minimal permissions. Here for testing we use the automation user. Change-Id: I7095a73229b76c2d800a5bc58a8b9f09cf90a54f JIRA-Ref: SAASDEV-2253 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 12ad03: quick_setup/_modes: add create configuration link ...

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 12ad03d45d7080f4746be8e7ab6aa10ce53b6492 https://github.com/Checkmk/checkmk/commit/12ad03d45d7080f4746be8e7ab6aa10ce… Author: Wontek Hong <wontek.hong(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M cmk/gui/quick_setup/_modes.py Log Message: ----------- quick_setup/_modes: add create configuration link in list view page Change-Id: I919ebacbcec8356fd42dbd10bb372e92be430867 Commit: 15cd44902ca35a67d818b89ae28be457aa0b650f https://github.com/Checkmk/checkmk/commit/15cd44902ca35a67d818b89ae28be457a… Author: Wontek Hong <wontek.hong(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M cmk/gui/quick_setup/_modes.py M tests/unit/cmk/gui/wato/test_menu.py Log Message: ----------- quick_setup/_modes: register AWS Quick setup fast link Change-Id: Iba59e39cc974f07a78f106a3ed0e225897a96e00 Compare: https://github.com/Checkmk/checkmk/compare/9fa035ed8582...15cd44902ca3 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 9fa035: 17026 SEC Fix XSS in view page with SLA column

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 9fa035ed8582091470907bb08fef5437591b1826 https://github.com/Checkmk/checkmk/commit/9fa035ed8582091470907bb08fef54375… Author: Mehrdad Shahidi <mohammadmehrdad.shahidi(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: A .werks/17026.md Log Message: ----------- 17026 SEC Fix XSS in view page with SLA column Prior to this werk, the SLA (Service Level Agreement) titles were being rendered as HTML in the view page without proper escaping, leading to a potential XSS vulnerability. **Affected Versions**: * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 (EOL) **Indicators of Compromise**: Cloning the view page of untrusted users who have injected HTML into the SLA titles. **Vulnerability Management**: We have rated the issue with a CVSS score of 4.8 (medium) with the following CVSS vector: `CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N`, and assigned `CVE-2024-38859`. Change-Id: If1a560f4e6bbf5f52d9363a636e316653e134a58 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 8ca789: 17026 SEC Fix XSS in view page with SLA column

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 8ca7898d84451646596b6c9c6da80f019c5554d0 https://github.com/Checkmk/checkmk/commit/8ca7898d84451646596b6c9c6da80f019… Author: Mehrdad Shahidi <mohammadmehrdad.shahidi(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: A .werks/17026.md Log Message: ----------- 17026 SEC Fix XSS in view page with SLA column Prior to this werk, the SLA (Service Level Agreement) titles were being rendered as HTML in the view page without proper escaping, leading to a potential XSS vulnerability. **Affected Versions**: * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 (EOL) **Indicators of Compromise**: Cloning the view page of untrusted users who have injected HTML into the SLA titles. **Vulnerability Management**: We have rated the issue with a CVSS score of 4.8 (medium) with the following CVSS vector: `CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N`, and assigned `CVE-2024-38859`. Change-Id: If1a560f4e6bbf5f52d9363a636e316653e134a58 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 1d8ba0: 17026 SEC Fix XSS in view page with SLA column

by Checkmk git commit messages

Branch: refs/heads/2.1.0 Home: https://github.com/Checkmk/checkmk Commit: 1d8ba09e0b00c5d9d31e25bba48269ab281047ec https://github.com/Checkmk/checkmk/commit/1d8ba09e0b00c5d9d31e25bba48269ab2… Author: Mehrdad Shahidi <mohammadmehrdad.shahidi(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: A .werks/17026 Log Message: ----------- 17026 SEC Fix XSS in view page with SLA column Prior to this werk, the SLA (Service Level Agreement) titles were being rendered as HTML in the view page without proper escaping, leading to a potential XSS vulnerability. **Affected Versions**: * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 (EOL) **Indicators of Compromise**: Cloning the view page of untrusted users who have injected HTML into the SLA titles. **Vulnerability Management**: We have rated the issue with a CVSS score of 4.8 (medium) with the following CVSS vector: `CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N`, and assigned `CVE-2024-38859`. Change-Id: If1a560f4e6bbf5f52d9363a636e316653e134a58 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 0001d4: 17026 SEC Fix XSS in view page with SLA column

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: 0001d42e26c6845ebcc02284986c057f6a688372 https://github.com/Checkmk/checkmk/commit/0001d42e26c6845ebcc02284986c057f6… Author: Mehrdad Shahidi <mohammadmehrdad.shahidi(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: A .werks/17026 Log Message: ----------- 17026 SEC Fix XSS in view page with SLA column Prior to this werk, the SLA (Service Level Agreement) titles were being rendered as HTML in the view page without proper escaping, leading to a potential XSS vulnerability. **Affected Versions**: * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 (EOL) **Indicators of Compromise**: Cloning the view page of untrusted users who have injected HTML into the SLA titles. **Vulnerability Management**: We have rated the issue with a CVSS score of 4.8 (medium) with the following CVSS vector: `CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N`, and assigned `CVE-2024-38859`. Change-Id: If1a560f4e6bbf5f52d9363a636e316653e134a58 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] a90cab: Fix error handler

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: a90cabc9822670942362e150f90adaddbb392deb https://github.com/Checkmk/checkmk/commit/a90cabc9822670942362e150f90adaddb… Author: Leonardo Petrora <leonardo.petrora(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M packages/cmk-frontend-vue/src/quick-setup/QuickSetup.vue Log Message: ----------- Fix error handler Change-Id: I3521cc97c2ac44942f993ec64ef3dd864859c60c To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] fa6f6c: messaging: add remote connection test

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: fa6f6c3053c52910b2fbb8adf385676b11549d9d https://github.com/Checkmk/checkmk/commit/fa6f6c3053c52910b2fbb8adf385676b1… Author: Moritz Kiemer <moritz.kiemer(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M packages/cmk-messaging/cmk/messaging/__init__.py M packages/cmk-messaging/cmk/messaging/_connection.py Log Message: ----------- messaging: add remote connection test CMK-18495 Change-Id: Ib32714d004f463242f0d05dcabfcbb4c5b79a772 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 275253: testlib.version: Fix docker systemctl workaround f...

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 2752531e04a0d0d5a001163f59131b47e942ca14 https://github.com/Checkmk/checkmk/commit/2752531e04a0d0d5a001163f59131b47e… Author: René Slowenski <rene.slowenski(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M tests/testlib/version.py Log Message: ----------- testlib.version: Fix docker systemctl workaround for user mode In a dockerized environment, we replace the systemctl binary by a symlink to /bin/true to avoid some errors and noise in the logs. The workaround relied on running the tests as root, which is not done anymore. This change applies the workaround via sudo instead. Change-Id: I6c74bbb150a192d0b86d86289bbde537db9613aa Commit: b8b866f004b9056a50a6b8f8e9ce768a267ddc44 https://github.com/Checkmk/checkmk/commit/b8b866f004b9056a50a6b8f8e9ce768a2… Author: René Slowenski <rene.slowenski(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M tests/testlib/containers.py M tests/testlib/utils.py Log Message: ----------- testlib: Mount cmk-credentials to /etc instead of /root As we are no longer running the system tests as root, it is impractical to mount the cmk-credentials to the home folder of the root user. This change mounts the file to /etc instead. Change-Id: I9e535b080ef28faa03d2e18e97e11df6a047e923 Compare: https://github.com/Checkmk/checkmk/compare/bd17e98a19ad...b8b866f004b9 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

[Checkmk/checkmk] 3e6572: update azure-storage-blob and azure-identity

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 3e657234d35f0f3e923ba49f97ddd0aeda67b480 https://github.com/Checkmk/checkmk/commit/3e657234d35f0f3e923ba49f97ddd0aed… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-08-26 (Mon, 26 Aug 2024) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- update azure-storage-blob and azure-identity This addresses CVE-2024-35255 in azure-identity, which Checkmk is NOT affected by. CMK-18019 Change-Id: I6f6f0b4e290068edebabcec759d38eec2a4bf7a3 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

3 weeks, 4 days

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits