Checkmk git commits

checkmk-commits@lists.checkmk.com

1 participants
64478 discussions

[Checkmk/checkmk] 6c7725: 16361 SEC Privilege escalation in Windows agent

by Checkmk git commit messages

Branch: refs/heads/2.1.0 Home: https://github.com/Checkmk/checkmk Commit: 6c772598aac4018077fadeb0c38b94381cafb27f https://github.com/Checkmk/checkmk/commit/6c772598aac4018077fadeb0c38b94381… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: A .werks/16361 Log Message: ----------- 16361 SEC Privilege escalation in Windows agent In order to execute some system commands Checkmk Windows agent writes cmd files to `C:\Windows\Temp\` and afterwards executes them. The permissions of the files were set restrictive but existing files were not properly handled. If a cmd file already existed and was write protected the agent was not able to rewrite the file but did not handle this case and executed the file nevertheless. We thank Michael Baer (SEC Consult Vulnerability Lab) for reporting this issue. **Affected Versions**: * 2.2.0 * 2.1.0 * 2.0.0 **Indicators of Compromise**: The filename of the cmd file needed to be guessed therefore the proof-of-concept creates a lot of files in `C\Windows\Temp` with the filename `cmk_all_\d+_1.cmd`. These file-creation events could be monitored. **Vulnerability Management**: We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`. We assigned CVE-2024-0670 to this vulnerability. **Changes**: This Werk changes the temp folder and adds a subfolder with more restrictive permissions in which the files are created. Also errors are handled better. Change-Id: I9b6b6dbe68d638c9e0dcf127646783d15f1df589 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 22de89: 16361 SEC Privilege escalation in Windows agent

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: 22de8967ee57635f022996260036f7059c359d77 https://github.com/Checkmk/checkmk/commit/22de8967ee57635f022996260036f7059… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: A .werks/16361 Log Message: ----------- 16361 SEC Privilege escalation in Windows agent In order to execute some system commands Checkmk Windows agent writes cmd files to `C:\Windows\Temp\` and afterwards executes them. The permissions of the files were set restrictive but existing files were not properly handled. If a cmd file already existed and was write protected the agent was not able to rewrite the file but did not handle this case and executed the file nevertheless. We thank Michael Baer (SEC Consult Vulnerability Lab) for reporting this issue. **Affected Versions**: * 2.2.0 * 2.1.0 * 2.0.0 **Indicators of Compromise**: The filename of the cmd file needed to be guessed therefore the proof-of-concept creates a lot of files in `C\Windows\Temp` with the filename `cmk_all_\d+_1.cmd`. These file-creation events could be monitored. **Vulnerability Management**: We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`. We assigned CVE-2024-0670 to this vulnerability. **Changes**: This Werk changes the temp folder and adds a subfolder with more restrictive permissions in which the files are created. Also errors are handled better. Change-Id: I9b6b6dbe68d638c9e0dcf127646783d15f1df589 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 5973d6: check_http: Reformat output

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 5973d674a775d5b4fb89907452f3920afe5bc8d4 https://github.com/Checkmk/checkmk/commit/5973d674a775d5b4fb89907452f3920af… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs M packages/check-http/src/output.rs M packages/check-http/src/runner.rs M packages/check-http/tests/test_http.rs Log Message: ----------- check_http: Reformat output - Separate Method and version output - Output of initial and final (if redirected) URLs - Remove redundant leading "HTTP <State>" Output CMK-16160 Change-Id: I9fa995bfd79fe1b58374553fa9719e77139a6cc2 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 304746: Shellcheck fixup after several merges in install s...

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 3047464fbd40b8e3a73b7b46969a3cc7666a93a1 https://github.com/Checkmk/checkmk/commit/3047464fbd40b8e3a73b7b46969a3cc76… Author: Jonas Scharpf <jonas.scharpf(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M buildscripts/infrastructure/build-nodes/scripts/install-gdb.sh M buildscripts/infrastructure/build-nodes/scripts/install-gnu-toolchain.sh Log Message: ----------- Shellcheck fixup after several merges in install scripts CMK-15854 Change-Id: I50bc751be5e029193ea1759a2db3c344bd38c2ef Commit: ec5e554d044ff0af130fcf22814e83c3a0458b5b https://github.com/Checkmk/checkmk/commit/ec5e554d044ff0af130fcf22814e83c3a… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs M packages/check-http/src/runner.rs Log Message: ----------- check_http: Output method CMK-16160 Change-Id: I0a705e90c5a2735228f1ae6f1dbe5c9673f8c848 Compare: https://github.com/Checkmk/checkmk/compare/9ca96fe160d1...ec5e554d044f To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 2f9ede: 16530 FIX Make the EC GUI send a list of events to...

by Checkmk git commit messages

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: 2f9ede58eae784ff920b96298092f755abf8e4e1 https://github.com/Checkmk/checkmk/commit/2f9ede58eae784ff920b96298092f755a… Author: Konstantin Baikov <konstantin.baikov(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: A .werks/16530 M cmk/gui/mkeventd/views.py Log Message: ----------- 16530 FIX Make the EC GUI send a list of events to update Change-Id: I40be7b5e3aa1b2f9ff0247a84b6e2d722b728d49 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] e9fd33: check_cert rule: wording and algo name stylization

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: e9fd337211a394933b5f8369c8e1f36d44b8a0c2 https://github.com/Checkmk/checkmk/commit/e9fd337211a394933b5f8369c8e1f36d4… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M cmk/plugins/collection/rulesets/cert.py Log Message: ----------- check_cert rule: wording and algo name stylization Also allowing to require SHA3 hashes for DSA, which is an unlikely but possible combination. Change-Id: I86a10977c553d6c40f836119f6307f0affec0d84 Commit: aff3682a27ee8c1a4b9af41147b747850cf3a071 https://github.com/Checkmk/checkmk/commit/aff3682a27ee8c1a4b9af41147b747850… Author: Konstantin Baikov <konstantin.baikov(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: A .werks/16530.md M cmk/gui/mkeventd/views.py Log Message: ----------- 16530 FIX Make the EC GUI send a list of events to update Change-Id: I40be7b5e3aa1b2f9ff0247a84b6e2d722b728d49 Compare: https://github.com/Checkmk/checkmk/compare/39c153f95f68...aff3682a27ee To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 5a1bbe: Fix some symbols

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 5a1bbe320a27fc24b97feefcfcdbf9d46c734929 https://github.com/Checkmk/checkmk/commit/5a1bbe320a27fc24b97feefcfcdbf9d46… Author: Simon Jess <simon.jess(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M doc/treasures/migration_helpers/graphing_v0_v1.py Log Message: ----------- Fix some symbols Change-Id: I44fcae7d656f7d4049302da5d05a27dbddc75ef4 Commit: 9ca96fe160d1a3ebb433497cde16388bcd043050 https://github.com/Checkmk/checkmk/commit/9ca96fe160d1a3ebb433497cde16388bc… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M cmk/plugins/collection/rulesets/cert.py Log Message: ----------- check_cert rule: wording and algo name stylization Also allowing to require SHA3 hashes for DSA, which is an unlikely but possible combination. Change-Id: I86a10977c553d6c40f836119f6307f0affec0d84 Compare: https://github.com/Checkmk/checkmk/compare/9d1743bbbf3d...9ca96fe160d1 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 9d1743: Python modules/source deploy: fix invalid pyc file...

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 9d1743bbbf3d100127fef5ed046d6c38542c76d2 https://github.com/Checkmk/checkmk/commit/9d1743bbbf3d100127fef5ed046d6c385… Author: Frans Fürst <frans.fuerst(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M omd/packages/python3-modules/python3-modules.make Log Message: ----------- Python modules/source deploy: fix invalid pyc files: quick fix Instead of consistently creating all needed pyc files at the correct place, this fix 'repairs' the pyc files after the Bazel build. Will vanish with the real fix. Change-Id: I05852b987965b3eb7fb9108b37334d5a72234c05 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] 39c153: Fix some symbols

by Checkmk git commit messages

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 39c153f95f68508bd10bd2e5431d239ef91ac2b0 https://github.com/Checkmk/checkmk/commit/39c153f95f68508bd10bd2e5431d239ef… Author: Simon Jess <simon.jess(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M doc/treasures/migration_helpers/graphing_v0_v1.py Log Message: ----------- Fix some symbols Change-Id: I44fcae7d656f7d4049302da5d05a27dbddc75ef4 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

[Checkmk/checkmk] e2c61c: check_http: URL info only in details

by Checkmk git commit messages

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: e2c61c5765aef34abf3709dbf827df16640db9e8 https://github.com/Checkmk/checkmk/commit/e2c61c5765aef34abf3709dbf827df166… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs Log Message: ----------- check_http: URL info only in details CMK-16160 Change-Id: I9fa995bfd79fe1b58374553fa9719e77139a6cc2 Commit: d7b7df4fccaef65ce9f5c38ffb706f575bc891df https://github.com/Checkmk/checkmk/commit/d7b7df4fccaef65ce9f5c38ffb706f575… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs Log Message: ----------- check_http: Display URL info first CMK-16160 Change-Id: I79d5d75dbeda103f0405a517615c1cbfb16c3fc7 Commit: f4fd37be855c0fd1685ba8050e69507889ae7d98 https://github.com/Checkmk/checkmk/commit/f4fd37be855c0fd1685ba8050e6950788… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs M packages/check-http/tests/test_http.rs Log Message: ----------- check_http: Separate Version and Status output CMK-16160 Change-Id: Ia0be1561b7e157328648a5389bceace5e89bc270 Commit: a0c4e53121be92c294e1eb000fefdd8556277614 https://github.com/Checkmk/checkmk/commit/a0c4e53121be92c294e1eb000fefdd855… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/checks.rs Log Message: ----------- check_http: Simplify code Change-Id: I724cea3ac9369ae749f41e0d160277153c9fc6df Commit: 6964c5ee723d0724ddc15d0e53f09f632ef7910d https://github.com/Checkmk/checkmk/commit/6964c5ee723d0724ddc15d0e53f09f632… Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M packages/check-http/src/output.rs M packages/check-http/tests/test_http.rs Log Message: ----------- check_http: Remove redundant State output CMK-16160 Change-Id: I7c97b8a9223ff98d6e94956d0ac7d5ec2bb69418 Commit: 80cee49e1f0abecfec4084639937a87f8c77eb24 https://github.com/Checkmk/checkmk/commit/80cee49e1f0abecfec4084639937a87f8… Author: Ronny Bruska <ronny.bruska(a)checkmk.com> Date: 2024-02-27 (Tue, 27 Feb 2024) Changed paths: M web/htdocs/themes/facelift/images/icon_checkmark_plus.svg Log Message: ----------- Better icon for rule matching CMK-15810 Change-Id: I481ecebab61184bd81754751624c789845b1817e (cherry picked from commit 628c45e7ce709aa5f98248f7737c37884a78bbf5) Compare: https://github.com/Checkmk/checkmk/compare/1ce49494a449...80cee49e1f0a To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications

7 months, 1 week

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits