Branch: refs/heads/2.2.0
Home:
https://github.com/Checkmk/checkmk
Commit: 1ba140f1fb2fc1db7f51341063d3d75022548bb9
https://github.com/Checkmk/checkmk/commit/1ba140f1fb2fc1db7f51341063d3d7502…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile.lock
Log Message:
-----------
make Pipenv.lock
Change-Id: I48904ade5074b2105f47030c86a2c01e2b4d2fb0
Commit: 2cba8feaab0aeb1aec3a4d4a36f3f1250b8d65f7
https://github.com/Checkmk/checkmk/commit/2cba8feaab0aeb1aec3a4d4a36f3f1250…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile
M Pipfile.lock
M tests/code_quality/test_pipfile.py
Log Message:
-----------
Update Werkzeug
unpinned istdangerous and markupsafe These are sub-dependencies we
shouldn't pin them without a reason.
Change-Id: I8ac6092354adff7b1812a418422f86a87b1e5c58
Commit: 3aca0fd9d1f1893375f191217279d1fb4c21f3a4
https://github.com/Checkmk/checkmk/commit/3aca0fd9d1f1893375f191217279d1fb4…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile
M Pipfile.lock
M agent-receiver/setup.py
M tests/unit/agent_receiver/test_endpoints.py
Log Message:
-----------
Update fastapi and therefore starlette
Fixed vulnerabilities:
- CVE-2023-30798
- CVE-2023-29159
Fastapi changed ther TestClient to be of httpx instead of requests.
Change-Id: Ic135032d92d084e566151ef58018ed10f1ade8f3
Commit: 331563dd3b9dff2f639f4339c8de4ead6cdb575f
https://github.com/Checkmk/checkmk/commit/331563dd3b9dff2f639f4339c8de4ead6…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M packages/cmk-agent-ctl/Cargo.lock
Log Message:
-----------
Updated rust dependencies
- openssl
- openssl-src
- tokio
- remove_dir_all
- h2
Change-Id: Id7feeb2da823cb2e0971d6eaaeb900633e52221e
Commit: 3c614e043b3e7bc699423a17924c2562a747975b
https://github.com/Checkmk/checkmk/commit/3c614e043b3e7bc699423a17924c2562a…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile
M Pipfile.lock
Log Message:
-----------
Updated some redis stuff
These CVEs are fixed:
- CVE-2023-28858
- CVE-2023-28859
Change-Id: Ibd71982f9e440bef2e68ba6d5e73282e2d7a2948
Commit: 536a65dd174b8038f7a88dd800c4860b9b49f15b
https://github.com/Checkmk/checkmk/commit/536a65dd174b8038f7a88dd800c4860b9…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile
M Pipfile.lock
Log Message:
-----------
Update Flask
This fixes: CVE-2023-30861
Change-Id: Ia30f6037a218f4f889dd346243ed6854640803f2
Commit: f84c55d28b30b3c4bde6a00fed084b3f040d51b8
https://github.com/Checkmk/checkmk/commit/f84c55d28b30b3c4bde6a00fed084b3f0…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M buildscripts/infrastructure/build-nodes/scripts/install-openssl.sh
M buildscripts/infrastructure/build-nodes/scripts/install-python.sh
M omd/packages/Python/Python.make
M omd/packages/openssl/openssl.make
M omd/packages/openssl/openssl_http.bzl
Log Message:
-----------
Update openssl
This fixes:
- CVE-2023-0464
- CVE-2023-0466
- CVE-2023-0465
- CVE-2023-2650
Change-Id: Ib643951d5c5c208d63f5548b98feeff9d635cf6c
Commit: a455a419048eeaa2e4058c11df994efdd6de575d
https://github.com/Checkmk/checkmk/commit/a455a419048eeaa2e4058c11df994efdd…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
M Pipfile
M Pipfile.lock
Log Message:
-----------
Updated requests
This fixes: CVE-2023-32681
We are probably affected...
Change-Id: I7d5d4fdfb53f34cd93ab92d46cabc495b285bda1
Commit: 9a3d5324d3f7c448e9ce34da8c67b4aaba32e4d6
https://github.com/Checkmk/checkmk/commit/9a3d5324d3f7c448e9ce34da8c67b4aab…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2023-06-29 (Thu, 29 Jun 2023)
Changed paths:
A .werks/15689
Log Message:
-----------
15689 SEC Dependency updates
This Werk updates several dependencies such as openssl, various python dependencies, etc.
To our knowledge among the vulnerabilities fixed in those dependencies only CVE-2023-32681
could be exploited.
This vulnerability could cause a <tt>Proxy-Authorization</tt> header leakage.
<b>Vulnerability Management</b>:
We have rated the issue with a CVSS Score of 6.1 (Medium) with the following CVSS vector:
<tt>CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N</tt>.
Change-Id: Ie9a102b41869ec64bdd043558945874c6bc92642
Compare:
https://github.com/Checkmk/checkmk/compare/bbdb69df583f...9a3d5324d3f7