[checkmk-commits] [Checkmk/checkmk] 1ba140: make Pipenv.lock

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: 1ba140f1fb2fc1db7f51341063d3d75022548bb9 https://github.com/Checkmk/checkmk/commit/1ba140f1fb2fc1db7f51341063d3d7502… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile.lock Log Message: ----------- make Pipenv.lock Change-Id: I48904ade5074b2105f47030c86a2c01e2b4d2fb0 Commit: 2cba8feaab0aeb1aec3a4d4a36f3f1250b8d65f7 https://github.com/Checkmk/checkmk/commit/2cba8feaab0aeb1aec3a4d4a36f3f1250… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile M Pipfile.lock M tests/code_quality/test_pipfile.py Log Message: ----------- Update Werkzeug unpinned istdangerous and markupsafe These are sub-dependencies we shouldn't pin them without a reason. Change-Id: I8ac6092354adff7b1812a418422f86a87b1e5c58 Commit: 3aca0fd9d1f1893375f191217279d1fb4c21f3a4 https://github.com/Checkmk/checkmk/commit/3aca0fd9d1f1893375f191217279d1fb4… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile M Pipfile.lock M agent-receiver/setup.py M tests/unit/agent_receiver/test_endpoints.py Log Message: ----------- Update fastapi and therefore starlette Fixed vulnerabilities: - CVE-2023-30798 - CVE-2023-29159 Fastapi changed ther TestClient to be of httpx instead of requests. Change-Id: Ic135032d92d084e566151ef58018ed10f1ade8f3 Commit: 331563dd3b9dff2f639f4339c8de4ead6cdb575f https://github.com/Checkmk/checkmk/commit/331563dd3b9dff2f639f4339c8de4ead6… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M packages/cmk-agent-ctl/Cargo.lock Log Message: ----------- Updated rust dependencies - openssl - openssl-src - tokio - remove_dir_all - h2 Change-Id: Id7feeb2da823cb2e0971d6eaaeb900633e52221e Commit: 3c614e043b3e7bc699423a17924c2562a747975b https://github.com/Checkmk/checkmk/commit/3c614e043b3e7bc699423a17924c2562a… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Updated some redis stuff These CVEs are fixed: - CVE-2023-28858 - CVE-2023-28859 Change-Id: Ibd71982f9e440bef2e68ba6d5e73282e2d7a2948 Commit: 536a65dd174b8038f7a88dd800c4860b9b49f15b https://github.com/Checkmk/checkmk/commit/536a65dd174b8038f7a88dd800c4860b9… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Update Flask This fixes: CVE-2023-30861 Change-Id: Ia30f6037a218f4f889dd346243ed6854640803f2 Commit: f84c55d28b30b3c4bde6a00fed084b3f040d51b8 https://github.com/Checkmk/checkmk/commit/f84c55d28b30b3c4bde6a00fed084b3f0… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M buildscripts/infrastructure/build-nodes/scripts/install-openssl.sh M buildscripts/infrastructure/build-nodes/scripts/install-python.sh M omd/packages/Python/Python.make M omd/packages/openssl/openssl.make M omd/packages/openssl/openssl_http.bzl Log Message: ----------- Update openssl This fixes: - CVE-2023-0464 - CVE-2023-0466 - CVE-2023-0465 - CVE-2023-2650 Change-Id: Ib643951d5c5c208d63f5548b98feeff9d635cf6c Commit: a455a419048eeaa2e4058c11df994efdd6de575d https://github.com/Checkmk/checkmk/commit/a455a419048eeaa2e4058c11df994efdd… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Updated requests This fixes: CVE-2023-32681 We are probably affected... Change-Id: I7d5d4fdfb53f34cd93ab92d46cabc495b285bda1 Commit: 9a3d5324d3f7c448e9ce34da8c67b4aaba32e4d6 https://github.com/Checkmk/checkmk/commit/9a3d5324d3f7c448e9ce34da8c67b4aab… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)checkmk.com&gt; Date: 2023-06-29 (Thu, 29 Jun 2023) Changed paths: A .werks/15689 Log Message: ----------- 15689 SEC Dependency updates This Werk updates several dependencies such as openssl, various python dependencies, etc. To our knowledge among the vulnerabilities fixed in those dependencies only CVE-2023-32681 could be exploited. This vulnerability could cause a <tt>Proxy-Authorization</tt> header leakage. <b>Vulnerability Management</b>: We have rated the issue with a CVSS Score of 6.1 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N</tt>. Change-Id: Ie9a102b41869ec64bdd043558945874c6bc92642 Compare: https://github.com/Checkmk/checkmk/compare/bbdb69df583f...9a3d5324d3f7