Branch: refs/heads/2.2.0
Home:
https://github.com/Checkmk/checkmk
Commit: 6b74f3159534cf3660cde93e1ab483e72df41817
https://github.com/Checkmk/checkmk/commit/6b74f3159534cf3660cde93e1ab483e72…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-02-07 (Wed, 07 Feb 2024)
Changed paths:
M packages/cmk-agent-ctl/Cargo.lock
Log Message:
-----------
Updated some rust deps
This fixes these vulnerabilities:
- GHSA-8r5v-vm4m-4g25
- GHSA-xphf-cx8h-7q9g
- GHSA-mc8h-8q98-g5hr
- GHSA-c827-hfw6-qwvm
- GHSA-8qv2-5vq6-g2g7
To our knowledge none of these are exploitable.
Change-Id: I1e603cb3d8cf43e637a788b252355fa5f0a44b61
Commit: e6675c2f99e785cd8f097dfada16b286cb5e531d
https://github.com/Checkmk/checkmk/commit/e6675c2f99e785cd8f097dfada16b286c…
Author: Christoph Rauch <christoph.rauch(a)checkmk.com>
Date: 2024-02-07 (Wed, 07 Feb 2024)
Changed paths:
M Pipfile
M Pipfile.lock
M cmk/gui/http.py
M cmk/gui/utils/urls.py
M tests/unit/cmk/gui/conftest.py
M tests/unit/cmk/gui/test_http.py
M tests/unit/cmk/gui/test_login_unit.py
Log Message:
-----------
Upgrade Werkzeug and Flask
* Upgraded Werkzeug to >3.0.0
* Werkzeug's `Response.charset` got removed.
See
https://github.com/pallets/werkzeug/pull/2768
* Upgraded Flask to >3.0.0
* FlaskClient.cookie_jar was affected due to changes in Werkzeug
Flask just removed CookieJar alltogether, while also checking the
path of cookies in the tests more strictly.
See:
https://github.com/miguelgrinberg/Flask-SocketIO/issues/1982
See:
https://github.com/pallets/flask/pull/5053
* Cookie values now only accept strings and not bytes.
Change-Id: Id1a8014f826254235866e86b936bb2a5c720219a
Compare:
https://github.com/Checkmk/checkmk/compare/fb1fba0920fe...e6675c2f99e7