[checkmk-commits] [tribe29/checkmk] 188d59: 13628 Dashboards: New cloud dashboards for storage...

Branch: refs/heads/2.2.0 Home: https://github.com/tribe29/checkmk Commit: 188d593e61e867281b3c9a0532bd379e1632a2d7 https://github.com/tribe29/checkmk/commit/188d593e61e867281b3c9a0532bd379e1… Author: Marcel Arentz &lt;marcel.arentz(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: A .werks/13628 M tests/unit/cmk/gui/test_permissions.py Log Message: ----------- 13628 Dashboards: New cloud dashboards for storage services on AWS, Azure and GCP Change-Id: I737b1b8835d2d8447b1301fb9fc8a0e33d920bb2 Commit: a899f554880e72b584dec752d0ef1639162273c5 https://github.com/tribe29/checkmk/commit/a899f554880e72b584dec752d0ef16391… Author: Sven Panne &lt;sven.panne(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: M defines.make Log Message: ----------- Bumped pipenv and virtualenv versions. Change-Id: I1646f166b952f3326d454630cb4fdfa00548d225 Commit: 97f3572789ab9f678577d9e1942051aa8aa36dce https://github.com/tribe29/checkmk/commit/97f3572789ab9f678577d9e1942051aa8… Author: Sven Panne &lt;sven.panne(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: M packages/livestatus/include/livestatus/POSIXUtils.h M packages/livestatus/src/POSIXUtils.cc Log Message: ----------- Use std::filesystem::path for, well, paths... Change-Id: Ie2dc19e4f43a612f2f8a206cce54ca68f7716082 Commit: 6da323ae31a1b96b2fdd6030f4393f945a214654 https://github.com/tribe29/checkmk/commit/6da323ae31a1b96b2fdd6030f4393f945… Author: Marcel Arentz &lt;marcel.arentz(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: R .werks/13628 M tests/unit/cmk/gui/test_permissions.py Log Message: ----------- Revert "13628 Dashboards: New cloud dashboards for storage services on AWS, Azure and GCP" This reverts commit 188d593e61e867281b3c9a0532bd379e1632a2d7. Reason for revert: needed graph_definitions are not yet implemented Change-Id: Ib8179f08a4b9f98eb63e5f0cb52cdeecffb7bc12 Commit: c48a53c5386ba83fec5598de05b7029ab7b92168 https://github.com/tribe29/checkmk/commit/c48a53c5386ba83fec5598de05b7029ab… Author: Sergey Kipnis &lt;sergey.kipnis(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: M livestatus/src/TableServicesByHostGroup.cc Log Message: ----------- unify TableServicesByHostGroups Change-Id: Ie8008f1c3555670ac636306d4d2ceec046b77e1a Commit: f3942bb22ba2a0db3bb397c732f9d254c0c2fce5 https://github.com/tribe29/checkmk/commit/f3942bb22ba2a0db3bb397c732f9d254c… Author: Maximilian Wirtz &lt;maximilian.wirtz(a)tribe29.com&gt; Date: 2023-03-01 (Wed, 01 Mar 2023) Changed paths: A .werks/15068 Log Message: ----------- 15068 SEC Fix improper certificate validation in agent updater The compiled version of the agent-updater uses its own collection of trusted Certificate Authorities. This collection comes from the Python package certifi and is based on the collection of Mozilla Firefox. The used Python package and therefore the collection was outdated and is subject to CVE-2022-23491. This collection included a CA certificate of TrustCor which is not considered trustworthy anymore. (See: https://security.googleblog.com/2023/01/sustaining-digital-certificate-secu…) If an attacker was able to create certificates for arbitrary domains signed by this CA, machine-in-the-middle attacks could be possible. To mitigate this vulnerability please update and rollout the agent-updater (typical agent-update is sufficient). If an update is currently not possible one can set the <tt>Certificates for HTTPS verification</tt> option for the agent updater. If this option is set a custom list of trusted certificates is used to verify the HTTPS connection instead of the CA collection. All versions up to 1.6 are vulnerable. This vulnerability was found internally. We calculated a CVSS 3.1 score of 6.2 (medium) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:R Please note that we rate this rather low since this is more a hypothetical attack and no wrong-doing of the CA was ever proven. This also includes these changes: - 40cd46cfbf7f9da5e68f75f24a272c772f700722. - I05ffb5a41216740a561a7e574be45b59943bef1c - I026fc7c30fc4ed10579fb40e5f2995346376084c - I257fe2b5ae07673002c67162566dbcd14216b006 - I9b925a40fd53ce63d877c55b7b13a178bb716c49 - I0aa79606a5697cdb0e9aff09116e0c23a61cb2a8 - Ia23359a5fb9e3f1fd92b6d1d777e82d85229efe6 Change-Id: Ia23359a5fb9e3f1fd92b6d1d777e82d85229efe6 Compare: https://github.com/tribe29/checkmk/compare/0b5ed6229439...f3942bb22ba2