[checkmk-commits] [Checkmk/checkmk] d77f42: Update some rust dependencies

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: d77f42935b896eca46102936f81dafe43f06bf6a https://github.com/Checkmk/checkmk/commit/d77f42935b896eca46102936f81dafe43… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-14 (Wed, 14 Feb 2024) Changed paths: M packages/cmk-agent-ctl/Cargo.lock Log Message: ----------- Update some rust dependencies Needed to update rustix, therefore needed to update is-terminal. This fixes GHSA-c827-hfw6-qwvm. Exploitation unlikely -> no Werk. Change-Id: I7de498892cb7963947410f38537fe7e7b26272fb Commit: 4aaa56827264135524587582a0784327181eca36 https://github.com/Checkmk/checkmk/commit/4aaa56827264135524587582a07843271… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-14 (Wed, 14 Feb 2024) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Update reportlab This fixes CVE-2023-33733. We do not read PDF files. Change-Id: I10ad6d9f8668363a4791d558445f5c345a2afbf9 Commit: cce5a0fa2d663ec1ffbfe704bce957c5db7d006f https://github.com/Checkmk/checkmk/commit/cce5a0fa2d663ec1ffbfe704bce957c5d… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-14 (Wed, 14 Feb 2024) Changed paths: M buildscripts/infrastructure/build-nodes/scripts/install-openssl.sh M buildscripts/infrastructure/build-nodes/scripts/install-python.sh M omd/packages/openssl/openssl.make M omd/packages/openssl/openssl_http.bzl Log Message: ----------- Update openssl Fixes: - CVE-2023-4807 (affects only Windows systems; no Werk needed) - CVE-2023-3817 (This may slow down Checkmk, no Werk needed) Change-Id: I83ada206e1bdad08a3274b300aac623cdbd3b8c3 Commit: b05b6ef93710f169e9f60aaa775c642047fbcec5 https://github.com/Checkmk/checkmk/commit/b05b6ef93710f169e9f60aaa775c64204… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-14 (Wed, 14 Feb 2024) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Update grpcio This fixes: - CVE-2023-32731 (aka. GHSA-cfgp-2977-2fmm) - CVE-2023-1428 (aka. GHSA-6628-q6j9-w8vg) - CVE-2023-32732 (aka. GHSA-9hxf-ppjv-w6rq) No Werk needed. Change-Id: I4d85219488f1349723b5ccc18c1b1028c1587588 Commit: 09ac4cb03ff156a826b0ae2093cdc0db5dcdbe26 https://github.com/Checkmk/checkmk/commit/09ac4cb03ff156a826b0ae2093cdc0db5… Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com> Date: 2024-02-14 (Wed, 14 Feb 2024) Changed paths: M Pipfile M Pipfile.lock Log Message: ----------- Update jinja This fixes CVE-2024-22195. We do not use the `xmlattr` filter, therefore not affected. Change-Id: Idc997faa29038ae8c72c5353d0de253da27e1cfb Compare: https://github.com/Checkmk/checkmk/compare/d90a07dc20ce...09ac4cb03ff1