Branch: refs/heads/master
Home:
https://github.com/tribe29/checkmk
Commit: 47f681119504a7e44940662e38ea0ba38c1844b7
https://github.com/tribe29/checkmk/commit/47f681119504a7e44940662e38ea0ba38…
Author: Mathias Laurin <mathias.laurin(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
M cmk/base/agent_based/confcheckers.py
M cmk/base/agent_based/discovery/_discovery.py
M cmk/base/agent_based/discovery/_host_labels.py
M cmk/base/agent_based/discovery/autodiscovery.py
M cmk/base/agent_based/discovery/commandline.py
M cmk/base/agent_based/discovery/preview.py
M cmk/base/automations/check_mk.py
M cmk/base/config.py
M cmk/base/modes/check_mk.py
M cmk/checkers/__init__.py
M cmk/checkers/_api.py
M tests/unit/cmk/base/agent_based/discovery/test_discovery.py
Log Message:
-----------
Split host_label* off section_label
They are not used together at the same places, hence they are
different entities.
Change-Id: I68563c41454a0196ed7b4c0d0ec1ec95625b6ab3
Commit: 0012b526fec18f150078676ee5ec47bb54feb72d
https://github.com/tribe29/checkmk/commit/0012b526fec18f150078676ee5ec47bb5…
Author: Mathias Laurin <mathias.laurin(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
M cmk/base/agent_based/data_provider.py
M cmk/base/agent_based/discovery/_host_labels.py
M tests/unit/cmk/base/agent_based/test_data_provider_parsed_sections_resolver.py
Log Message:
-----------
Remove unused section_plugin from ResolvedResult
Change-Id: I41dd8d3fb5becb7640e5aa9f8807895f97005d83
Commit: c75efba493660b2b3b9420ee02a9f9054e87c1ce
https://github.com/tribe29/checkmk/commit/c75efba493660b2b3b9420ee02a9f9054…
Author: Mathias Laurin <mathias.laurin(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
M cmk/base/agent_based/confcheckers.py
Log Message:
-----------
Check API: Handle impedance mismatch ASAP
Change-Id: Id33c3cc8ba2f1dab713c7a11d7a486298f1d69de
Commit: 2d55f8ad75140e0eb8177a0b1638a11a05563e00
https://github.com/tribe29/checkmk/commit/2d55f8ad75140e0eb8177a0b1638a11a0…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
M cmk/gui/http.py
M cmk/gui/main.py
M cmk/gui/plugins/sidebar/bookmarks.py
M cmk/gui/plugins/userdb/utils.py
M cmk/gui/utils/__init__.py
M cmk/gui/utils/escaping.py
M cmk/gui/valuespec.py
A cmk/utils/urls.py
R tests/unit/cmk/gui/utils/test_init.py
A tests/unit/cmk/utils/test_urls.py
Log Message:
-----------
Move is_allowed_url to cmk.utils.urls
Change-Id: I56c6070e20d0af9dfcc914536ed6a764fce14838
Commit: 5dc61b93059644e9f2b2e4a98a357c1460d2f11b
https://github.com/tribe29/checkmk/commit/5dc61b93059644e9f2b2e4a98a357c146…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
M cmk/gui/utils/escaping.py
A cmk/utils/escaping.py
A tests/unit/cmk/utils/test_escaping.py
Log Message:
-----------
Move some escaping functions to cmk.utils.escaping
Change-Id: I70815426d5fd016b52678f54913c36220baeed77
Commit: e033045e6be242025ee90131f21e2ec73f9321e9
https://github.com/tribe29/checkmk/commit/e033045e6be242025ee90131f21e2ec73…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2023-03-20 (Mon, 20 Mar 2023)
Changed paths:
A .werks/15069
M cmk/notification_plugins/utils.py
M tests/unit/cmk/notifications/test_notification_plugins_utils.py
Log Message:
-----------
15069 SEC Fix Email HTML Injection
Previously an authenticated attacker with permissions to configure HTML notifications was
able to inject HTML into E-Mails via <i>Insert HTML section between body and
table</i>.
All versions up to 1.6. are subject to this vulnerability.
To detect previous exploitation of this vulnerability one can check
<tt>etc/check_mk/conf.d/wato/notifications.mk</tt>. Search for
<tt>insert_html_section</tt> and malicious HTML.
This vulnerability was found internally. We calculated a CVSS3.1 score of 4.1 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N and assigned CVE-2023-22288.
Change-Id: Ia186b9c710d83d4f063a3de09c6ef78af63b8381
Compare:
https://github.com/tribe29/checkmk/compare/8790e6574da1...e033045e6be2