Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 4d97ed816950320fd7a4ab7fcc91ecd84122901c https://github.com/Checkmk/checkmk/commit/4d97ed816950320fd7a4ab7fcc91ecd84… Author: Wontek Hong <wontek.hong(a)checkmk.com> Date: 2024-06-27 (Thu, 27 Jun 2024) Changed paths: M packages/cmk-frontend/src/js/modules/wato.ts Log Message: ----------- wato.ts: use crypto to generate random secret CMK-17522 Change-Id: I8362504cab2548a61fe91123c5f4ea4bf2c2ce8b Commit: de95d10395187e6fa26979c054257a1a4ffe0b5f https://github.com/Checkmk/checkmk/commit/de95d10395187e6fa26979c054257a1a4… Author: Wontek Hong <wontek.hong(a)checkmk.com> Date: 2024-06-27 (Thu, 27 Jun 2024) Changed paths: A .werks/16878.md M cmk/gui/plugins/config/base.py Log Message: ----------- 16878 SEC global_settings: enable 'Hide Checkmk version' per default Displaying the version number on the login screen is generally regarded as a security risk because it can enable attackers to identify potential vulnerabilities associated with that specific version. Consequently, we have changed the default setting to hide the version number. Users who wish to view the version number can manually enable this option through the Global Settings. It should be highlighted that users who have previously set this option to show the version will not be affected by this change. To aid automated scanning we assign a CVSS score of 0.0 (None) (`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`). CMK-17523 Change-Id: I30ae42621774bfb6c2c002f278e763132d13dfa2 Compare: https://github.com/Checkmk/checkmk/compare/2a7329d95fbf...de95d1039518 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications