Branch: refs/heads/master
Home:
https://github.com/Checkmk/checkmk
Commit: 4d97ed816950320fd7a4ab7fcc91ecd84122901c
https://github.com/Checkmk/checkmk/commit/4d97ed816950320fd7a4ab7fcc91ecd84…
Author: Wontek Hong <wontek.hong(a)checkmk.com>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M packages/cmk-frontend/src/js/modules/wato.ts
Log Message:
-----------
wato.ts: use crypto to generate random secret
CMK-17522
Change-Id: I8362504cab2548a61fe91123c5f4ea4bf2c2ce8b
Commit: de95d10395187e6fa26979c054257a1a4ffe0b5f
https://github.com/Checkmk/checkmk/commit/de95d10395187e6fa26979c054257a1a4…
Author: Wontek Hong <wontek.hong(a)checkmk.com>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
A .werks/16878.md
M cmk/gui/plugins/config/base.py
Log Message:
-----------
16878 SEC global_settings: enable 'Hide Checkmk version' per default
Displaying the version number on the login screen is generally regarded
as a security risk because it can enable attackers to identify potential
vulnerabilities associated with that specific version. Consequently, we
have changed the default setting to hide the version number. Users who wish
to view the version number can manually enable this option through the
Global Settings. It should be highlighted that users who have previously set
this option to show the version will not be affected by this change.
To aid automated scanning we assign a CVSS score of 0.0 (None)
(`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`).
CMK-17523
Change-Id: I30ae42621774bfb6c2c002f278e763132d13dfa2
Compare:
https://github.com/Checkmk/checkmk/compare/2a7329d95fbf...de95d1039518
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications