Branch: refs/heads/2.1.0
Home:
https://github.com/Checkmk/checkmk
Commit: 2b5889d7e077571978febfa1ea81ef16afe4119b
https://github.com/Checkmk/checkmk/commit/2b5889d7e077571978febfa1ea81ef16a…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-02-22 (Thu, 22 Feb 2024)
Changed paths:
M agents/cmk-agent-ctl/Cargo.lock
Log Message:
-----------
Update webpki
This fixes GHSA-8qv2-5vq6-g2g7. We are not aware of a functioning
exploit.
Change-Id: Ie9424d0b7a6021c54e8fb46adb33feb1e6efa875
Commit: a6020228ca5985d10939cb8f3fb935a8d0f48c6d
https://github.com/Checkmk/checkmk/commit/a6020228ca5985d10939cb8f3fb935a8d…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-02-22 (Thu, 22 Feb 2024)
Changed paths:
M Pipfile
M Pipfile.lock
Log Message:
-----------
Update urllib
This fixes:
- CVE-2023-45803 (request body is kept when redirected from POST to GET
method)
- CVE-2023-43804 (Cookie header is not treated as it should be when set
explicitly and not via normal Cookie APIs
Both vulns are not likely to be exploited in the Checkmk environment,
therefore no Werk.
Change-Id: I03c3d166d42974c06a75937b00f72c2051210aaa
Compare:
https://github.com/Checkmk/checkmk/compare/a444b60ea042...a6020228ca59
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications