Werk 17082 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# Fixed another instance of hanging processes
key | value
---------- | ---
date | 2024-07-05T06:55:15+00:00
version | 2.3.0p11
class | fix
edition | cce
component | multisite
level | 1
compatible | yes
As explained in werk [#17080](https://checkmk.com/werk/17080) the wrong conditions could lead to processes not releasing crucial file locks and the site subsequently freezing.
However, the werk did not address all the conditions.
With this werk, the cleanup of open resources was improved, which together with werk [#17081](https://checkmk.com/werk/17081) fixes another instance of processes not releasing their locks.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# Fixed another instance of hanging processes
key | value
---------- | ---
date | 2024-07-05T06:55:15+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cce
component | multisite
level | 1
compatible | yes
As explained in werk [#17080](https://checkmk.com/werk/17080) the wrong conditions could lead to processes not releasing crucial file locks and the site subsequently freezing.
However, the werk did not address all the conditions.
With this werk, the cleanup of open resources was improved, which together with werk [#17081](https://checkmk.com/werk/17081) fixes another instance of processes not releasing their locks.
Werk 17091 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# missing error message for wrong backup key password
key | value
---------- | ---
date | 2024-07-02T12:50:08+00:00
version | 2.3.0p11
class | fix
edition | cre
component | wato
level | 1
compatible | yes
When a wrong password was entered for downloading a backup encryption key or a signature key for signing agents, an empty error message box was displayed.
Now, the error message is displayed correctly.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# missing error message for wrong backup key password
key | value
---------- | ---
date | 2024-07-02T12:50:08+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cre
component | wato
level | 1
compatible | yes
When a wrong password was entered for downloading a backup encryption key or a signature key for signing agents, an empty error message box was displayed.
Now, the error message is displayed correctly.
Werk 17078 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# MS Exchange: Use consistent units (ms/s) in rules & graphs
key | value
---------- | ---
compatible | yes
version | 2.3.0p11
date | 2024-07-08T10:10:57+00:00
level | 1
class | fix
component | checks
edition | cre
The checks msexch_isclienttype, msexch_isstore, msexch_rpcclientaccess reported
their values in ms in the summary/ruleset but displayed the same value as
seconds in the graph. With this werk, all MS Exchange checks now report their
values consistently.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# MS Exchange: Use consistent units (ms/s) in rules & graphs
key | value
---------- | ---
compatible | yes
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
date | 2024-07-08T10:10:57+00:00
level | 1
class | fix
component | checks
edition | cre
The checks msexch_isclienttype, msexch_isstore, msexch_rpcclientaccess reported
their values in ms in the summary/ruleset but displayed the same value as
seconds in the graph. With this werk, all MS Exchange checks now report their
values consistently.
Werk 17077 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# Allow filesystem service rule levels to go above 100%
key | value
---------- | ---
date | 2024-06-25T10:07:14+00:00
version | 2.3.0p11
class | feature
edition | cre
component | wato
level | 1
compatible | yes
Previously, the option `Levels for used/free space` of various
`Filesystem` rules did not allow percent values beyond 101.0 %. With
this werk any non-negative value can be set, allowing virtualized file
systems to be monitored more granularly.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# Allow filesystem service rule levels to go above 100%
key | value
---------- | ---
date | 2024-06-25T10:07:14+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | feature
edition | cre
component | wato
level | 1
compatible | yes
Previously, the option `Levels for used/free space` of various
`Filesystem` rules did not allow percent values beyond 101.0 %. With
this werk any non-negative value can be set, allowing virtualized file
systems to be monitored more granularly.
Werk 17114 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# esx_vsphere_objects: Allow configuration of "Stand by" state
key | value
---------- | ---
date | 2024-07-10T08:08:33+00:00
version | 2.3.0p11
class | fix
edition | cre
component | checks
level | 1
compatible | yes
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# esx_vsphere_objects: Allow configuration of "Stand by" state
key | value
---------- | ---
date | 2024-07-10T08:08:33+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Werk 17125 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# Perfometer: Fix 'Exception: VALUE' if a value exceeds the upper, closed boundary
key | value
---------- | ---
date | 2024-07-11T10:24:38+00:00
version | 2.3.0p11
class | fix
edition | cre
component | multisite
level | 1
compatible | yes
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# Perfometer: Fix 'Exception: VALUE' if a value exceeds the upper, closed boundary
key | value
---------- | ---
date | 2024-07-11T10:24:38+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cre
component | multisite
level | 1
compatible | yes
Werk 17119 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# parent_scan: resolve failing parent scan background job
key | value
---------- | ---
date | 2024-07-02T12:39:27+00:00
version | 2.3.0p11
class | fix
edition | cre
component | rest-api
level | 1
compatible | yes
The REST API endpoint to initiate the parent scan background job
returned a 204 status code, which theoretically is correct. However,
the started background job failed immediately due to an invalid Python
syntax concerning the involving requested hosts. This werk fixes the issue.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# parent_scan: resolve failing parent scan background job
key | value
---------- | ---
date | 2024-07-02T12:39:27+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cre
component | rest-api
level | 1
compatible | yes
The REST API endpoint to initiate the parent scan background job
returned a 204 status code, which theoretically is correct. However,
the started background job failed immediately due to an invalid Python
syntax concerning the involving requested hosts. This werk fixes the issue.
Werk 17149 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# Fix sap_value check from crashing
key | value
---------- | ---
date | 2024-07-10T15:16:35+00:00
version | 2.3.0p11
class | fix
edition | cre
component | checks
level | 1
compatible | yes
The `sap_value` check responsible for monitoring single SAP R/3 values
caused a crash during service discovery. With this werk, the cause of
the crash has been resolved.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# Fix sap_value check from crashing
key | value
---------- | ---
date | 2024-07-10T15:16:35+00:00
- version | 2.3.0p10
? ^
+ version | 2.3.0p11
? ^
class | fix
edition | cre
component | checks
level | 1
compatible | yes
The `sap_value` check responsible for monitoring single SAP R/3 values
caused a crash during service discovery. With this werk, the cause of
the crash has been resolved.
[//]: # (werk v2)
# Remove etc/apache/conf.d/var_www.conf
key | value
---------- | ---
date | 2024-07-15T12:21:48+00:00
version | 2.4.0b1
class | feature
edition | cre
component | multisite
level | 1
compatible | no
Checkmk used to come with an apache config file `etc/apache/conf.d/var_www.conf`.
By default this file added/enabled directory listing for sub-directories under `var/www/`.
The main folder `var/www` was not listed though since the URL is redirected to Checkmk.
In order to simplify the configuration we drop that file.
If you edited that file you will be asked if you want to keep it upon update.
If you relied on the directory listing you can enable it again e.g. by copying the file from an older version.
[//]: # (werk v2)
# Livestatus injection in mknotifyd
key | value
---------- | ---
date | 2024-07-08T11:58:09+00:00
version | 2.4.0b1
class | security
edition | cee
component | notifications
level | 1
compatible | yes
Before this Werk a malicious notification sent via mknotifyd could allow an attacker to send arbitrary livestatus commands.
With this Werk livestatus escaping was added to the relevant functions.
This issue was found during internal review.
*Affected Versions*:
* 2.3.0
* 2.2.0
* 2.1.0
* 2.0.0 (EOL)
*Vulnerability Management*:
We have rated the issue with a CVSS Score of 6.5 Medium (`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L`) and assigned `CVE-2024-6542`.