[//]: # (werk v2)
# ups_*: support for NetVision OIDs
key | value
---------- | ---
compatible | yes
version | 2.3.0p16
date | 2024-09-10T14:20:45+00:00
level | 1
class | fix
component | checks
edition | cre
Newer firmware for NetVision cards was not supported due to changed SNMP OIDs for UPS entries.
This change adds `.1.3.6.1.4.1.4555.1.1.7` and `.1.3.6.1.4.1.42610.1.4.4` to the detection lists.
[//]: # (werk v2)
# pure_storage_fa_volumes: protocol_endpoints result in DivisionByZero exception
key | value
---------- | ---
date | 2024-09-10T12:53:22+00:00
version | 2.3.0p16
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Running `pure_storage_fa_volumes` on a `protocol_endpoints` entry resulted in a DivisionByZero
exception being thrown due to `total_provisioned` being 0.
This change makes `pure_storage_fa_volumes` skip `protocol_endpoint` entirely
[//]: # (werk v2)
# Fix XSS on SAML login screen
key | value
---------- | ---
date | 2024-09-05T15:23:53+00:00
version | 2.4.0b1
class | security
edition | cee
component | wato
level | 1
compatible | yes
Prior to Werk, attackers could craft URLs that rendered clickable HTML links in the error box on the SAML login page.
This could facilitate phishing attacks by tricking users into clicking malicious links.
Links in the error message are now escaped and no longer clickable.
This issue was identified during internal review.
*Affected Versions*:
* 2.3.0
* 2.2.0
*Vulnerability Management*:
We have rated the issue with a CVSS Score of 5.1 Medium (`CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N`) and assigned `CVE-2024-38860`.
[//]: # (werk v2)
# ups_*: support for NetVision OIDs
key | value
---------- | ---
compatible | yes
version | 2.4.0b1
date | 2024-09-10T14:20:45+00:00
level | 1
class | fix
component | checks
edition | cre
Newer firmware for NetVision cards was not supported due to changed SNMP OIDs for UPS entries.
This change adds `.1.3.6.1.4.1.4555.1.1.7` and `.1.3.6.1.4.1.42610.1.4.4` to the detection lists.
[//]: # (werk v2)
# omd update: Reintroduce Log "Verifying site configuration"
key | value
---------- | ---
date | 2024-09-14T17:24:51+00:00
version | 2.4.0b1
class | fix
edition | cre
component | omd
level | 1
compatible | yes
Sadly, <a href="https://checkmk.com/werk/17206"> Werk #17206</a> caused a severe regression and had
to be reverted, see <a href="https://checkmk.com/werk/17133"> Werk #17133</a>. This Werk
reintroduces the behaviour introduced by <a href="https://checkmk.com/werk/17206"> Werk #17206</a>,
but without the hanging. Here is a recapitulation of what this Werk does:
If a user runs `omd update`, then the output is written to both `$OMD_ROOT/var/log/update.log` and
stdout. However, the output of site configuration verification
<a href="https://checkmk.com/werk/16408"> Werk #16408</a> was missing. This has been fixed.
[//]: # (werk v2)
# pure_storage_fa_volumes: protocol_endpoints result in DivisionByZero exception
key | value
---------- | ---
date | 2024-09-10T12:53:22+00:00
version | 2.4.0b1
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Running `pure_storage_fa_volumes` on a `protocol_endpoints` entry resulted in a DivisionByZero
exception being thrown due to `total_provisioned` being 0.
This change makes `pure_storage_fa_volumes` skip `protocol_endpoint` entirely
[//]: # (werk v2)
# Reduce API requests during gcp list-assets
key | value
---------- | ---
date | 2024-09-10T12:07:04+00:00
version | 2.3.0p16
class | fix
edition | cre
component | checks
level | 1
compatible | yes
This werk is relevant to you if you've been monitoring gcp assets and experienced exceeded quota torwards the google API.
The special agent will now only acquire data which is really processed by the check plugin which will reduce the requests torwards gcp.
Title: Fixed site matching for expected regular event console messages
Class: fix
Compatible: compat
Component: ec
Date: 1726052246
Edition: cre
Level: 1
Version: 2.2.0p34
Due to a regression in 2.2.0, the "Match site" option had no effect for
expected regular messages, i.e. it was effectively ignored in that case.
This has been fixed.