ID: 2271
Title: logwatch_ec: Now able to create a single check for each logfile forwarded to the event console
Component: Checks & Agents
Level: 2
Class: New Feature
Version: 1.2.7i1
Per default one check "Log Forwarding" was created when log messages should be forwarded
to the event console. With the new option <i>Separate check</i> (configurable in WATO)
it is now possible to create one logwatch forwarding check per logfile.
These checks also provides the number of messages as performance data.
ID: 2270
Title: windows agent: now able to add cached information into section headers
Component: Checks & Agents
Level: 1
Class: New Feature
Version: 1.2.7i1
The windows agent now expands the section headers of plugin scripts
with cached information, if applicable. For example, if you configure
the windows_udpates plugin to be cached for one day the section header
will now look like <tt><<<windows_updates:cached(143115035535:86400)>>></tt>
instead of <tt><<<windows_updates>>></tt>
For more information please have a look at werk #8243.
ID: 2267
Title: mk_db2.aix agent plugin: no longer throws an error when a db2 profile is not set up properly
Component: Checks & Agents
Level: 1
Class: Bug Fix
Version: 1.2.7i1
An invalid set up instance will be skipped.
ID: 2253
Title: Availability context button is now visible again for host- and servicegroups
Component: Multisite
Level: 1
Class: Bug Fix
Version: 1.2.7i1
ID: 2228
Title: New matrix views for displaying performance data of service in a matrix table
Component: Multisite
Level: 2
Class: New Feature
Version: 1.2.7i1
Multisite has got a new layout: the <i>Matrix</i>. It allows to group and
compare values of a similar set of services on a list of hosts and many
other things. This layout uses the group columns for creating vertical
matrix columns (e.g. the host name) and the first normal column for creating
horizontal columns (e.g. the service description). All further columns
(most times just one) are displayed in the cells.
This new layout has been used to create two new views: a global view <i>Search
performance data</i> in the topic <i>Metrics</i> and one that can be accessed
in the details of a host group. Both show all services of the selected hosts
of of the search in a host by services matrix. Simply try it out!
ID: 2266
Title: windows agent: fixed invalid agent output if system memory exceeds 2TB RAM
Component: Checks & Agents
Level: 1
Class: Bug Fix
Version: 1.2.7i1
The section <tt>mem</tt> section reported invalid (negative) values if the
windows host had equal or more than 2TB RAM.
ID: 2265
Title: db2_version: improved check output when version information is missing
Component: Checks & Agents
Level: 1
Class: Bug Fix
Version: 1.2.7i1
The version information of a db2 instance is taken from on of its snapshots.
If the instance had no snapshots, the check raised an exception.
ID: 2252
Title: mk_logwatch: Fixed mostly uncritical command injection from config
Component: Checks & Agents
Level: 1
Class: Security Fix
Version: 1.2.7i1
This change fixes a security related issue n the <tt>mk_logwatch</tt> linux agent
plugin. It was possible to inject commands to the agent plugin when having write access
to the logwatch.cfg configuration file. This might result in privilege
escalation issues in very rare conditions.
>From our point of view this is a low impact issue for nearly all installations
out there. Most installations run the agent as root but also have the
<tt>logwatch.cfg</tt> only being writable by root. So if a user has write
access to this file the user don't need to do privilege escalation anymore
since he is already root.
If you have the situation where the agent is executed in <i>another</i> user context
than the configuration file <tt>logwatch.cfg</tt> can be written, you should update
to the fixed <tt>mk_logwatch</tt> plugin.
Short Q/As:
<b>What does the attacker need?</b>
He needs to have write access to the <tt>/etc/check_mk/logwatch.cfg</tt>, which is
normally only writable by root.
<b>What does the attacker get?</b>
He can execute commands in context of the Check_MK-Agent (often root).
<b>Do I need to update asap?</b>
Only if non-root users can edit the <tt>logwatch.cfg</tt>.
<b>I want to update, where can I get the fixed version?</b>
If we did not release an updated version yet, you can get it from the git:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/plu…