Title: Fix event statistics dashlet filters
Class: fix
Compatible: compat
Component: multisite
Date: 1712656769
Edition: cre
Level: 1
Version: 2.1.0p42
For the dashlet "Event statistics" you were able to configure "Host" and
"Service" Context/Search filter.
The "Service" filter had no effect and is now replaced with the "Event Console
event" filter option.
Title: Remove websphere_mq plugin
Class: security
Compatible: compat
Component: checks
Date: 1710155388
Edition: cre
Level: 1
Version: 2.2.0p25
With this Werk the <code>websphere_mq</code> plugin is removed for security reasons.
In this plugin the output of <code>ps</code> is used to determine an argument for
<code>runmqsc</code>. This meant that anybody who can launch processes with an arbitrary
command line could manipulate one argument to <code>runmqsc</code>.
The plugin was already superseded by the agent plugin <code>ibm_mq</code> and deprecated with Werk <a href="https://checkmk.com/werk/10752">10752</a> and version 2.0.0.
Since this plugin is already deprecated and it was not configurable via the
<em>agent bakery</em> we assumed that this plugin is not frequently used. Therefore we
decided to not fix the issue but to push the removal.
We found this vulnerability internally.
<strong>Affected versions</strong>:
LI: 2.3.0
LI: 2.2.0
LI: 2.1.0
LI: 2.0.0
<strong>Mitigations</strong>:
Migrate to the <code>ibm_mq</code> plugin.
<strong>Vulnerability Management</strong>:
We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector: <code>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N</code>.
We assigned CVE-2024-3367 to this vulnerability.
<strong>Changes</strong>:
The plugin was removed.
Title: Fix event statistics dashlet filters
Class: fix
Compatible: compat
Component: multisite
Date: 1712656769
Edition: cre
Level: 1
Version: 2.2.0p25
For the dashlet "Event statistics" you were able to configure "Host" and
"Service" Context/Search filter.
The "Service" filter had no effect and is now replaced with the "Event Console
event" filter option.
[//]: # (werk v2)
# Ruleset API: rename Dictionaries 'deprecated_elements'
key | value
---------- | ---
date | 2024-04-09T10:11:41+00:00
version | 2.4.0b1
class | feature
edition | cre
component | checks
level | 1
compatible | no
This only affects plugin developers using the new ruleset API.
The `Dictionary`s attribute `deprecated_elements` is renamed to
`ignored_elements`.
It is validated that no present elements are marked as 'ignored'.
[//]: # (werk v2)
# Fix event statistics dashlet filters
key | value
---------- | ---
compatible | yes
version | 2.4.0b1
date | 2024-04-09T09:59:29+00:00
level | 1
class | fix
component | multisite
edition | cre
For the dashlet "Event statistics" you were able to configure "Host" and
"Service" Context/Search filter.
The "Service" filter had no effect and is now replaced with the "Event Console
event" filter option.
[//]: # (werk v2)
# tags: Prevent builtin auxiliary tags and host tag groups override
key | value
---------- | ---
date | 2024-04-09T11:57:18+00:00
version | 2.4.0b1
class | fix
edition | cre
component | wato
level | 1
compatible | yes
Before this Werk it was possible to create auxiliary tags with the same
name as a host tag group and vice versa. This Werk adds an additional
check when creating such elements, both in WATO and in the REST API.
[//]: # (werk v2)
# HW-/SW-Inventory: Do not run autoinventory for inventorized hosts
key | value
---------- | ---
compatible | yes
version | 2.4.0b1
date | 2024-04-10T09:08:54+00:00
level | 1
class | fix
component | inv
edition | cre
Previously hosts marked for inventorization were afterwards not unmarked, meaning they would be processed again everytime the autoinventory was running.
This has been fixed.
Title: HW-/SW-Inventory: Do not run autoinventory for inventorized hosts
Class: fix
Compatible: compat
Component: inv
Date: 1712740134
Edition: cre
Level: 1
Version: 2.2.0p25
Previously hosts marked for inventorization were afterwards not unmarked, meaning they would be processed again everytime the autoinventory was running.
This has been fixed.