Checkmk werks level1

checkmk-werks-lvl1@lists.checkmk.com

1 participants
15940 discussions

[2.2.0] Checkmk Werk 15977 created: db2_backup: Correct timezone difference for last backup date

by Checkmk werks level 1

Title: db2_backup: Correct timezone difference for last backup date Class: fix Compatible: compat Component: checks Date: 1697190433 Edition: cre Level: 1 Version: 2.2.0p15 This werk is relevant for users monitoring the age of the last backup time of db2 databases in different timezones. The date/time of the last backup of a db2 database is currently stored in local host time without the information about the host timezone. When this time is used to check the age of the last backup, it is interpreted in the Checkmk server timezone. When using different timezones, this leads to incorrect values for "Time since last backup". The db2 agent plugin will now store the time in UTC and the db2_backup check will interpret the time accordingly. You will need to update the agent mk_db2.linux or mk_db2.aix to receive the corrected times.

10 months, 1 week

[2.2.0] Checkmk Werk 16281 created: event console: rule changes now only apply to the customer sites that were changed

by Checkmk werks level 1

Title: event console: rule changes now only apply to the customer sites that were changed Class: fix Compatible: compat Component: wato Date: 1700545690 Edition: cme Level: 1 Version: 2.2.0p15 Previously when changes were made to rulepack rules for the event console, all sites received this change and therefore activate changes had to be applied to all sites. This werk introduces a change whereby the change is only applied to the customer's sites that the rule is set for.

10 months, 1 week

[2.2.0] Checkmk Werk 16008 created: HW/SW Inventory Retention Intervals: Take all matching entries into account

by Checkmk werks level 1

Title: HW/SW Inventory Retention Intervals: Take all matching entries into account Class: fix Compatible: compat Component: inv Date: 1700662432 Edition: cre Level: 1 Version: 2.2.0p16

10 months, 1 week

[2.3.0] Checkmk Werk 15921 created: primekey_data: Fix parsing crash when HSM Status isn't available

by Checkmk werks level 1

Title: primekey_data: Fix parsing crash when HSM Status isn't available Class: fix Compatible: compat Component: checks Date: 1700490360 Edition: cre Level: 1 Version: 2.3.0b1 Sometimes the information about the HSM Status was not available in the walk. This caused the parsing of the primekay_data section to fail. This has been fixed and if the value is not available, it will be ignored.

10 months, 1 week

[2.3.0] Checkmk Werk 16281 created: event console: rule changes now only apply to the customer sites that were changed

by Checkmk werks level 1

Title: event console: rule changes now only apply to the customer sites that were changed Class: fix Compatible: compat Component: wato Date: 1700545690 Edition: cme Level: 1 Version: 2.3.0b1 Previously when changes were made to rulepack rules for the event console, all sites received this change and therefore activate changes had to be applied to all sites. This werk introduces a change whereby any modifications to rulepacks or rulepack rules are only applied to the customer's sites that they are configured for.

10 months, 1 week

[2.3.0] Checkmk Werk 16008 created: HW/SW Inventory Retention Intervals: Take all matching entries into account

by Checkmk werks level 1

Title: HW/SW Inventory Retention Intervals: Take all matching entries into account Class: fix Compatible: compat Component: inv Date: 1700662432 Edition: cre Level: 1 Version: 2.3.0b1

10 months, 1 week

[2.3.0] Checkmk Werk 16281 deleted: event console: rule changes now only apply to the customer sites that were changed

by Checkmk werks level 1

Werk 16281 was deleted. The following Werk is no longer relevant. Title: event console: rule changes now only apply to the customer sites that were changed Class: fix Compatible: compat Component: wato Date: 1700545690 Edition: cme Level: 1 Version: 2.3.0b1 Previously when changes were made to rulepack rules for the event console, all sites received this change and therefore activate changes had to be applied to all sites. This werk introduces a change whereby any modifications to rulepacks or rulepack rules are only applied to the customer's sites that they are configured for.

10 months, 1 week

[2.3.0] Checkmk Werk 16281 created: event console: rule changes now only apply to the customer sites that were changed

by Checkmk werks level 1

Title: event console: rule changes now only apply to the customer sites that were changed Class: fix Compatible: compat Component: wato Date: 1700545690 Edition: cme Level: 1 Version: 2.3.0b1 Previously when changes were made to rulepack rules for the event console, all sites received this change and therefore activate changes had to be applied to all sites. This werk introduces a change whereby any modifications to rulepacks or rulepack rules are only applied to the customer's sites that they are configured for.

10 months, 1 week

[2.1.0] Checkmk Werk 16224 created: CSRF in user-message deletion

by Checkmk werks level 1

Title: CSRF in user-message deletion Class: security Compatible: compat Component: wato Date: 1700648297 Edition: cre Level: 1 Version: 2.1.0p37 In Checkmk you can message other users via Send user message. Prior to this Werk an authenticated attacker who receives such a user-message could craft a link with the generated message uuid to delete the message. This link was prone to CSRF and when another user was tricked into opening this link the message was deleted possibly before the user could read it. LI: This vulnerability was identified through a commissioned penetration test conducted by Port Zero. Affected Versions: * 2.2.0 * 2.1.0 * 2.0.0 Vulnerability Management: We have rated the issue with a CVSS Score of 3.5 (Low) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N</tt>. We assigned CVE-2023-6251 to this vulnerability. Changes: This Werk adds CSRF token validation to this endpoint.

10 months, 1 week

[2.1.0] Checkmk Werk 16221 created: Livestatus Injections

by Checkmk werks level 1

Title: Livestatus Injections Class: security Compatible: compat Component: wato Date: 1700066363 Edition: cre Level: 1 Version: 2.1.0p37 Prior to this Werk it was possible to inject arbitrary livestatus commands to the core via the WebUI. We found this vulnerability internally. Affected Versions: * 2.2.0 * 2.1.0 * 2.0.0 Vulnerability Management: We have rated the issue with a CVSS Score of 7.6 (High) with the following CVSS vector: <tt>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H</tt>. We assigned CVE-2023-6156 and CVE-2023-6157 to these vulnerabilities. Changes: This Werk strips the relevant parameters of newlines.

10 months, 1 week

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1