ID: 15753
Title: agent_azure: Make resource group filter case-insensitive
Component: agents
Level: 1
Class: Bug fix
Version: 2.3.0b1
Due to the inconsistant behaviour of the Azure API, the filtering of
resources by resource group wasn't working as expected.
The resource group name returned by the API was sometimes of a different
case then the one visible in the Azure portal, which led to resources not
being discovered by Checkmk.
Now, the resource group filtering is case-insensitive and the problem
no longer occurrs.
ID: 15687
Title: Update openssl to 1.1.1t
Component: Core & setup
Level: 1
Class: Security fix
Version: 2.3.0b1
With this Werk openssl is updated from 1.1.1q to 1.1.1t.
This fixes several CVEs:
LI: CVE-2023-0215
LI: CVE-2023-0286
LI: CVE-2023-0464
LI: CVE-2023-0465
LI: CVE-2023-0466
LI: CVE-2022-4304
LI: CVE-2022-4450
To our knowledge none of these vulnerabilities is exploitable in Checkmk.
We rate this with a CVSS of 0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N). This CVSS is primarily meant to please automatic scanners.
ID: 15849
Title: Filesystem checks: Avoid crash if device reports negative free space
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.3.0b1
A negative value for the free space is of course nonsense. However, if a device reported this,
Checkmk might have crashed with
C+:
ValueError("Cannot render negative timespan")
C-:
when attempting to compute the time left until the filesystem is full. Now, we instead report a
value of 0 seconds in this case, st. users receive informative notifications about the problem.
ID: 15615
Title: Disallow Specifying Invalid Ports in Rulesets
Component: Setup
Level: 1
Class: Bug fix
Version: 2.3.0b1
With this Werk, it is no longer possible to specify ports outside of the range 1 to 65535.
This affects rules such as <tt>Amazon Web Services (AWS)</tt>. In case you have an invalid port,
the following error will be shown while updating.
C+:
-| WARNING: Invalid rule configuration detected
-| Ruleset: special_agents:aws
-| Title: Amazon Web Services (AWS)
-| Folder: main
-| Rule nr: 1
-| Exception: -1 is too low. The minimum allowed value is 1.
-|
-| You can abort the update process (A) and try to fix the incompatibilities with a downgrade to the version you came from or continue (c) the update.
-|
-| Abort update? [A/c]
C-:
In this case, you should continue the update, and follow the instructions provided. For example:
C+:
-| WARNING: Invalid rule configuration detected (Ruleset: special_agents:aws, Title: Amazon Web Services (AWS), Folder: ,
-| Rule nr: 1, Exception: -1 is too low. The minimum allowed value is 1.)
-| Detected 1 issue(s) in configured rules.
-| To correct these issues, we recommend to open the affected rules in the GUI.
-| Upon attempting to save them, any problematic fields will be highlighted.
C-:
ID: 15614
Title: omd_diskusage: Do not Report Usage Upon Missing Permission
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.3.0b1
This Werk affects users who use the check plugin <tt>omd_diskusage</tt> (a 2.2.0 feature).
Previously, <tt>check_mk_agent.linux</tt> would report misleading information, if it had
insufficient permissions to read the directories from <tt>/omd/sites/</tt>. With this change, these
directories are skipped.
this mailinglist will now be migrated to a new server on lists.checkmk.com.
Let's say farewell to the last mathias-kettner.de server.
--
Alexander Wilms
Head of IT
Checkmk - The IT monitoring platform | checkmk.com <https://www.checkmk.com>
alex.wilms(a)checkmk.com | Phone: +49 89 9982097 0
Subscribe to our newsletter <https://go.checkmk.com/newsletter>! | Melden
Sie sich bei unserem Newsletter <https://go.checkmk.com/de/newsletter> an!
Checkmk GmbH
Kellerstraße 27, 81667 München, Germany
Amtsgericht München, HRB 165902
Geschäftsführer: Jan Justus, Mathias Kettner
ID: 15741
Title: Set Default Password Policy
Component: Setup
Level: 1
Class: New feature
Version: 2.3.0b1
New Checkmk sites will be created with a twelve (12) character minimum length for users' passwords, this can be edited within the site <i>(Setup > General > Global settings > Edit global setting > Password policy for local accounts)</i>.
Existing sites will have their password policy updated to a twelve (12) character minimum length had password policy not been previously defined, if a password policy is already in use the existing configuration will not change.
The password policy minimum length can still be manually set to less then twelve (12) characters.
ID: 15654
Title: windows_tasks: allow discovery to decide if disabled tasks are included or not
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.1.0p29
The Windows Tasks rule allowed the user to map 'not enabled' tasks to a specific state.
This rule also allowed to target tasks which switched from an 'enabled' to a 'disabled' state
between check cycles. However, tasks which were 'disabled' during discovery were previously
filtered out and could therefore not benefit from this rule.
This led to confusion as to what group was targeted by the specification 'not enabled'. This
werk, therefore, introduces an appropriate discovery rule which allows the user to control
whether 'disabled' tasks, at the point of discovery, are supposed to be monitored or not.
ID: 15848
Title: <tt>mk_oracle</tt>: Fix asynchronous execution on <tt>systemd</tt> systems and direct call from the command line
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.3.0b1
On <tt>systemd</tt> systems, the Oracle agent plugin did not properly execute any asynchronous SQL
queries (see also <a href="https://checkmk.com/werk/13732">werk #13732</a>). Furthermore, when being
called directly from the command line without any options, the plugin incorrectly reported
`Unhandled location` and terminated, even if it was located under <tt>..check_mk_agent/plugins/</tt>.