Checkmk werks level1

checkmk-werks-lvl1@lists.checkmk.com

1 participants
15966 discussions

Checkmk Werk 14959: cmk-update-agent: Limit update interval

by Andreas Umbreit

ID: 14959 Title: cmk-update-agent: Limit update interval Component: agents Level: 1 Class: Bug fix Version: 2.2.0i1 The agent update interval (configurable in ruleset <i>Agent updater</i>) is now limited to a maximum value of 30 days. Existing rules with a higher interval will continue to work, but can't be edited without adapting the value.

1 year, 10 months

Checkmk Werk 14946: avoid unnecessary use of the password storage

by Sergey Kipnis

ID: 14946 Title: avoid unnecessary use of the password storage Component: config Level: 1 Class: Bug fix Version: 2.2.0i1 In some cases this change may considerably increase the speed of configuration generation. SUP-11910

1 year, 10 months

Checkmk Werk 14776: Add perf_data_count and metrics_count columns to status table

by Mathias Laurin

ID: 14776 Title: Add perf_data_count and metrics_count columns to status table Component: Livestatus Level: 1 Class: New feature Version: 2.2.0i1 This adds 4 columns to the status table: perf_data_count, perf_data_count_rate, metrics_count, and metrics_count_rate that represent the total number of performance data and metrics handled by the core.

1 year, 10 months

Checkmk Werk 14775: Add overflow counters to status table

by Mathias Laurin

ID: 14775 Title: Add overflow counters to status table Component: Livestatus Level: 1 Class: New feature Version: 2.2.0i1 This adds 6 columns to the status table in livestatus: carbon_overflows, carbon_overflows_rate, influxdb_overflows, influxdb_overflows_rate, rrdcached_overflows, and rrdcached_overflows_rate. These columns display count of rate of data that could not be sent to their respective connections.

1 year, 10 months

Checkmk Werk 14391: Require password change for old password hashes

by Hannes Rantzsch

ID: 14391 Title: Require password change for old password hashes Component: Setup Level: 1 Class: Security fix Version: 2.2.0i1 Local users whose passwords are hashed with insecure hash functions in the htpasswd file will be required to change their passwords on their next UI login. Users that authenticate via other mechanisms, such as LDAP, are not affected by this. Starting from version 2.2, Checkmk will no longer support validating password hashes of deprecated and insecure hash algorithms. In order to avoid situations where users are unable to log in (and require manually resetting their password by an administrator), users whose passwords are currently hashed with any of the affected hash algorithms will be required to set a new password. A warning message including all affected usernames will be displayed to the administrator running the `omd update` command. You can use this list to contact these users and selectively inform them that they will be required to change their password during their next UI login. In case they do not change their password before Checkmk is upgraded to version 2.2, these users will not be able to log in anymore after the upgrade and an administrator will have to reset the password. The following hash algorithms that are currently still supported are affected: des-crypt, MD5-crypt, Apr MD5-crypt. Passwords hashed with sha256-crypt will not require resetting the password but will be updated automatically on the user's next login (see Werk #14390). New passwords will be hashed with bcrypt. Should you wish to manually change a user's password via the CLI, please be aware of the newly introduced `cmk-passwd` utility (see Werk #14389). Even though this Werk is related to security, it does not fix any exploitable issue. Hence, we assign a CVSS score of 0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).

1 year, 10 months

Checkmk Werk 14390: Automatically update deprectated password hashes

by Hannes Rantzsch

ID: 14390 Title: Automatically update deprectated password hashes Component: Setup Level: 1 Class: New feature Version: 2.2.0i1 Deprecated hashes of user passwords stored in the htpasswd file will now be automatically updated to a more modern hash format when the respective user logs in. Specifically, password hashes created with the sha256-crypt algorithm will be udpated to bcrypt hashes. sha256-crypt hashes are still considered secure for password hashing. However, we want to migrate all users' password hashes to the more modern bcrypt algorithm. For users whose passwords are hashed with sha256-crypt we can do so automatically in the background when they authenticate successfully. Older and less secure password hashes, such as MD5, are not updated automatically.

1 year, 10 months

Checkmk Werk 14818: Ceph OSDs checkplugin now uses the warning threshold

by External contributor

ID: 14818 Title: Ceph OSDs checkplugin now uses the warning threshold Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 The Chep OSDs check plugin ignored the warning thresholds for OSDs out and OSDs down. This has beed fixed now.

1 year, 10 months

Checkmk Werk 14632: mrpe: Check plugin no longer crashes when information is not available in the agent section

by LukaRacic

ID: 14632 Title: mrpe: Check plugin no longer crashes when information is not available in the agent section Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 The check plugin used to crash if no further information about a service was not available. This has now been fixed, and if no further information is available, the check summary will be appropriate.

1 year, 10 months

Checkmk Werk 14897: Fix audit log entry for removed vanished services

by Ronny Bruska

ID: 14897 Title: Fix audit log entry for removed vanished services Component: Setup Level: 1 Class: Bug fix Version: 2.2.0i1 If a vanished service was removed on the service discovery page, the audit log showed an entry like "Item "Foo" added.".

1 year, 10 months

Checkmk Werk 14898: Fix Apache port configuration on "omd cp" command

by Ronny Bruska

ID: 14898 Title: Fix Apache port configuration on "omd cp" command Component: Site Management Level: 1 Class: Bug fix Version: 2.2.0i1 Since version 2.1.0p7 and werk #14281 the Apache port of the source site was used for the new site while using "omd cp" command. As a workaround you could execute 'omd update-apache-config [site]' to fix the issue after the 'omd cp' command.

1 year, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1