ID: 14256
Title: REST-API objects/ruleset: Change status code to 404 when ruleset doesn't exist
Component: REST API
Level: 1
Class: Bug fix
Version: 2.2.0i1
The objects ruleset endpoint previously returned a 500 internal server error when
the ruleset didn't exist. This werk changes the status code to a 404 'Unknown ruleset'
ID: 13420
Title: Fix section parsing with different separators
Component: Core & setup
Level: 1
Class: Bug fix
Version: 2.2.0i1
In checkmk it's possible to transport a single section with different separators:
<code>
<<<section:sep(44)>>>
a,1
<<<section:sep(124)>>>
b|2
<<<section:sep(44)>>>
c,3
</code>
Up until this werk, the ordering of the lines where not preserved, the check
function would have received them as a,1 c,3 b,2
ID: 13944
Title: Title: Long text in the inventory dashlet will now break into multiple lines
Component: Multisite
Level: 1
Class: Bug fix
Version: 2.2.0i1
Instead of rendering the text of the inventory dashlet on one line,
the text will now break into multiple lines if not enough space is there.
ID: 14094
Title: Permission error during agent controller installation
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
A regression in Checkmk 2.1.0b9 could lead to a permission error during the installation of the Checkmk agent.
ID: 13724
Title: Remove legacy macro expansion in Event Console script actions
Component: Event Console
Level: 2
Class: Security fix
Version: 2.2.0i1
The Event Console is able to execute actions, e.g. shell scripts, when opening
or cancelling events. Details of the events are available to the script via
environment variables <tt>CMK_</tt> as described in the user manual
(https://docs.checkmk.com/latest/en/ec.html#_shell_scripts_and_emails). This
mechanism will keep working as before.
However, there is a second undocumented mechanism which relies on macro
expansion in the shell scripts. Previously it was possible to use macros (e.g.
<tt>$HOST$</tt>) in the <i>Event Console</i> scripts. These were replaced
before executing the script. The values of these macros can be untrusted input
and lead to command injections. You are only affected by this issue, if your
scripts use the macro expansion.
With this incompatible change we remove the macro expansion mechanism for
security reasons. The site update mechanism tries to detect Event Console
actions using these macros, disables the actions and informs you about this
change. The output of an <tt>omd update</tt> for a rule being disabled would
look like this:
C+:
"Script 'some_action_id' uses macros. We disable it. Please replace the macros
with proper variables before enabling it again!"
C-:
If you use the <i>Event Console</i> with shell script actions you should check
your scripts for macros and replace them with the documented environment
variable approach (Setup > Events > Event Console rule packs > Event Console
configuration > Event Console configuration). You can access all macro values
with environment variables (they are prefixed with <tt>CMK_</tt>).
ID: 14051
Title: Fix crash in activate changes
Component: Setup
Level: 1
Class: Bug fix
Version: 2.2.0i1
Activate changes would crash on activation of some mkps when
Global settings -> Logging -> Automation calls was on DEBUG.
ID: 14050
Title: mssql_counters: Fix crash in parsing mssql_counters
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
Parsing mssql_counters failed for timestamps in format "%d.%m.%Y".
Now, we additionally support this format.
ID: 14255
Title: host_config: created_at timestamp is no longer updated with the update host endpoint
Component: REST API
Level: 1
Class: Bug fix
Version: 2.2.0i1
Previously, on updating the config host endpoint, the meta_data, created_at
timestamp was being changed along side the updated_at timestamp. This werk
fixes this issue by leaving the created_at unaffected.