Checkmk werks level2

checkmk-werks-lvl2@lists.checkmk.com

1 participants
1349 discussions

Check_MK Werk 0982: Fix two XSS weaknesses according to CVSS 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C

by Mathias Kettner

ID: 0982 Title: Fix two XSS weaknesses according to CVSS 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C Component: Multisite Level: 2 Class: Security Fix Version: 1.2.5i4 This fixes the following issue: The check_mk application is susceptible to reflected XSS attacks. This is mainly the result of inproper output encoding. Reflected XSS can be triggered by sending a malicious URL to a user of the check_mk application. Once the XSS attack is triggered, the attacker has access to the full check_mk (and nagios) application with the access rights of the logged in victim. The fix applies to the function: htmllib.py: render_status_icons() actions.py: ajax_action()

10 years, 2 months

Check_MK Werk 1002: Fix crash when debugging notifications with non-Ascii characters

by Mathias Kettner

ID: 1002 Title: Fix crash when debugging notifications with non-Ascii characters Component: Notifications Level: 2 Class: Bug Fix Version: 1.2.5i4 When full notification debugging was enabled then notifications with a non-Ascii character would raise an exception and not be sent.

10 years, 3 months

Check_MK Werk 0940: Fixed various core SIGSEGV when using malformed livestatus queries

by Andreas Boesl

ID: 0940 Title: Fixed various core SIGSEGV when using malformed livestatus queries Component: Core & Setup Level: 2 Class: Security Fix Version: 1.2.5i4 Some malformed livestatus queries could crash the monitoring core. This happened whenever the value field for certain keys was missing.<br> For example C+: lq "GET hosts\nColumnHeaders:\n" lq "GET hosts\nAnd:\n" lq "GET hosts\nKeepalive:\n C-:

10 years, 3 months

Check_MK Werk 0939: Fixed multisite exception caused by missing explanation text for a AUTODELETE event action

by Andreas Boesl

ID: 0939 Title: Fixed multisite exception caused by missing explanation text for a AUTODELETE event action Component: Multisite Level: 2 Class: Bug Fix Version: 1.2.5i4

10 years, 3 months

Check_MK Werk 0938: logwatch: fixed incorrect display of warning messages

by Andreas Boesl

ID: 0938 Title: logwatch: fixed incorrect display of warning messages Component: Multisite Level: 2 Class: Bug Fix Version: 1.2.5i4

10 years, 3 months

Check_MK Werk 0621: zfsget: better filesystem selection and calculation of sizes

by Goetz Golla

ID: 0621 Title: zfsget: better filesystem selection and calculation of sizes Component: Checks & Agents Level: 2 Class: Bug Fix Version: 1.2.5i4 zfsget now only inventorizes filesystems of type "filesystem". If a mountpoint is present several times in the zfsget section of the agent data (with different device name), and also in the df section, the entry in the zfsget section with the device name from the df section is taken for calculating the data.

10 years, 3 months

Check_MK Werk 0620: new version of Check_MKs hardware and software inventory including a much extended windows agent and inventory functions

by Goetz Golla

ID: 0620 Title: new version of Check_MKs hardware and software inventory including a much extended windows agent and inventory functions Component: HW/SW-Inventory Level: 2 Class: New Feature Version: 1.2.5i4

10 years, 3 months

Check_MK Werk 0816: States of events can now be set by patterns

by Lars Michelsen

ID: 0816 Title: States of events can now be set by patterns Component: Event Console Level: 2 Class: New Feature Version: 1.2.5i4 The states of events created by a rule can now be set by regex patterns. A rule can now create events with different states. The mechanism is as follows: 1. The "text to match" patterns needs to match a message 2. When a rule has configured "(set by message text)" as state, and patterns are defined for the single states, the message will be matches agains these patterns to calculate the state of the event. 3. When none of these patterns matches, the event is set to UNKNOWN

10 years, 3 months

Check_MK Werk 0987: New button for updating DNS cache

by Mathias Kettner

ID: 0987 Title: New button for updating DNS cache Component: WATO Level: 2 Class: New Feature Version: 1.2.5i4 In the host details page in WATO there is now a new button <i>Update DNS Cache</i>. If you press this button, then all cached IP addresses of hosts on the same site as the host currently edited are being updated. Use this button when you have not specified an explicit address for a host and that host's IP address has been changed in your DNS (and you are not willing to wait for the next regular update).

10 years, 3 months

Check_MK Werk 0986: citrix_licenses: new check for monitoring Citrix licenses

by Mathias Kettner

ID: 0986 Title: citrix_licenses: new check for monitoring Citrix licenses Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i4

10 years, 3 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level2