[//]: # (werk v2)
# Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data
key | value
---------- | ---
date | 2024-05-22T13:57:02+00:00
version | 2.3.0p3
class | fix
edition | cre
component | omd
level | 3
compatible | yes
This werk affects all users of Checkmk Raw.
You might have perceived a severe performance degradation in Checkmk 2.3.0 and a lot of errors in
the NPCD log. This was due to missing RRD packages and thus expensive fall-back computations.
This werk fixes a performance issue in combination with potentially missing metric data, which can
result in gaps in the service graphs.
Werk 16116 was adapted. The following is the new Werk, a diff is shown at the end of the message.
[//]: # (werk v2)
# Fixed association of contacts with hosts/services/contactgroups
key | value
---------- | ---
date | 2024-04-05T13:48:37+00:00
version | 2.3.0b4
class | fix
edition | cre
component | livestatus
level | 3
compatible | yes
Checkmk 2.3 beta introduced a regression regarding contacts when
then Nagios core was used: The association of contacts with hosts,
services and contact groups was incorrect. A symptom of this bug
were e.g. missing hosts or services in the GUI.
------------------------------------<diff>-------------------------------------------
[//]: # (werk v2)
# Fixed association of contacts with hosts/services/contactgroups
key | value
---------- | ---
date | 2024-04-05T13:48:37+00:00
- version | 2.3.0b5
? ^
+ version | 2.3.0b4
? ^
class | fix
edition | cre
component | livestatus
level | 3
compatible | yes
Checkmk 2.3 beta introduced a regression regarding contacts when
then Nagios core was used: The association of contacts with hosts,
services and contact groups was incorrect. A symptom of this bug
were e.g. missing hosts or services in the GUI.
[//]: # (werk v2)
# Fixed association of contacts with hosts/services/contactgroups
key | value
---------- | ---
date | 2024-04-05T13:48:37+00:00
version | 2.3.0b5
class | fix
edition | cre
component | livestatus
level | 3
compatible | yes
Checkmk 2.3 beta introduced a regression regarding contacts when
then Nagios core was used: The association of contacts with hosts,
services and contact groups was incorrect. A symptom of this bug
were e.g. missing hosts or services in the GUI.
[//]: # (werk v2)
# mk_oracle(ps1): Prevent privilege esclation to root
key | value
---------- | ---
compatible | yes
version | 2.3.0b4
date | 2024-01-17T08:20:43+00:00
level | 3
class | security
component | checks
edition | cre
The agent plugins mk_oracle, mk_oracle.ps1 and mk_oracle_crs were vulnerable to privilege escalation to root by the oracle user.
A malicious oracle user could replace a binary (e.g. sqlplus) with another script and put
it in the corresponding directory. The script would be executed by the root user.
All binaries, which are called by the plugins, are now checked if they need to be executed as a non-root (non-administrator under Windows) user, preventing the privilege escalation.
Affected binaries are: sqlplus, tnsping, crsctl.
<h3>Affected Versions</h3>
* 2.3.0 (beta)
* 2.2.0
* 2.1.0
* 2.0.0 (EOL) and older
<h3>Mitigations</h3>
If updating is not possible, disable the mk_oracle plugin.
<h3>Vulnerability Management</h3>
We have rated the issue with a CVSS score of 8.2 (High) with the following CVSS vector:
<code>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H</code>
We have assigned <code>CVE-2024-0638</code>.
<h3>Changes</h3>
All called binaries are now executed in a safe way.
[//]: # (werk v2)
# Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data
key | value
---------- | ---
date | 2024-05-22T13:57:02+00:00
version | 2.4.0b1
class | fix
edition | cre
component | omd
level | 3
compatible | yes
This werk affects all users of Checkmk Raw.
You might have perceived a severe performance degradation in Checkmk 2.3.0 and a lot of errors in
the NPCD log. This was due to missing RRD packages and thus expensive fall-back computations.
This werk fixes a performance issue in combination with potentially missing metric data, which can
result in gaps in the service graphs.