Checkmk werks level3 May 2024

checkmk-werks-lvl3@lists.checkmk.com

1 participants
5 discussions

[2.3.0] Checkmk Werk 16882 created: Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data

by Checkmk werks level 3

[//]: # (werk v2) # Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data key | value ---------- | --- date | 2024-05-22T13:57:02+00:00 version | 2.3.0p3 class | fix edition | cre component | omd level | 3 compatible | yes This werk affects all users of Checkmk Raw. You might have perceived a severe performance degradation in Checkmk 2.3.0 and a lot of errors in the NPCD log. This was due to missing RRD packages and thus expensive fall-back computations. This werk fixes a performance issue in combination with potentially missing metric data, which can result in gaps in the service graphs.

3 months, 1 week

[2.3.0] Checkmk Werk 16116 adapted: Fixed association of contacts with hosts/services/contactgroups

by Checkmk werks level 3

Werk 16116 was adapted. The following is the new Werk, a diff is shown at the end of the message. [//]: # (werk v2) # Fixed association of contacts with hosts/services/contactgroups key | value ---------- | --- date | 2024-04-05T13:48:37+00:00 version | 2.3.0b4 class | fix edition | cre component | livestatus level | 3 compatible | yes Checkmk 2.3 beta introduced a regression regarding contacts when then Nagios core was used: The association of contacts with hosts, services and contact groups was incorrect. A symptom of this bug were e.g. missing hosts or services in the GUI. ------------------------------------<diff>------------------------------------------- [//]: # (werk v2) # Fixed association of contacts with hosts/services/contactgroups key | value ---------- | --- date | 2024-04-05T13:48:37+00:00 - version | 2.3.0b5 ? ^ + version | 2.3.0b4 ? ^ class | fix edition | cre component | livestatus level | 3 compatible | yes Checkmk 2.3 beta introduced a regression regarding contacts when then Nagios core was used: The association of contacts with hosts, services and contact groups was incorrect. A symptom of this bug were e.g. missing hosts or services in the GUI.

3 months, 1 week

[2.3.0] Checkmk Werk 16116 created: Fixed association of contacts with hosts/services/contactgroups

by Checkmk werks level 3

[//]: # (werk v2) # Fixed association of contacts with hosts/services/contactgroups key | value ---------- | --- date | 2024-04-05T13:48:37+00:00 version | 2.3.0b5 class | fix edition | cre component | livestatus level | 3 compatible | yes Checkmk 2.3 beta introduced a regression regarding contacts when then Nagios core was used: The association of contacts with hosts, services and contact groups was incorrect. A symptom of this bug were e.g. missing hosts or services in the GUI.

3 months, 1 week

[2.3.0] Checkmk Werk 16232 created: mk_oracle(ps1): Prevent privilege esclation to root

by Checkmk werks level 3

[//]: # (werk v2) # mk_oracle(ps1): Prevent privilege esclation to root key | value ---------- | --- compatible | yes version | 2.3.0b4 date | 2024-01-17T08:20:43+00:00 level | 3 class | security component | checks edition | cre The agent plugins mk_oracle, mk_oracle.ps1 and mk_oracle_crs were vulnerable to privilege escalation to root by the oracle user. A malicious oracle user could replace a binary (e.g. sqlplus) with another script and put it in the corresponding directory. The script would be executed by the root user. All binaries, which are called by the plugins, are now checked if they need to be executed as a non-root (non-administrator under Windows) user, preventing the privilege escalation. Affected binaries are: sqlplus, tnsping, crsctl. <h3>Affected Versions</h3> * 2.3.0 (beta) * 2.2.0 * 2.1.0 * 2.0.0 (EOL) and older <h3>Mitigations</h3> If updating is not possible, disable the mk_oracle plugin. <h3>Vulnerability Management</h3> We have rated the issue with a CVSS score of 8.2 (High) with the following CVSS vector: <code>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H</code> We have assigned <code>CVE-2024-0638</code>. <h3>Changes</h3> All called binaries are now executed in a safe way.

3 months, 1 week

[2.4.0] Checkmk Werk 16882 created: Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data

by Checkmk werks level 3

[//]: # (werk v2) # Fix performance issues when processing performance data (process_perfdata.pl) and missing metric data key | value ---------- | --- date | 2024-05-22T13:57:02+00:00 version | 2.4.0b1 class | fix edition | cre component | omd level | 3 compatible | yes This werk affects all users of Checkmk Raw. You might have perceived a severe performance degradation in Checkmk 2.3.0 and a lot of errors in the NPCD log. This was due to missing RRD packages and thus expensive fall-back computations. This werk fixes a performance issue in combination with potentially missing metric data, which can result in gaps in the service graphs.

3 months, 2 weeks

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Checkmk werks level3 May 2024