From: Check_mk Announcements
Date: Thu, Sep 20, 2018 at 4:58 PM
WATO:
* 6568 SEC: Fixed possible XSS on custom icon management page
* 6567 SEC: Fixed possible XSS on activate changes page
* 6609 SEC: Fixed possible XSS on SNMP MIB upload page
* 6611 SEC: Fixed multiple reflected XSS attacks using AJAX calls
* 6618 SEC: Fixed missing CSRF protection for host diagnostic AJAX calls
* 4682 SEC: Add permission "Can add or modify executables" to be able to fine tune access rights
NOTE: Please refer to the migration notes!
* 6552 FIX: Role changes now create change entries on central site
* 6551 FIX: Fixed missing permission checking during "Discard changes"
User interface:
* 6615 SEC: Fixed unauthorized access to master control actions
* 6612 SEC: Fixed possible reflected XSS using back URLs in view editor
* 6622 SEC: Fixed possible open redirect on login page
* 6610 SEC: Fixed possible XSS using the dokuwiki snapin
* 6565 SEC: Fixed possible XSS issues in Bookmarks snapin
* 6613 SEC: Fixed multiple reflected XSS in affecting sidebar snapin AJAX calls
* 6620 SEC: Fixed missing CSRF protection for site status AJAX calls
* 6619 SEC: Fixed missing CSRF protection for master control AJAX calls
HW/SW inventory:
* 6494 FIX: win_video: Fixed crash if driver date is missing
Checks & agents:
* 5223 juniper_alarm, juniper_bgp_state, juniper_cpu, juniper_cpu_util, juniper_fru, juniper_mem: Try discovery also on QFX series devices
* 6472 FIX: zpool: Fixed title and units of graphs
* 6590 FIX: uptime.include: Even if an SNMP-Device does not have a sysDesc it still can have an uptime
* 6593 FIX: sylo: Fixed missing performance data 'IN' and 'OUT' rates
* 6461 FIX: solaris_mem: Fix crashing check when values in agent output are given in Kilobytes
* 6592 FIX: snmp_info: Generate snmp_info service even if the sysDescription is not set
* 6404 FIX: oracle_undostat: prevent the discovery of invalid services
* 6493 FIX: netscaler_vserver: Discovers readable names
* 6597 FIX: netapp_api_vs_traffic: Fixed pending services
* 6398 FIX: netapp_api_environment: Fixed discovery of environmental sensors like PSU
* 6489 FIX: mssql_backup: Fixed parsing of backup date, time and type
* 6460 FIX: jolokia_generic: Do not crash when non-numeric data is supplied for number or rate type values
* 6591 FIX: if: Network appliances with only one network interface were not discovered
* 6589 FIX: ibm_svc_mdiskgrp: Fixed disregarded provisioning state
* 6313 FIX: esx_vsphere_hostsystem: Fixed discovery of multipaths
* 6400 FIX: brocade_fcport: fix for the calculation of received and transmitted bytes per second
* 6476 FIX: apc_symmetra: Fixed transposed default levels for battery capacity
NOTE: Please refer to the migration notes!
* 6474 FIX: aix_diskiod: Fixed style of graphs
* 6459 FIX: 3par_volumes: Fix crash due to unknown provisioning type
You can download Check_MK from our download page:
* http://mathias-kettner.de/check_mk_download.html
沒有留言:
張貼留言