openSUSE-SU-2021:1069-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:1069-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2021:1069-1
- Related
- Published
- 2021-07-20T22:06:19Z
- Modified
- 2021-07-20T22:06:19Z
- Summary
- Security update for icinga2
- Details
-
This update for icinga2 fixes the following issues:
Update to 2.12.4
Bugfixes
- Fix a crash when notification objects are deleted using the API #8782
- Fix crashes that might occur during downtime scheduling if host or downtime objects are deleted using the API #8785
- Fix an issue where notifications may incorrectly be skipped after a downtime ends #8775
- Don't send reminder notification if the notification is still suppressed by a time period #8808
- Fix an issue where attempting to create a duplicate object using the API might result in the original object being deleted #8787
- IDO: prioritize program status updates #8809
- Improve exceptions handling, including a fix for an uncaught exception on Windows #8777
- Retry file rename operations on Windows to avoid intermittent locking issues #8771
Enhancements
- Support Boost 1.74 (Ubuntu 21.04, Fedora 34) #8792
Update to 2.12.3
Security
- Fix that revoked certificates due for renewal will automatically be renewed ignoring the CRL (Advisory / CVE-2020-29663 - fixes boo#1180147 )
Bugfixes
- Improve config sync locking - resolves high load issues on Windows #8511
- Fix runtime config updates being ignored for objects without zone #8549
- Use proper buffer size for OpenSSL error messages #8542
Enhancements
- On checkable recovery: re-check children that have a problem #8506
Update to 2.12.2
Bugfixes
- Fix a connection leak with misconfigured agents #8483
- Properly sync changes of config objects in global zones done via the API #8474 #8470
- Prevent other clients from being disconnected when replaying the cluster log takes very long #8496
- Avoid duplicate connections between endpoints #8465
- Ignore incoming config object updates for unknown zones #8461
- Check timestamps before removing files in config sync #8495
Enhancements
- Include HTTP status codes in log #8467
- References
Affected packages
SUSE:Package Hub 15 SP3 / icinga2
Package
- Name
- icinga2
- Purl
- purl:rpm/suse/icinga2&distro=SUSE%20Package%20Hub%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.12.4-bp153.2.3.1
Ecosystem specific
{
"binaries": [
{
"icinga2": "2.12.4-bp153.2.3.1",
"icinga2-ido-pgsql": "2.12.4-bp153.2.3.1",
"icinga2-bin": "2.12.4-bp153.2.3.1",
"icinga2-ido-mysql": "2.12.4-bp153.2.3.1",
"nano-icinga2": "2.12.4-bp153.2.3.1",
"icinga2-doc": "2.12.4-bp153.2.3.1",
"icinga2-common": "2.12.4-bp153.2.3.1",
"vim-icinga2": "2.12.4-bp153.2.3.1"
}
]
}
openSUSE:Leap 15.3 / icinga2
Package
- Name
- icinga2
- Purl
- purl:rpm/suse/icinga2&distro=openSUSE%20Leap%2015.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.12.4-bp153.2.3.1
Ecosystem specific
{
"binaries": [
{
"icinga2": "2.12.4-bp153.2.3.1",
"icinga2-ido-pgsql": "2.12.4-bp153.2.3.1",
"icinga2-bin": "2.12.4-bp153.2.3.1",
"icinga2-ido-mysql": "2.12.4-bp153.2.3.1",
"nano-icinga2": "2.12.4-bp153.2.3.1",
"icinga2-doc": "2.12.4-bp153.2.3.1",
"icinga2-common": "2.12.4-bp153.2.3.1",
"vim-icinga2": "2.12.4-bp153.2.3.1"
}
]
}