This update for icinga includes various upstream fixes and the following
security security fixes:
- icinga was updated to version 1.14.0
- the classic-UI was vulnerable to a cross site scripting attack
(CVE-2015-8010, boo#952777)
- A user with nagios privileges could have gained root privileges by
placing a symbolic link at the logfile location (CVE-2016-9566,
boo#1014637)