Lucene search
SuseOPENSUSE-SU-2021:1029-1HistoryJul 12, 2021 - 12:00 a.m.
Security update for icinga2 (moderate)
2021-07-1200:00:00
lists.opensuse.org
10
0.001 Low
EPSS
Percentile
41.9%
An update that fixes one vulnerability is now available.
Description:
This update for icinga2 fixes the following issues:
icinga2 was updated to 2.12.4
* Bugfixes
- Fix a crash when notification objects are deleted using the API #8782
- Fix crashes that might occur during downtime scheduling if host or
downtime objects are deleted using the API #8785
- Fix an issue where notifications may incorrectly be skipped after a
downtime ends #8775
- Don't send reminder notification if the notification is still
suppressed by a time period #8808
- Fix an issue where attempting to create a duplicate object using the
API might result in the original object being deleted #8787
- IDO: prioritize program status updates #8809
- Improve exceptions handling, including a fix for an uncaught
exception on Windows #8777
- Retry file rename operations on Windows to avoid intermittent
locking issues #8771
-
Update to 2.12.3
-
Security
- Fix that revoked certificates due for renewal will automatically be
renewed ignoring the CRL (Advisory / CVE-2020-29663 - fixes
boo#1180147 )
- Fix that revoked certificates due for renewal will automatically be
-
Bugfixes
- Improve config sync locking - resolves high load issues on Windows
#8511 - Fix runtime config updates being ignored for objects without zone
#8549 - Use proper buffer size for OpenSSL error messages #8542
- Improve config sync locking - resolves high load issues on Windows
-
Enhancements
- On checkable recovery: re-check children that have a problem #8506
-
-
Update to 2.12.2
-
Bugfixes
- Fix a connection leak with misconfigured agents #8483
- Properly sync changes of config objects in global zones done via the
API #8474 #8470 - Prevent other clients from being disconnected when replaying the
cluster log takes very long #8496 - Avoid duplicate connections between endpoints #8465
- Ignore incoming config object updates for unknown zones #8461
- Check timestamps before removing files in config sync #8495
-
Enhancements
- Include HTTP status codes in log #8467
-
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1029=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |
Related
osv
osv
CVE-2020-29663
2020-12-15 23:15:12
suse
suse
Security update for icinga2 (moderate)
2021-07-19 00:00:00
Security update for icinga2 (moderate)
2021-07-19 00:00:00
Security update for icinga2 (moderate)
2021-07-21 00:00:00
debiancve
debiancve
CVE-2020-29663
2020-12-15 23:15:12
ubuntucve
ubuntucve
CVE-2020-29663
2020-12-15 00:00:00
nessus
nessus
openSUSE 15 Security Update : icinga2 (openSUSE-SU-2021:1069-1)
2021-07-21 00:00:00
openSUSE 15 Security Update : icinga2 (openSUSE-SU-2021:1029-1)
2021-07-13 00:00:00
openSUSE 15 Security Update : icinga2 (openSUSE-SU-2021:1089-1)
2021-07-25 00:00:00
veracode
veracode
Ignored Certificate Revocation List
2020-12-16 19:19:58
cve
cve
CVE-2020-29663
2020-12-15 23:15:12
openvas
openvas
Icinga 2.8.0 < 2.11.8, 2.12.2 < 2.12.3 CRL Vulnerability
2020-12-21 00:00:00
openSUSE: Security Advisory for icinga2 (openSUSE-SU-2021:1029-1)
2021-07-13 00:00:00
openSUSE: Security Advisory for icinga2 (openSUSE-SU-2021:1089-1)
2021-07-25 00:00:00
cvelist
cvelist
CVE-2020-29663
2020-12-15 22:15:35
nvd
nvd
CVE-2020-29663
2020-12-15 23:15:12
prion
prion
Code injection
2020-12-15 23:15:00