Security update for icinga2 (moderate)

An update that fixes one vulnerability is now available.

Description:

This update for icinga2 fixes the following issues:

Update to 2.12.4

 * Bugfixes

   - Fix a crash when notification objects are deleted using the API #8782
   - Fix crashes that might occur during downtime scheduling if host or
     downtime objects are deleted using the API #8785
   - Fix an issue where notifications may incorrectly be skipped after a
     downtime ends #8775
   - Don't send reminder notification if the notification is still
     suppressed by a time period #8808
   - Fix an issue where attempting to create a duplicate object using the
     API might result in the original object being deleted #8787
   - IDO: prioritize program status updates #8809
   - Improve exceptions handling, including a fix for an uncaught
     exception on Windows #8777
   - Retry file rename operations on Windows to avoid intermittent
     locking issues #8771

 * Enhancements

   - Support Boost 1.74 (Ubuntu 21.04, Fedora 34) #8792

Update to 2.12.3

 * Security

   - Fix that revoked certificates due for renewal will automatically be
     renewed ignoring the CRL (Advisory / CVE-2020-29663 - fixes
     boo#1180147 )

 * Bugfixes

   - Improve config sync locking - resolves high load issues on Windows
     #8511
   - Fix runtime config updates being ignored for objects without zone
     #8549
   - Use proper buffer size for OpenSSL error messages #8542
 * Enhancements
   - On checkable recovery: re-check children that have a problem #8506

Update to 2.12.2

 * Bugfixes

   - Fix a connection leak with misconfigured agents #8483
   - Properly sync changes of config objects in global zones done via the
     API #8474 #8470
   - Prevent other clients from being disconnected when replaying the
     cluster log takes very long #8496
   - Avoid duplicate connections between endpoints #8465
   - Ignore incoming config object updates for unknown zones #8461
   - Check timestamps before removing files in config sync #8495

 * Enhancements

   - Include HTTP status codes in log #8467

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Backports SLE-15-SP2:

  zypper in -t patch openSUSE-2021-1054=1