blob: 1e398bf9218a093e5610298f8d54c008c0aac059 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
2.14.2-1
- New upstream version 2.14.2
2.14.1-1
- New upstream version 2.14.1
2.14.0-1
- New upstream version 2.14.0
2.13.7-1
- New upstream version 2.13.7
2.13.6-2
- Add patch to support Boost 1.81
2.13.6-1
- New upstream version 2.13.6
2.13.5-1
- New upstream version 2.13.5
2.13.4-1
- New upstream version 2.13.4
2.13.3-1
- New upstream version 2.13.3
2.13.2-1
- New upstream version 2.13.2
2.13.1-1
- New upstream version 2.13.1
- Security: Add TLS server certificate validation to ElasticsearchWriter,
GelfWriter, InfluxdbWriter and Influxdb2Writer (CVE-2021-37698)
2.12.5-1
- New upstream version 2.12.5
- Security: PKI ticket salt exposed via API, potentially allowing privilege
escalation for authenticated API users (CVE-2021-32739)
- Security: Passwords used to access external services inadvertently exposed
through API (CVE-2021-32743)
2.12.4-1
- New upstream version 2.12.4
2.12.3-2
- Update patches for builing with boost 1.74+ to those merged upstream
2.12.3-1
- New upstream version 2.12.3
- Security: Fix that revoked certificates due for renewal will automatically
be renewed ignoring the CRL (CVE-2020-29663)
2.12.2-2
- Fix build with boost 1.74
2.12.2-1
- New upstream version 2.12.2
2.12.1-1
- New upstream version 2.12.1
2.12.0-1
- New upstream version 2.12.0
2.11.4-1
- New upstream version 2.11.4
2.11.3-1
- New upstream version 2.11.3
2.11.2-3
- Other workaround for the bug in boost 1.72 now that boost 1.69 is gone from
the Arch repos
2.11.2-2
- Build against boost 1.69 as a workaround for a bug in boost 1.72
2.11.2-1
- New upstream version 2.11.2
2.11.0-2
- Manually specify boost paths to fix building with boost 1.71.0 and recent
cmake versions
2.11.0-1
- New upstream version 2.11.0
2.10.5-1
- New upstream version 2.10.5
2.10.4-1
- New upstream version 2.10.4
2.10.3-1
- New upstream version 2.10.3
2.10.2-1
- New upstream version 2.10.2
2.10.1-1
- New upstream version 2.10.1
2.10.0-1
- New upstream version 2.10.0
- Some path constants changed in the config (should be backwards-compatible)
- "namespace" and "using" are now reserved keywords in the config
- Some configuration errors are now fatal
- For details, see
https://icinga.com/docs/icinga2/latest/doc/16-upgrading-icinga-2/#upgrading-to-v210
2.9.1-1
- New upstream version 2.9.1
2.9.0-1
- New upstream version 2.9.0
- Icinga Studio was removed from upstream
- The package is no longer a split package as most of the libs are now linked
into the icinga2 binary
2.8.2-1
- New upstream version 2.8.2, including security fixes for:
- CVE-2017-16933: chmod on user-writable symlinks, allowing privilege
escalation.
- CVE-2018-6532: Denial of service by memory exhaustion if the API
component is enabled.
- CVE-2018-6533: Possible privilege escalation via init.conf.
- CVE-2018-6534: Denial of service due to a NULL pointer dereference.
- CVE-2018-6535: API lacks a constant-time password comparison.
- CVE-2018-6536: (not affected when using systemd) The init.d script kills
a PID supplied by the icinga user as root.
- As the update removes /etc/icinga2/init.conf, you have to update
/etc/default/icinga2 if you changed the user or group in init.conf.
|