Icinga Security Releases: 1.10.2 1.9.4 1.8.5

by | Dec 17, 2013

Following up on our recent Icinga 1.10.2 bug fix release, we have backported patches to older versions and now present 1.8.5 and 1.9.4 for download.
These two new bug fix releases are important for users who allow public access to their Classic UI. In particular they deal with susceptibilities to:

  • (CVE-2013-7106) Buffer overflow errors, as fixed in #5250
  • (CVE-2013-7108) Off-by-one errors, as fixed in #5251

Please note: CVE-2013-7107 was identified and is being addressed with issue #5346. A fix will be integrated into Icinga 1.11. In the meantime, we recommend users with vulnerabilities to manage their user rights accordingly in the Classic UI.
Once again we thank the DTAG Group Information Security for their advice.
For a quick upgrade, keep an eye on our auto-built packages.

You May Also Like…

Icinga 2 API and debug console

Icinga 2 API and debug console

Have you ever experienced configuration issues, such as notifications not being sent as expected or apply rules not...

Subscribe to our Newsletter

A monthly digest of the latest Icinga news, releases, articles and community topics.