How the current OpenSSL vulnerabilities affect Icinga

by | Nov 3, 2022

Recently, OpenSSL published an advisory about two vulnerabilities, X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) and X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786). Depending on the operating system you are using, this may affect Icinga as well.

Update your operating systems

On Linux, Icinga uses the OpenSSL version provided by the operating system. Therefore, Icinga is affected if the version provided by the operating system is affected. Of the distributions we officially support, this is the case on Fedora 36, RHEL 9, and Ubuntu 22.04 (jammy). To address the issue, install the patches provided by your operating system and restart the Icinga process. Other distributions still use OpenSSL 1.x and are not affected by these two vulnerabilities.

On Windows, OpenSSL 1.1.1 is bundled with Icinga 2. This OpenSSL version is not affected.

You May Also Like…

Releasing Icinga DB v1.1

Releasing Icinga DB v1.1

We are happy to announce the release of Icinga DB version 1.1 today. The main feature of this release is the addition...

Subscribe to our Newsletter

A monthly digest of the latest Icinga news, releases, articles and community topics.