How the current OpenSSL vulnerabilities affect Icinga

by | Nov 3, 2022

Recently, OpenSSL published an advisory about two vulnerabilities, X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) and X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786). Depending on the operating system you are using, this may affect Icinga as well.

Update your operating systems

On Linux, Icinga uses the OpenSSL version provided by the operating system. Therefore, Icinga is affected if the version provided by the operating system is affected. Of the distributions we officially support, this is the case on Fedora 36, RHEL 9, and Ubuntu 22.04 (jammy). To address the issue, install the patches provided by your operating system and restart the Icinga process. Other distributions still use OpenSSL 1.x and are not affected by these two vulnerabilities.

On Windows, OpenSSL 1.1.1 is bundled with Icinga 2. This OpenSSL version is not affected.

You May Also Like…

Icinga 2 API and debug console

Icinga 2 API and debug console

Have you ever experienced configuration issues, such as notifications not being sent as expected or apply rules not...

Subscribe to our Newsletter

A monthly digest of the latest Icinga news, releases, articles and community topics.