Icinga Security Releases: 1.10.2 1.9.4 1.8.5

by | Dec 17, 2013

Following up on our recent Icinga 1.10.2 bug fix release, we have backported patches to older versions and now present 1.8.5 and 1.9.4 for download.
These two new bug fix releases are important for users who allow public access to their Classic UI. In particular they deal with susceptibilities to:

  • (CVE-2013-7106) Buffer overflow errors, as fixed in #5250
  • (CVE-2013-7108) Off-by-one errors, as fixed in #5251

Please note: CVE-2013-7107 was identified and is being addressed with issue #5346. A fix will be integrated into Icinga 1.11. In the meantime, we recommend users with vulnerabilities to manage their user rights accordingly in the Classic UI.
Once again we thank the DTAG Group Information Security for their advice.
For a quick upgrade, keep an eye on our auto-built packages.

You May Also Like…

Releasing Icinga Web v2.12.2

Releasing Icinga Web v2.12.2

Today we’re announcing the general availability of Icinga Web v2.12.2. You can find all issues related to this release...

Subscribe to our Newsletter

A monthly digest of the latest Icinga news, releases, articles and community topics.