{"affected":[{"ecosystem_specific":{"binaries":[{"icinga2":"2.12.4-bp153.2.3.1","icinga2-bin":"2.12.4-bp153.2.3.1","icinga2-common":"2.12.4-bp153.2.3.1","icinga2-doc":"2.12.4-bp153.2.3.1","icinga2-ido-mysql":"2.12.4-bp153.2.3.1","icinga2-ido-pgsql":"2.12.4-bp153.2.3.1","nano-icinga2":"2.12.4-bp153.2.3.1","vim-icinga2":"2.12.4-bp153.2.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP3","name":"icinga2","purl":"pkg:rpm/suse/icinga2&distro=SUSE%20Package%20Hub%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.12.4-bp153.2.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"icinga2":"2.12.4-bp153.2.3.1","icinga2-bin":"2.12.4-bp153.2.3.1","icinga2-common":"2.12.4-bp153.2.3.1","icinga2-doc":"2.12.4-bp153.2.3.1","icinga2-ido-mysql":"2.12.4-bp153.2.3.1","icinga2-ido-pgsql":"2.12.4-bp153.2.3.1","nano-icinga2":"2.12.4-bp153.2.3.1","vim-icinga2":"2.12.4-bp153.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"icinga2","purl":"pkg:rpm/opensuse/icinga2&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.12.4-bp153.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for icinga2 fixes the following issues:\n\nUpdate to 2.12.4\n\n  * Bugfixes\n\n    - Fix a crash when notification objects are deleted using the\n      API #8782\n    - Fix crashes that might occur during downtime scheduling if\n      host or downtime objects are deleted using the API #8785\n    - Fix an issue where notifications may incorrectly be skipped\n      after a downtime ends #8775\n    - Don't send reminder notification if the notification is still\n      suppressed by a time period #8808\n    - Fix an issue where attempting to create a duplicate object\n      using the API might result in the original object being\n      deleted #8787\n    - IDO: prioritize program status updates #8809\n    - Improve exceptions handling, including a fix for an uncaught\n      exception on Windows #8777\n    - Retry file rename operations on Windows to avoid intermittent\n      locking issues #8771\n\n  * Enhancements\n\n    - Support Boost 1.74 (Ubuntu 21.04, Fedora 34) #8792\n\nUpdate to 2.12.3\n\n  * Security\n\n    - Fix that revoked certificates due for renewal will \n      automatically be renewed ignoring the CRL \n      (Advisory / CVE-2020-29663 - fixes boo#1180147 )\n\n  * Bugfixes\n\n    - Improve config sync locking - resolves high load issues on\n      Windows #8511\n    - Fix runtime config updates being ignored for objects without\n      zone #8549\n    - Use proper buffer size for OpenSSL error messages #8542\n\n  * Enhancements\n\n    - On checkable recovery: re-check children that have a problem\n      #8506\n\nUpdate to 2.12.2\n\n  * Bugfixes\n\n    - Fix a connection leak with misconfigured agents #8483\n    - Properly sync changes of config objects in global zones done\n      via the API #8474 #8470\n    - Prevent other clients from being disconnected when replaying\n      the cluster log takes very long #8496\n    - Avoid duplicate connections between endpoints #8465\n    - Ignore incoming config object updates for unknown zones #8461\n    - Check timestamps before removing files in config sync #8495\n\n  * Enhancements\n\n    - Include HTTP status codes in log #8467\n","id":"openSUSE-SU-2021:1069-1","modified":"2021-07-20T22:06:19Z","published":"2021-07-20T22:06:19Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7RXCOMXKKWZ7PYODPH5SO5SSBKRXIJWA/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180147"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-29663"}],"related":["CVE-2020-29663"],"summary":"Security update for icinga2","upstream":["CVE-2020-29663"]}