Overview
Request 590984 accepted
- update to version 2.8.2 (fixes CVE-2017-16933 - bsc#1086676, CVE-2018-6532 - bsc#1086672, CVE-2018-6533 - bsc#1086673,
CVE-2018-6534 - bsc#1086674, CVE-2018-6535 - bsc#1086675, CVE-2018-6536)
* [#5715](https://github.com/icinga/icinga2/issues/5715) (API, PR): Hash API password and comparison
* [#6153](https://github.com/icinga/icinga2/issues/6153) (API, PR): Improve error handling for empty packages in /v1/config/packages
* [#6147](https://github.com/icinga/icinga2/issues/6147) (PR): Fix incorrect argument type for JsonRpc::SendMessage
* [#6146](https://github.com/icinga/icinga2/issues/6146) (PR): Ensure that SetCorked\(\) works properly
* [#6134](https://github.com/icinga/icinga2/issues/6134) (PR): Fix incorrect HTTP content length limits
* [#6133](https://github.com/icinga/icinga2/issues/6133) (PR): Limit the number of HTTP/JSON-RPC requests we read in parallel
* [#6132](https://github.com/icinga/icinga2/issues/6132) (PR): Fix HTTP parser crash/hang
* [#6129](https://github.com/icinga/icinga2/issues/6129): api/packages not created by prepare-dir/daemon
* [#5995](https://github.com/icinga/icinga2/issues/5995) (InfluxDB, PR): Fix InfluxDB requests
* [#5991](https://github.com/icinga/icinga2/issues/5991): Partial privilege escalation via PID file manipulation
* [#5987](https://github.com/icinga/icinga2/issues/5987) (Elasticsearch, InfluxDB, Metrics): InfluxDBWriter and ElasticsearchWriter stop writing to HTTP API
* [#5943](https://github.com/icinga/icinga2/issues/5943) (PR): Fix incorrect ::Start call
* [#5793](https://github.com/icinga/icinga2/issues/5793): CVE-2017-16933: root privilege escalation via prepare-dirs \(init script and systemd service file\)
* [#5760](https://github.com/icinga/icinga2/issues/5760) (Crash, PR): Fix incorrect socket handling for the HTTP client
* [#6148](https://github.com/icinga/icinga2/issues/6148) (PR): Fix ApiUser unit test
* [#6135](https://github.com/icinga/icinga2/issues/6135) (API, Cluster, PR): Limit JSON RPC message size
* [#6115](https://github.com/icinga/icinga2/issues/6115) (PR): Fix incorrect size of request limits
* [#6114](https://github.com/icinga/icinga2/issues/6114) (PR): Fix typo in prepare-dirs
* [#6104](https://github.com/icinga/icinga2/issues/6104) (PR): Fix nullptr dereferences
* [#6103](https://github.com/icinga/icinga2/issues/6103) (PR): HTTP Security fixes
* [#5982](https://github.com/icinga/icinga2/issues/5982) (Packages, PR): SELinux: Allows icinga2\_t to send sigkill to all domains it transitions to
* [#5916](https://github.com/icinga/icinga2/issues/5916) (Packages): Unable to kill process group after check timeout if SElinux is enabled
* [#5850](https://github.com/icinga/icinga2/issues/5850) (Installation, PR): init script security fixes
* [#5764](https://github.com/icinga/icinga2/issues/5764) (InfluxDB, code-quality, PR): Improve InfluxdbWriter performance
* [#5759](https://github.com/icinga/icinga2/issues/5759) (code-quality, PR): Make default getters and setters non-virtual
- install limits.conf to systemd directory instead of etc
- override ICINGA2_BUILD_HOST_NAME to make builds reproducible (boo#1084909)
Request History
thardeck created request
- update to version 2.8.2 (fixes CVE-2017-16933 - bsc#1086676, CVE-2018-6532 - bsc#1086672, CVE-2018-6533 - bsc#1086673,
CVE-2018-6534 - bsc#1086674, CVE-2018-6535 - bsc#1086675, CVE-2018-6536)
* [#5715](https://github.com/icinga/icinga2/issues/5715) (API, PR): Hash API password and comparison
* [#6153](https://github.com/icinga/icinga2/issues/6153) (API, PR): Improve error handling for empty packages in /v1/config/packages
* [#6147](https://github.com/icinga/icinga2/issues/6147) (PR): Fix incorrect argument type for JsonRpc::SendMessage
* [#6146](https://github.com/icinga/icinga2/issues/6146) (PR): Ensure that SetCorked\(\) works properly
* [#6134](https://github.com/icinga/icinga2/issues/6134) (PR): Fix incorrect HTTP content length limits
* [#6133](https://github.com/icinga/icinga2/issues/6133) (PR): Limit the number of HTTP/JSON-RPC requests we read in parallel
* [#6132](https://github.com/icinga/icinga2/issues/6132) (PR): Fix HTTP parser crash/hang
* [#6129](https://github.com/icinga/icinga2/issues/6129): api/packages not created by prepare-dir/daemon
* [#5995](https://github.com/icinga/icinga2/issues/5995) (InfluxDB, PR): Fix InfluxDB requests
* [#5991](https://github.com/icinga/icinga2/issues/5991): Partial privilege escalation via PID file manipulation
* [#5987](https://github.com/icinga/icinga2/issues/5987) (Elasticsearch, InfluxDB, Metrics): InfluxDBWriter and ElasticsearchWriter stop writing to HTTP API
* [#5943](https://github.com/icinga/icinga2/issues/5943) (PR): Fix incorrect ::Start call
* [#5793](https://github.com/icinga/icinga2/issues/5793): CVE-2017-16933: root privilege escalation via prepare-dirs \(init script and systemd service file\)
* [#5760](https://github.com/icinga/icinga2/issues/5760) (Crash, PR): Fix incorrect socket handling for the HTTP client
* [#6148](https://github.com/icinga/icinga2/issues/6148) (PR): Fix ApiUser unit test
* [#6135](https://github.com/icinga/icinga2/issues/6135) (API, Cluster, PR): Limit JSON RPC message size
* [#6115](https://github.com/icinga/icinga2/issues/6115) (PR): Fix incorrect size of request limits
* [#6114](https://github.com/icinga/icinga2/issues/6114) (PR): Fix typo in prepare-dirs
* [#6104](https://github.com/icinga/icinga2/issues/6104) (PR): Fix nullptr dereferences
* [#6103](https://github.com/icinga/icinga2/issues/6103) (PR): HTTP Security fixes
* [#5982](https://github.com/icinga/icinga2/issues/5982) (Packages, PR): SELinux: Allows icinga2\_t to send sigkill to all domains it transitions to
* [#5916](https://github.com/icinga/icinga2/issues/5916) (Packages): Unable to kill process group after check timeout if SElinux is enabled
* [#5850](https://github.com/icinga/icinga2/issues/5850) (Installation, PR): init script security fixes
* [#5764](https://github.com/icinga/icinga2/issues/5764) (InfluxDB, code-quality, PR): Improve InfluxdbWriter performance
* [#5759](https://github.com/icinga/icinga2/issues/5759) (code-quality, PR): Make default getters and setters non-virtual
- install limits.conf to systemd directory instead of etc
- override ICINGA2_BUILD_HOST_NAME to make builds reproducible (boo#1084909)
licensedigger accepted review
ok
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:28"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:28
repo-checker accepted review
cycle and install check passed
jengelh accepted review
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory