While there are various bugs addressed and fixed in the 1.10.3 release, it also includes a nifty little enhancement for the initscript sponsored by Immobilienscout24 – thanks!

Other than that, there’s a possible overflow in Icinga Classic UI cmd.cgi brought to our attention by the GitHub security team (thanks again Dirkjan Bussink). We’ve therefore decided to update the old stable release branches 1.8 and 1.9 and release 1.8.6 and 1.9.5 to resolve these security issues for everyone. Older releases (<= 1.7.x) require an update to the latest and greatest. Update: CVE-2014-1878 identifies this security issue.

The release downloads are available on GitHub as usual, package maintainers will update their packages soon.

Changelog 1.10.3

ENHANCEMENTS

  • initscript: implement IcingaPrecacheFallback option for the init script (thx Immobilienscout24) #4968

FIXES

  • core: fix passive host check commands check service’s passive check acceptance (thx Naemon) #5568
  • core: fix host state translation for passive host check results #5575
  • classic ui: aggressively check for possible buffer overflows in cmd.cgi (thx GitHub) #5434
  • classic ui: add missing jquery and jquery-ui-timepicker-addon sources #5564
  • idoutils: wait for child processes on exit preventing zombies (thx Laurent Bigonville) #4427
  • initscript: fix ido2db returning invalid lsb codes (Marco Hoyer) #4825
  • spec: only add apache user to the icingacmd group if existing #5263
  • spec: fix usermod error on SUSE #5430
  • spec: backport fedora spec file fixes (thx Fedora & Shawn Starr) #5545