icingacoreWhile we’ve released 1.11.0 including a fix for buffer overflow detected and fixed by Tim Landscheidt (Wikimedia), there’s now a CVE number for that: CVE-2014-2386. Therefore we’re releasing 1.10.4 and 1.9.6 containing this security fix amongst a bunch of other backported fixes. Older release branches <1.9.x require an update to the latest and greatest.

Changelogs: 1.9.61.10.41.11.1

1.11.1 contains the updated CVE entry, and fixes some IDOUtils bugs that affect Oracle and Postgresql databases. The Classic UI time-picker ‘am/pm’ display was fixed too. Last but not least Classic UI 1.11.1 ships with an experimental feature required for Icinga 2 only – to display the host’s check service in the details view (relevant the upcoming Icinga 2 0.0.9).

Downloads are available on Github as tarballs, and package builds will follow soon.