Today we release Version Icinga 2.8.2, a bugfix release with a focus on security. Most of these have been brought to our attention by the community and we are very thankful for that. Special thanks to Michael H., Julian and Michael O., who helped by reporting and assisting us in fixing security bugs. CVEs have also been requested for these issues, they are as follows: CVE-2017-16933, CVE-2018-6532, CVE-2018-6533, CVE-2018-6534, CVE-2018-6535, CVE-2018-6536. The full advisory from Michaels point of view can be found on his website.
As a side effect of these fixes a few things need to be considered during the upgrade:
For one, the init.conf is gone. Everything that used to be configured in there, ie. Icinga user, Icinga group and resource limits, are now found in the sysconfig file (usually
/etc/sysconfig/icinga2). This means if you did manually edit
init.conf, to change the user icinga 2 runs as for example, you will have to move these changes to the sysconfig. See the documentation for details. Secondly we added the cli command
icinga2 api user which can be used to create ApiUser object configuration with hashed password strings.
If you did not change anything in
init.conf, all of this is optional and additive and the upgrade path is safe.
Additional changes and details can be found in the changelog.
Updating is strongly recommended. We are striving to make Icinga 2 as secure as possible, to that end we created a security mailbox for you to send us security reports and vulnerability information. We support the responsible disclosure of vulnerabilities and therefore ask for sufficient time to patch the issue before publishing the details.
Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.
After weeks of development with a lot of brainpower being invested we have finally finished the first stable release of our Graphite integration into Icinga Web 2. The new features include a searchable graphs dashboard, multi-client capability and much more – read on.
Icinga Camp Berlin is happening right now, and as promised in my talk about “Dev and ops stories: Integrations++” we are proud to bring you Dashing for Icinga 2 in its v2.0.0 release ❤️
Some highlights from the Changelog:
- Local configuration file icinga2.local.json
- Environment variables (for containers)
- Icinga Web 2 Iframe URL config
- Refined layout and style
Icinga is coming to Berlin for the 3rd time next week, and we are super excited to share the latest developments with you. And of course to meet again with our awesome community and have a couple of G&Ts :) If you can’t make it, our first Icinga Camp New York happens on March 16th the week after!
Under the hood, many things are going on – bugfix sprints, module development, and much more. Eric will tell you about the current development status and our future roadmap in his talk at Icinga Camp Berlin. Still not convinced? You can ask him anything in person too :)
This years IcingaCamp in Berlin is coming closer and closer, and the line-up looks amazing! IcingaCamp is a day full of monitoring madness right in the heart of Berlin. We bring together users and developers and provide a platform for thought-provoking discussions. The line-up of this years IcingaCamp in Berlin includes insightful talks about the current state of Icinga, upcoming projects and of course best practices.