Icinga 2.8.3 released

Today we are releasing a new support version of Icinga 2.8, a small one to pass the time until 2.9. This release includes fixes for the InfluxDB and Elasticsearch features. Please note that Elasticsearch 6 support is coming with 2.9. In addition to the fixes we’ve added support for multiple check parameters for the check_nscp_api plugin and working sysconfig/defaults variables support, you’ll also find many documentation updates. For this release you don’t need to follow any special upgrade procedure, upgrading is safe.

Additional changes and details can be found in the changelog.

As always official packages are available on packages.icinga.com while community repositories might need a bit to catch up.

Update 2018-04-25 16:45 CEST: Users reported problems from a regression. We have therefore released v2.8.4.

Icinga 2.8.2 released

Today we release Version Icinga 2.8.2, a bugfix release with a focus on security. Most of these have been brought to our attention by the community and we are very thankful for that. Special thanks to Michael H., Julian and Michael O., who helped by reporting and assisting us in fixing security bugs. CVEs have also been requested for these issues, they are as follows: CVE-2017-16933, CVE-2018-6532, CVE-2018-6533, CVE-2018-6534, CVE-2018-6535, CVE-2018-6536. The full advisory from Michaels point of view can be found on his website.

As a side effect of these fixes a few things need to be considered during the upgrade:
For one, the init.conf is gone. Everything that used to be configured in there, ie. Icinga user, Icinga group and resource limits, are now found in the sysconfig file (usually /etc/sysconfig/icinga2). This means if you did manually edit init.conf, to change the user icinga 2 runs as for example, you will have to move these changes to the sysconfig. See the documentation for details. Secondly we added the cli command icinga2 api user which can be used to create ApiUser object configuration with hashed password strings.

If you did not change anything in init.conf, all of this is optional and additive and the upgrade path is safe.

Additional changes and details can be found in the changelog.

Updating is strongly recommended. We are striving to make Icinga 2 as secure as possible, to that end we created a security mailbox for you to send us security reports and vulnerability information. We support the responsible disclosure of vulnerabilities and therefore ask for sufficient time to patch the issue before publishing the details.

Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

Dashing for Icinga 2 v2.0.0 released

Icinga Camp Berlin is happening right now, and as promised in my talk about “Dev and ops stories: Integrations++” we are proud to bring you Dashing for Icinga 2 in its v2.0.0 release ❤️

Some highlights from the Changelog:

You can test-drive the release inside the “standalone” Icinga Vagrant box, and download it here.

Enjoy!

Bugfix releases: Icinga 2 v2.8.1 and Icinga Web 2 v2.5.1

We are happy to announce new bugfix releases for Icinga 2 and Icinga Web 2.

Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

 

Icinga 2 v2.8.1

This release fixes a bug where Icinga 2 could crash after an API object was created at runtime. It also fixes the Windows installer problem with missing DLLs. This was also the reason for missing Chocolatey packages, v2.8.1 is available again. Community members started to build packages for Solaris/OpenIndiana, this release helps with minor fixes.

In mixed update scenarios with the master being 2.8 but clients with 2.7, the cluster log message were too verbose with the removed “UpdateRepository” functionality. v2.8.0 also added a default for the “ssl_sni” attribute which broke some checks. This regression has been fixed. In addition to that, there are fixes for the plugins and documentation all over the place.

More details in the Changelog.

 

Icinga Web 2 v2.5.1

This release provides a sponsored feature request for a detail view inside the event history view. We’ve also split out the check source and reachable rows inside the host/service detail view to make to more clear. Furthermore, this version censors sensitive information (e.g. LDAP passwords) in exception stack traces.

In case you’re having trouble with configuration parsing errors, the error handling has now been fixed. Please do note that ‘#’ as comments don’t work in INI configuration files. In addition to that, a fix for restrictions for the service detail view has been applied.

More details in the Changelog.