We solved an issue that affected icinga2. If the cleanup of the http sessions in the execute-script endpoint ran during a request, the re-balance in the internal datastructure would corrupt the requests memory, resulting in erroneous behaviors or crashes of icinga2.
List of updated packages
To solve the issues mentioned above, the following packages have been updated for NetEye 4.45:
icinga2, icinga2-autosetup, icinga2-bin, icinga2-common, icinga2-configurator, icinga2-ido-mysql, icinga2-ido-pgsql, icinga2-neteye-config, icinga2-resources to version 2.15.1_neteye1.64.2-1
Important: Keycloak security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the keycloak packages is now available for NetEye 4. Security Fix for NetEye 4.48 26.6.2_neteye1.40.0-1 Summary This vulnerability allows an attacker Read More
Fix HEAD HTTP method not supported We resolved a compatibility issue affecting HEAD requests to NetEye endpoints. These requests could previously time out because the method was not fully supported by the underlying architecture. As a result, some procedures could Read More
Fix IcingaDB password file sync on all cluster nodes. We have resolved an issue that caused an IcingaDB password file to be present only on one node in a cluster installation. This could lead to failures during NetEye updates and Read More
Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.47 10.0.25_neteye1.18.0-1 Summary The vulnerabilities include two Stored Read More
Node export in the Tornado Processing Tree was broken on Firefox The bug was caused by a divergence between Firefox and Chrome in blob handling with CSP. Issue resolved, behavior is now consistent across both browsers. List of updated packages Read More
