Skip to content

Icinga Web Version 2.8.6
Compare
Choose a tag to compare
@nilmerg nilmerg released this 08 Mar 13:30
v2.8.6
This tag was signed with the committer’s verified signature.
nilmerg Johannes Meyer
GPG key ID: 3AA28CA0DD71E457
Learn about vigilant mode.
2a176fa

What's New in Version 2.8.6

Notice: This is a security release. It is recommended to upgrade to this release if you don't plan to upgrade to v2.9.x.

Security Fixes

This release includes two security related fixes. Both were published as part of a security advisory on Github.
They allow admins to run arbitrary PHP code just by accessing the UI and may disclose unwanted details to
restricted users. Please check the respective advisory for details.

  • SSH resources allow arbitrary code execution for authenticated users GHSA-v9mv-h52f-7g63
  • Unwanted disclosure of hosts and related data, linked to decommissioned services GHSA-qcmg-vr56-x9wf
Assets 2
Loading