[Pkg-nagios-devel] Bug#1087384: Bug#1087384: CVE-2024-49369: Security: fix TLS certificate validation bypass.
Sebastiaan Couwenberg
sebastic at xs4all.nl
Fri Nov 15 04:12:08 GMT 2024
On 11/14/24 9:05 PM, Louis-Philippe Véronneau wrote:
> I think this bug should be reopen and a security upload should be made ASAP to fix this critical issue.
It's not that critical, to quote the security tracker:
"
[bookworm] - icinga2 <no-dsa> (Will be fixed via point release; Only affects deployments with access to Icinga API via client certificates)
"
The bookworm-pu has been submitted:
https://bugs.debian.org/1087411
You can build the bookworm branch yourself if you want to deploy the fix sooner:
https://salsa.debian.org/nagios-team/icinga2/-/tree/bookworm?ref_type=heads
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
More information about the Pkg-nagios-devel
mailing list