File tree Expand file tree Collapse file tree 2 files changed +15
-1
lines changed Expand file tree Collapse file tree 2 files changed +15
-1
lines changed Original file line number Diff line number Diff line change @@ -7,6 +7,20 @@ documentation before upgrading to a new release.
77
88Released closed milestones can be found on [ GitHub] ( https://github.com/Icinga/icinga2/milestones?state=closed ) .
99
10+ ## 2.13.12 (2025-05-27)
11+
12+ This security release fixes a critical issue in the certificate renewal logic in Icinga 2, which
13+ might incorrectly renew an invalid certificate. However, only nodes with access to the Icinga CA
14+ private key running with OpenSSL older than version 1.1.0 (released in 2016) are vulnerable. So this
15+ typically affects Icinga 2 masters running on operating systems like RHEL 7 and Amazon Linux 2.
16+
17+ * CVE-2025 -48057: Prevent invalid certificates from being renewed with OpenSSL older than v1.1.0.
18+ * Fix use-after-free in VerifyCertificate(): Additionally, a use-after-free was found in the same
19+ function which is fixed as well, but in case it is triggered, typically only a wrong error code
20+ may be shown in a log message.
21+ * Windows: Update OpenSSL shipped on Windows to v3.0.16.
22+ * Fix a failing test case on systems ` time_t ` is only 32 bits #10344 .
23+
1024## 2.13.11 (2025-01-23)
1125
1226This bugfix release addresses several crashes,
Original file line number Diff line number Diff line change 1- Version: 2.13.11
1+ Version: 2.13.12
22Revision: 1
You can’t perform that action at this time.
0 commit comments