1 new commit since last upload, is it time to release?
normal
vcswatch reports that
this package seems to have new commits in its VCS but has
not yet updated debian/changelog. You should consider updating
the Debian changelog and uploading this new version into the archive.
Here are the relevant commit logs:
commit 9792dc5a66bbfd06ca98cca478c6bb90713ed7bc
Author: Bas Couwenberg <sebastic@xs4all.nl>
Date: Sun Aug 24 20:15:20 2025 +0200
Remove mips* from rules.
CVE-2025-48057:
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/i/icinga2.png){kind=link}