Debian Package Tracker
Register | Log in
Subscribe

icingaweb2

simple and responsive web interface for Icinga

Choose email to subscribe with

general
  • source: icingaweb2 (main)
  • version: 2.8.2-2
  • maintainer: Debian Nagios Maintainer Group (archive) (DMD)
  • uploaders: Markus Frosch [DMD]
  • arch: all
  • std-ver: 4.5.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • oldstable: 2.4.1-1
  • old-sec: 2.4.1-1+deb9u1
  • old-bpo: 2.6.2-3~bpo9+1
  • stable: 2.6.2-3+deb10u1
  • stable-sec: 2.6.2-3+deb10u1
  • testing: 2.8.2-2
  • unstable: 2.8.2-2
versioned links
  • 2.4.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.1-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.6.2-3~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.6.2-3+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.8.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • icingacli
  • icingaweb2
  • icingaweb2-common (1 bugs: 0, 0, 1, 0)
  • icingaweb2-module-doc
  • icingaweb2-module-monitoring
  • php-icinga
action needed
lintian reports 1 error high
Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.
Created: 2020-07-29 Last update: 2020-09-21 06:02
5 ignored security issues in stretch low
There are 5 open security issues in stretch.
5 issues skipped by the security teams:
  • CVE-2018-18246: Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module.
  • CVE-2018-18247: Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter.
  • CVE-2018-18248: Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string.
  • CVE-2018-18249: Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet.
  • CVE-2018-18250: Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.
Please fix them.
Created: 2018-12-19 Last update: 2020-12-23 05:36
news
[rss feed]
  • [2020-12-23] icingaweb2 2.8.2-2 MIGRATED to testing (Debian testing watch)
  • [2020-12-18] Accepted icingaweb2 2.8.2-2 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-12-18] Accepted icingaweb2 2.8.2-2~exp2 (source) into experimental (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-12-14] Accepted icingaweb2 2.8.2-2~exp1 (source) into experimental (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-08-25] icingaweb2 2.8.2-1 MIGRATED to testing (Debian testing watch)
  • [2020-08-24] Accepted icingaweb2 2.4.1-1+deb9u1 (source) into oldstable (Roberto C. Sanchez)
  • [2020-08-24] Accepted icingaweb2 2.6.2-3+deb10u1 (source all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Sebastiaan Couwenberg)
  • [2020-08-23] Accepted icingaweb2 2.6.2-3+deb10u1 (source all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Sebastiaan Couwenberg)
  • [2020-08-22] Accepted icingaweb2 2.8.2-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-07-05] icingaweb2 2.8.1-1 MIGRATED to testing (Debian testing watch)
  • [2020-06-30] Accepted icingaweb2 2.8.1-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-06-14] icingaweb2 2.8.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-06-09] Accepted icingaweb2 2.8.0-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-04-18] Accepted icingaweb2 2.8.0~rc1-1~exp2 (source) into experimental (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2020-03-15] Accepted icingaweb2 2.8.0~rc1-1~exp1 (source) into experimental (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-10-24] icingaweb2 2.7.3-1 MIGRATED to testing (Debian testing watch)
  • [2019-10-19] Accepted icingaweb2 2.7.3-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-08-21] icingaweb2 2.7.1-1 MIGRATED to testing (Debian testing watch)
  • [2019-08-16] Accepted icingaweb2 2.7.1-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-08-05] icingaweb2 2.7.0-1 MIGRATED to testing (Debian testing watch)
  • [2019-07-31] Accepted icingaweb2 2.7.0-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-07-13] icingaweb2 2.6.3-1 MIGRATED to testing (Debian testing watch)
  • [2019-07-07] Accepted icingaweb2 2.6.3-1 (source) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-04-25] Accepted icingaweb2 2.6.3-1~exp1 (source all) into experimental (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-03-23] Accepted icingaweb2 2.6.2-3~bpo9+1 (source) into stretch-backports->backports-policy, stretch-backports (Chris Boot)
  • [2019-03-15] icingaweb2 2.6.2-3 MIGRATED to testing (Debian testing watch)
  • [2019-03-05] Accepted icingaweb2 2.6.2-3 (source all) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • [2019-01-06] Accepted icingaweb2 2.6.2-2~bpo9+1 (source) into stretch-backports (Chris Boot)
  • [2018-11-29] icingaweb2 2.6.2-2 MIGRATED to testing (Debian testing watch)
  • [2018-11-23] Accepted icingaweb2 2.6.2-2 (source all) into unstable (Bas Couwenberg) (signed by: Sebastiaan Couwenberg)
  • 1
  • 2
bugs [bug history graph]
  • all: 3
  • RC: 0
  • I&N: 1
  • M&W: 2
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (1, 0)
  • buildd: logs, clang, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (-, 71)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.8.2-2
  • 3 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing