Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package patchinfo.16673 for
openSUSE:Leap:15.2:Update checked in at 2021-07-12 06:06:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.16673 (Old)
and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.16673.new.2625 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.16673"
Mon Jul 12 06:06:19 2021 rev:1 rq:905122 version:unknown
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="16673">
<issue tracker="cve" id="2020-29663"/>
<issue tracker="bnc" id="1180147">VUL-0: CVE-2020-29663: icinga2: ignoring
CRL, where revoked certificates due for renewal will automatically be
renewed</issue>
<packager>lrupp</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for icinga2</summary>
<description>This update for icinga2 fixes the following issues:
icinga2 was updated to 2.12.4
* Bugfixes
- Fix a crash when notification objects are deleted using the
API #8782
- Fix crashes that might occur during downtime scheduling if
host or downtime objects are deleted using the API #8785
- Fix an issue where notifications may incorrectly be skipped
after a downtime ends #8775
- Don't send reminder notification if the notification is still
suppressed by a time period #8808
- Fix an issue where attempting to create a duplicate object
using the API might result in the original object being
deleted #8787
- IDO: prioritize program status updates #8809
- Improve exceptions handling, including a fix for an uncaught
exception on Windows #8777
- Retry file rename operations on Windows to avoid intermittent
locking issues #8771
- Update to 2.12.3
* Security
- Fix that revoked certificates due for renewal will
automatically be renewed ignoring the CRL
(Advisory / CVE-2020-29663 - fixes boo#1180147 )
* Bugfixes
- Improve config sync locking - resolves high load issues on
Windows #8511
- Fix runtime config updates being ignored for objects without
zone #8549
- Use proper buffer size for OpenSSL error messages #8542
* Enhancements
- On checkable recovery: re-check children that have a problem
#8506
- Update to 2.12.2
* Bugfixes
- Fix a connection leak with misconfigured agents #8483
- Properly sync changes of config objects in global zones done
via the API #8474 #8470
- Prevent other clients from being disconnected when replaying
the cluster log takes very long #8496
- Avoid duplicate connections between endpoints #8465
- Ignore incoming config object updates for unknown zones #8461
- Check timestamps before removing files in config sync #8495
* Enhancements
- Include HTTP status codes in log #8467
</description>
</patchinfo>
