From e2dc726076f54fac7d8ca862e078ce16fb08a4b6 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Mon, 28 Oct 2024 16:16:44 +0100
Subject: [PATCH] Icinga 2.12.11

---
 CHANGELOG.md    | 9 +++++++++
 ICINGA2_VERSION | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 63867d1a5..ce065acac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,15 @@ documentation before upgrading to a new release.
 
 Released closed milestones can be found on [GitHub](https://github.com/Icinga/icinga2/milestones?state=closed).
 
+## 2.12.11 (2024-11-12)
+
+This security release fixes a TLS certificate validation bypass.
+Given the severity of that issue, users are advised to upgrade all nodes immediately.
+
+* Security: fix TLS certificate validation bypass. CVE-2024-49369
+* Security: update OpenSSL shipped on Windows to v3.0.15.
+* Windows: sign MSI packages with a certificate the OS trusts by default.
+
 ## 2.12.10 (2023-02-16)
 
 This security release updates Boost and OpenSSL libraries bundled on Windows
diff --git a/ICINGA2_VERSION b/ICINGA2_VERSION
index 8ea8222ad..0f1722dc5 100644
--- a/ICINGA2_VERSION
+++ b/ICINGA2_VERSION
@@ -1,2 +1,2 @@
-Version: 2.12.10
+Version: 2.12.11
 Revision: 1