Julian Brost 8fed660891 Security: fix TLS certificate validation bypass ...

The previous validation in set_verify_callback() could be bypassed, tricking
Icinga 2 into treating invalid certificates as valid. To fix this, the
validation checks were moved into the IsVerifyOK() function.

This is tracked as CVE-2024-49369, more details will be published at a later time.

2024-10-22 10:43:13 +02:00

..

base

Security: fix TLS certificate validation bypass

2024-10-22 10:43:13 +02:00

checker

Actually wait for running checks

2019-05-29 10:33:29 +02:00

cli

Try to log useful information for exceptions thrown by RunWorker

2021-05-26 08:52:37 +02:00

compat

Revert "Make NotificationResult available for events: Cluster and Features"

2020-02-19 10:59:00 +01:00

config

WarnOnImplicitlySetGlobalVar(): warn only on sins inside actual DSL code

2019-09-25 12:25:12 +02:00

db_ido

IDO: Use own transaction for programstatus

2021-05-26 10:35:23 +02:00

db_ido_mysql

Remove passwords from API

2021-07-09 09:05:40 +02:00

db_ido_pgsql

Remove passwords from API

2021-07-09 09:05:40 +02:00

icinga

Merge pull request #8891 from Icinga/bugfix/trigger-fixed-downtimes-immediately-211

2021-07-08 15:33:52 +02:00

livestatus

Explicitly write the 1.x legacy attribute 'interval_length' for Livestatus

2019-08-07 15:23:04 +02:00

methods

Merge pull request #8043 from Icinga/bugfix/unify-application-start-times-v2114

2020-06-09 14:04:07 +02:00

mysql_shim

account for adjusted interface of mysql8 (now utilizes c99 bools instead of my_bool labelled chars)

2019-04-29 00:18:15 +02:00

notification

Don't send reminder notifications before suppressed ones

2020-09-30 10:30:21 +02:00

perfdata

GelfWriter: show error message of exceptions

2021-08-17 18:49:36 +02:00

pgsql_shim

Replace Copyright header with a short version, part II

2019-02-25 15:09:36 +01:00

remote

API: hide ApiListener#ticket_salt

2021-07-09 09:30:01 +02:00

CMakeLists.txt

Replace Copyright header with a short version, part II

2019-02-25 15:09:36 +01:00