Build: Update of libssl #737
Comments
|
Thank you for your report. Can you provide these details as well? Which variant of the Monitoring Plugins do you use?
Plugin Version
|
|
Hi Markus It looks like the same library version. I used the following command and the output is the same with both versions, also the filesize is the same. $ strings libssl.so.10 | grep "1.0" |
|
We'll have a look, thank you. |
|
Any news here? |
|
To ensure maximum compatibility between different Linux versions (keyword: glibc), as of today (2024-05-29) all plugins for the .zip/tar.gz file are compiled on CentOS 7. CentOS 7 currently ships with On 2024-06-30 CentOS 7 will reach its EOL. We still need to check which platform we want to compile our plugins on after that to get maximum compatibility for the resulting binaries. So we will not fix this for now. However, the problem will be solved with a new release after 2024-06-30. |
|
So it's been a while since 2024-06-30. Any plans for a new release @markuslf with fixed version of openssl? Our Vulnerability Management would be thankful to get an info update. |
|
Build process will run on Rocky 8 with libc.so.6 2.28 and OpenSSL 1.1.1k soon. |
Describe the solution you'd like
Hi
A security-scan of our icinga installation reported a problem with libssl.so.10, which is included in the _internal folder of the compiled plugins.
See:
https://cve.org/CVERecord?id=CVE-2022-1292
http://www.nessus.org/u?d5a8df0f
It would be good, to have a new release of the plugins with the libssl updated to the newest version.
Regards, Matthias
Additional context
No response
The text was updated successfully, but these errors were encountered: