* Fix possible root privilege escalation during opening logs (CVE-2016-9566) #13709 Icinga is **not** vulnerable to CVE-2016-9565 since we do not provide any PHP files nor external advertising RSS feeds inside the Classic UI. I've fast stablized 1.13.4 and 1.14.0 (both have the fix) and cleaned bad packages. I'll be opening a seperate bug for icingaweb. Reproducible: Always
New GLSA request filed.
This issue was resolved and addressed in GLSA 201612-51 at https://security.gentoo.org/glsa/201612-51 by GLSA coordinator Aaron Bauman (b-man).