Today, we are releasing security updates for Icinga 2 and Icinga DB Web fixing multiple security issues. Two of them allow authenticated API users to learn restricted information or crash Icinga 2. On Icinga 2, a third issue affecting the provided scripts allows a limited privilege escalation where the Icinga 2 daemon user can trick root into sending signals to arbitrary processes. In a similar way to Icinga 2, Icinga DB Web also allowed restricted user accounts to guess internal variables us...| Icinga