-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit cockpit-doc cockpit-networkmanager cockpit-packagekit cockpit-sosreport cockpit-storaged cockpit-system
Architecture: all
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit    - Web Console for Linux servers
 cockpit-doc - Cockpit deployment and developer guide
 cockpit-networkmanager - Cockpit user interface for networking
 cockpit-packagekit - Cockpit user interface for packages
 cockpit-sosreport - Cockpit user interface for diagnostic reports
 cockpit-storaged - Cockpit user interface for storage
 cockpit-system - Cockpit admin interface for a system
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 d952acf163c21300e3207914747248b66e1ae1f5 130888 cockpit-doc_287.1-0+deb12u3_all.deb
 07d4752711305b514321d7e7e011e5f453edd31b 561592 cockpit-networkmanager_287.1-0+deb12u3_all.deb
 e36dd8e3e8afcbe8e6a0932a6e45225b95269120 708820 cockpit-packagekit_287.1-0+deb12u3_all.deb
 5cb2ca72f21743fa2b86e22d9a3c14a21fc16a7e 393884 cockpit-sosreport_287.1-0+deb12u3_all.deb
 6ea8900439e40b38f714f058c3f22f889ca49f07 699212 cockpit-storaged_287.1-0+deb12u3_all.deb
 f898348d8f828b552431e08063de682b27f9b0d4 2690576 cockpit-system_287.1-0+deb12u3_all.deb
 e19fdbd6355b13cebe99461a2f8924b359006a1f 12080 cockpit_287.1-0+deb12u3_all-buildd.buildinfo
 1f72891e9556996de045e27e7fb1830dd2ce8f5a 28140 cockpit_287.1-0+deb12u3_all.deb
Checksums-Sha256:
 0bf86777696a4a82d0eaf4ceddaec8c695746ddf5eea2091a6ca1949ebb00cee 130888 cockpit-doc_287.1-0+deb12u3_all.deb
 355971b595378b10eec896a541da23cc57cee0bc98d2f256c011fdf0fa75bc31 561592 cockpit-networkmanager_287.1-0+deb12u3_all.deb
 bb579c282766ef63a276c2366843e6f6d112867c43b8941c51d26af9d99bb890 708820 cockpit-packagekit_287.1-0+deb12u3_all.deb
 45f7fb89540a82a4ba494a975892ee4edf50be9bcc8ad01efff1404cc27d68b9 393884 cockpit-sosreport_287.1-0+deb12u3_all.deb
 b9ece1597dce815997928be9ca4fd16aa9885c3c5929fe6e76200007de9b8be0 699212 cockpit-storaged_287.1-0+deb12u3_all.deb
 3df78ed5635c0c125353e2ac212666ac4947df74014a0e50581cca7b86a5b6d4 2690576 cockpit-system_287.1-0+deb12u3_all.deb
 1ae2dfdd1cf418a5136843a5b8aaa2d25260d9a7ade777049488d111d2b4780a 12080 cockpit_287.1-0+deb12u3_all-buildd.buildinfo
 408202fd33c548bba7d98ca25dea2e96f9f79197eade4f7ccc03ab88f57de878 28140 cockpit_287.1-0+deb12u3_all.deb
Files:
 8331757cda6a3a05b09f442fe96ab368 130888 doc optional cockpit-doc_287.1-0+deb12u3_all.deb
 8ba892104b66783373fd368e5fdea217 561592 admin optional cockpit-networkmanager_287.1-0+deb12u3_all.deb
 4168e34386944b4b57dc9d7134eb41bb 708820 admin optional cockpit-packagekit_287.1-0+deb12u3_all.deb
 fa52eebc07853530fd875fc1b78255c5 393884 admin optional cockpit-sosreport_287.1-0+deb12u3_all.deb
 ee37c90dcfe5ee65c93d715117b0b560 699212 admin optional cockpit-storaged_287.1-0+deb12u3_all.deb
 2808c7efa60aab3dc34b84bb1aa755ba 2690576 admin optional cockpit-system_287.1-0+deb12u3_all.deb
 c0d078a669bcfb0895ae3152e86ec8c5 12080 admin optional cockpit_287.1-0+deb12u3_all-buildd.buildinfo
 67bba95f0bb9cb7d77dc0cc09815213c 28140 admin optional cockpit_287.1-0+deb12u3_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmazDqMACgkQ4cagXJhO
TXvPrxAArGq17B83iwgjWyo3iU7a5FL4Q2TUX5mtcw3cksGClyN5G83uEaeSDw5j
aQuLGvqWdum4fR6B5ezb4B3fw6Hjcz4EBE6IQNsb674tqfhbe38rmceNH9vDC6dv
U2Vseof74FMyCr0AnI+s92AgWYPj03tSkVHgd5tiZrAMJJTmbjk5PSoWDzcWmDA+
prErvlWPZ1WRlp5zylmGuwzNH0rQvOLWgVw8huzg0WswDRRyGrdWnQr+p+u+OW4y
+oWiGRDQZWl9OTaibGu+PIIbQb/7Xe2pzAlgUAQ8oM8h7y767JMTG4J8kXGi38eK
TsZIPRp8+QowIfkhfar0BSGUJY276ZqORRaqkBHc/1kLOiBgnqDbTmbfkNmcxkwh
uqOBgOG5NCE6RLWt4aR6g5I7EKHG+xkon9kB2POxxO67Ap7atA4Oor+4pLXaDmMc
nmxiSaMCgLUxD9xyp+oxz4Gh228XFIfKOGysV1B7K/OgPWKlXl4ZSyeJbzBJhzzX
d1FhjOn5JLkNilSuv0txsBDSfNpIfpH3AITirHeDfgLYqu4iW7xxAuDAMwh4pr7r
E2d5XJGSA+EsHYPX+8K9cE9TyiobjoqNXFgknsF2FkyQn4jJZq54vv0FB3h4RBZR
+pLUBZVmzy6u10AatVoK8Fmw1Fgl3tEn6ZPYYqWXuR/cRxbX4F4=
=DOnX
-----END PGP SIGNATURE-----