-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit-bridge cockpit-bridge-dbgsym cockpit-pcp cockpit-pcp-dbgsym cockpit-tests cockpit-tests-dbgsym cockpit-ws cockpit-ws-dbgsym
Architecture: i386
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: amd64 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit-bridge - Cockpit bridge server-side component
 cockpit-pcp - Cockpit PCP integration
 cockpit-tests - Tests for Cockpit
 cockpit-ws - Cockpit Web Service
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 e62f006c272b74275edc1e4ec4202dce8fa885be 604804 cockpit-bridge-dbgsym_287.1-0+deb12u3_i386.deb
 76254cd53080af64b4cda9a4ac178fd7b27b5c90 268372 cockpit-bridge_287.1-0+deb12u3_i386.deb
 c494b6f3344fb66cb794bcc99a1cfc147b4a73d3 183404 cockpit-pcp-dbgsym_287.1-0+deb12u3_i386.deb
 8df56c90c49b61bb5642a0a2d1d918bf83542cb5 84436 cockpit-pcp_287.1-0+deb12u3_i386.deb
 65b9b7842590c93862554c9e0f6c016eae18a353 4324 cockpit-tests-dbgsym_287.1-0+deb12u3_i386.deb
 19b3129f930ed5a0ba9fe78b75e95954e8837f4a 475192 cockpit-tests_287.1-0+deb12u3_i386.deb
 d0b4cb5c6fbfd3f81b5001a87119edfc933c6887 386860 cockpit-ws-dbgsym_287.1-0+deb12u3_i386.deb
 1c6ee1606587c046dc18f5fafff3f8e9c7293ee2 823880 cockpit-ws_287.1-0+deb12u3_i386.deb
 5cb40fc74f23ee5a38152230ee86dc9cf92efd13 12342 cockpit_287.1-0+deb12u3_i386-buildd.buildinfo
Checksums-Sha256:
 0cd006a70f5ec1934279f45a674e60a6fcd757d0e4198c9bb0715d5ee4b49afa 604804 cockpit-bridge-dbgsym_287.1-0+deb12u3_i386.deb
 e8b5fcf57222157b87d2f58aa3a4985921fba7a1bd2dfe535497560cda86a769 268372 cockpit-bridge_287.1-0+deb12u3_i386.deb
 166a482f4f69c98273341ce06e9877162232d48717359264f3e158e34a3d38a6 183404 cockpit-pcp-dbgsym_287.1-0+deb12u3_i386.deb
 2bb9aeadad8beba751cde74bd2643e1f7ca6f274197e90b23f617837606c6527 84436 cockpit-pcp_287.1-0+deb12u3_i386.deb
 cd7fb2c9c6d54123924254226f4c3f2ab43508d6a402db121fc0524d8ffef6ce 4324 cockpit-tests-dbgsym_287.1-0+deb12u3_i386.deb
 3aa4b3a96555854043fb1355c18aad71453d01846f4f588ed2eb69a9acdd8ba9 475192 cockpit-tests_287.1-0+deb12u3_i386.deb
 3e83bc466ceee247107110e81e5fb48606f558cfc8885da97f488c617ee19493 386860 cockpit-ws-dbgsym_287.1-0+deb12u3_i386.deb
 2883462fc39568b177e4ffeed7935c58f2a1fdb7617b20fe249a4ad6eecaac77 823880 cockpit-ws_287.1-0+deb12u3_i386.deb
 2ce2043599844dae62bd7457093a948a2aff4714828c6c5d5f2869ea2147e820 12342 cockpit_287.1-0+deb12u3_i386-buildd.buildinfo
Files:
 8c6ac5135134380877f0db9f0e80f2ca 604804 debug optional cockpit-bridge-dbgsym_287.1-0+deb12u3_i386.deb
 bf514c363e53348434d4c21ed5ded72b 268372 admin optional cockpit-bridge_287.1-0+deb12u3_i386.deb
 b82391f13057cd8fcad14fd768e7bed5 183404 debug optional cockpit-pcp-dbgsym_287.1-0+deb12u3_i386.deb
 64fe1d99e2c35f9a231f7a6eb91d7399 84436 admin optional cockpit-pcp_287.1-0+deb12u3_i386.deb
 9dfbf063a5b6d5421bb067f6c15aec28 4324 debug optional cockpit-tests-dbgsym_287.1-0+deb12u3_i386.deb
 27783fb9bec8ee355e844e1ccca31d8d 475192 admin optional cockpit-tests_287.1-0+deb12u3_i386.deb
 46f3e04608fad24a0483634c5618f707 386860 debug optional cockpit-ws-dbgsym_287.1-0+deb12u3_i386.deb
 94f3484c7a799a315e0d6a564b0731cf 823880 admin optional cockpit-ws_287.1-0+deb12u3_i386.deb
 ca9cd1d71cab17f4ae0368ec51df0a6c 12342 admin optional cockpit_287.1-0+deb12u3_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmazEUoACgkQgDm7h4zf
CpIzrhAAgSelWqPGAwjOugIp2vbhDZ7DtlBE//mtdkeF5wyGx5Il4hveO1OsNaxX
TBYHzDYqbdT+GtF45JGPz74sW/fiPmiV4zhe4Z4tEeUFNzc0IZzQxv9UNm1iHgbf
HIOAEprSEm+6gxPnj9M3+I2vcE/f55uzt0I8ePBx5UzGBAKGfL5BxQ5YnA53rxCc
aOE7Hn8h14z36u17RHeoEiMLAI2PrXLGS421W1x8IpV7+2a5jj+xbu5aeeNPePXf
hNp770UBF6v+Vzykgu+JdBLfK2u6PX7I41lTDyhQ22rExF3eyh6HMC0RdFYg+O3u
HUkyeWe61RDL+u5ppqTwYtTDtjm25FPMGcj5Io7IZU5k888Z7EuX2M4WTy0n7CgN
Y/QT01baCj3IGkKU1phij9bufMczK8cVmwoAPdsXlnoEWnGfDE3phYMlSw1n8RiG
oWoS/G4KKX1RtIbh0k2BkeokrcZMYu/6AuLiaz3kpibeNwr+ef1kCgzcxOTT0sWQ
EYQtWbMAxw/rC/5bsMv8U4iKw5lMDTfc1DdsJvzdLnrO2l/1PnSV3I1zsg39xO9u
Hl2kyYYpp9m4xe6UAIfOHu3qAhjB1bFp9MVIiYy7yf2iklhxlToKzmOC2k+JSHi8
/FtC59JSx/VGteViVCM0GRFSBeIZzrTia00+oluPaV+wJBzdcQs=
=eVgV
-----END PGP SIGNATURE-----