-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit-bridge cockpit-bridge-dbgsym cockpit-pcp cockpit-pcp-dbgsym cockpit-tests cockpit-tests-dbgsym cockpit-ws cockpit-ws-dbgsym
Architecture: arm64
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit-bridge - Cockpit bridge server-side component
 cockpit-pcp - Cockpit PCP integration
 cockpit-tests - Tests for Cockpit
 cockpit-ws - Cockpit Web Service
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 dd2a89107acda4cf63512497f523f2d76a47b547 718376 cockpit-bridge-dbgsym_287.1-0+deb12u3_arm64.deb
 f3e01181dab79af7f4dea0a02314173f163b414c 232184 cockpit-bridge_287.1-0+deb12u3_arm64.deb
 a468da8fafc7bfeac64b97c572fdafae251ed899 217100 cockpit-pcp-dbgsym_287.1-0+deb12u3_arm64.deb
 971bc8a90ef5a29c262b0de41ef5afeb31beb96f 71904 cockpit-pcp_287.1-0+deb12u3_arm64.deb
 81c151624aa1bd7a409966ca241d9b2b69460289 4724 cockpit-tests-dbgsym_287.1-0+deb12u3_arm64.deb
 12250952b108545301ef6766b76d8a239f67e7bd 475240 cockpit-tests_287.1-0+deb12u3_arm64.deb
 4b82fbf8ac9b7c19d2a6520d215d043c1610537a 456348 cockpit-ws-dbgsym_287.1-0+deb12u3_arm64.deb
 f0ab9dcef42ce4b0e2d4ee272d363f3024b1ee9b 802308 cockpit-ws_287.1-0+deb12u3_arm64.deb
 fb6d7015dd199cc1c080ac78ae49f6d99cb45d5c 12419 cockpit_287.1-0+deb12u3_arm64-buildd.buildinfo
Checksums-Sha256:
 27094368fa05ca9b72b8dbafb278bd8f7f0283281b534ee46bd043d5fceac473 718376 cockpit-bridge-dbgsym_287.1-0+deb12u3_arm64.deb
 de5a76b144272bc20a531f4f869fbc57f4489a915f5e34e44f50904bfb0d3d25 232184 cockpit-bridge_287.1-0+deb12u3_arm64.deb
 5835e9b48bdb025a6e549b1a8c733680d61861f65ba184597550777c77e1e2d2 217100 cockpit-pcp-dbgsym_287.1-0+deb12u3_arm64.deb
 935c3178395cfacd56f289190435fd5e4cc1819537bbaa0ec90a7e565c76825e 71904 cockpit-pcp_287.1-0+deb12u3_arm64.deb
 e133faee76f9e7556020f4f8db5408bce35358131820092c97346568bd70386b 4724 cockpit-tests-dbgsym_287.1-0+deb12u3_arm64.deb
 43bafb444a0ca65489909c6ab9b3801d35a5d3f3d8e96012c69cb1d2eccf3c13 475240 cockpit-tests_287.1-0+deb12u3_arm64.deb
 cce5eb530349daded7815f3faa88a63da7b77312721bd27198fe67342cd10bf4 456348 cockpit-ws-dbgsym_287.1-0+deb12u3_arm64.deb
 525e59bcc2e825764ad58a67290492d00b0e729939a24f911b19700553c6deab 802308 cockpit-ws_287.1-0+deb12u3_arm64.deb
 cd04124ff41312da22c7e155324e6020bd39b6fac291dde639d732fb6a2d436d 12419 cockpit_287.1-0+deb12u3_arm64-buildd.buildinfo
Files:
 d7644162570171f487c192839301ff3c 718376 debug optional cockpit-bridge-dbgsym_287.1-0+deb12u3_arm64.deb
 181db013bed744d21d7372073f1bbf05 232184 admin optional cockpit-bridge_287.1-0+deb12u3_arm64.deb
 4a4fd62e3d1d5234c02b940751a1eb41 217100 debug optional cockpit-pcp-dbgsym_287.1-0+deb12u3_arm64.deb
 e63d03044c1ae6b5d42c46d399e6b8b2 71904 admin optional cockpit-pcp_287.1-0+deb12u3_arm64.deb
 884da9a97f6d34c96347bff753baaafc 4724 debug optional cockpit-tests-dbgsym_287.1-0+deb12u3_arm64.deb
 bd06314256e4616633fe70263f1e8e5b 475240 admin optional cockpit-tests_287.1-0+deb12u3_arm64.deb
 c1048026335dd8381b31695c3758c118 456348 debug optional cockpit-ws-dbgsym_287.1-0+deb12u3_arm64.deb
 a69781e278b2280bcfe03aee17d9c103 802308 admin optional cockpit-ws_287.1-0+deb12u3_arm64.deb
 22a436c97e8cfd1297a389a03c2f8127 12419 admin optional cockpit_287.1-0+deb12u3_arm64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmazDowACgkQLffeOnPn
bLUy8hAApINJrCJOtZp7GXV+AH3vEqW5e5D5JuD01MvCzDlKQkEQcuSBrSdTx8u8
/mzixpZ8jaxf5p33biy2WnzohQVsEwD0ahc+J7TX4af3EcSXrzMvz5P+T1ObvJOf
K4uMJMPB4aCjOqN2w0KOAfJ1WauKbCcl3geh/NLx/hVZcykJa3u9xyrzqoYWxldn
M24vt/WP2JMWWorNW4+AHlO1tHdKGh+NUHSZaVJy6a44BA0LBKthpHAh+yO6jORW
/E9zh7XifGD+gemx4pJLaJbWhC2iYDKg2N7LMszbXHNKUQ3Yp9pPdT2MOzyVbXrk
gN9ge01JAseq8h28ZfV+9B6M+Q66GHxeyGhlQnSaeHgy4BQ4C23K46ccaF8NRCOG
+EWzFYLDG/2xD1VYDj2sWNmkJq2ZF6OkGS943Xa0/Yg6jqExpapmzMwfU3ufXakU
aPV7z4888Y4Z44DM45Tpd5tFE/VIkQO2+N7nz2kXEdZZa4WYVuaqauF0LAvBWXGM
WWhs6nRIwF9SUpfQ932WKlFP49Mp6vWXikO7rwO2/knKLJjLhyPPuQNQQ7vwl6Ao
80y5e5ZNQ9wwRSFZuGajItKrJvbwBNhBdS0sNlgC0OctfASrHxEv+p4O7YwFLfNI
9vgo/cWtV05EOVI78Bic1Dg8XSA0nnxxGygQx77U29DnENx5a64=
=ShO8
-----END PGP SIGNATURE-----