-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit-bridge cockpit-bridge-dbgsym cockpit-pcp cockpit-pcp-dbgsym cockpit-tests cockpit-tests-dbgsym cockpit-ws cockpit-ws-dbgsym
Architecture: armel
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit-bridge - Cockpit bridge server-side component
 cockpit-pcp - Cockpit PCP integration
 cockpit-tests - Tests for Cockpit
 cockpit-ws - Cockpit Web Service
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 f13ffc48af776315247d967c42fd145c6ed388a7 729476 cockpit-bridge-dbgsym_287.1-0+deb12u3_armel.deb
 bc2a2545fa41689f0eace8f815b5145daf6aa294 225000 cockpit-bridge_287.1-0+deb12u3_armel.deb
 d170a0154927b501d0669465419d586323077706 221272 cockpit-pcp-dbgsym_287.1-0+deb12u3_armel.deb
 50c451d4597b798990ac17fcfc1035a164fd0911 69700 cockpit-pcp_287.1-0+deb12u3_armel.deb
 8817093516f35ece45f3a1e24200e1969abab655 4696 cockpit-tests-dbgsym_287.1-0+deb12u3_armel.deb
 9b6078dabffcf4a9d107ed385f58325ca431a132 474952 cockpit-tests_287.1-0+deb12u3_armel.deb
 246f1cd3c2b97707a59d6d69bfc1a0fb7decfd36 458732 cockpit-ws-dbgsym_287.1-0+deb12u3_armel.deb
 df1b3da88b1a20a73fd2bbee8f0a986e32756a49 793156 cockpit-ws_287.1-0+deb12u3_armel.deb
 96059c7091206b1cf61cc4c66b18592db934d074 12293 cockpit_287.1-0+deb12u3_armel-buildd.buildinfo
Checksums-Sha256:
 b55c50a0b8e0b9991c251e89fcc0d5d161b03b8c707fd8804622f4ce30f45eb5 729476 cockpit-bridge-dbgsym_287.1-0+deb12u3_armel.deb
 b2bea8043997ca1efd41e2a69ef213f5d01b33d5d65f27e304298a0c3b63bc49 225000 cockpit-bridge_287.1-0+deb12u3_armel.deb
 aae8d8a1e817df2d2bbfaa7fb0373296aa8657341a0f4b06ee877bed007a46aa 221272 cockpit-pcp-dbgsym_287.1-0+deb12u3_armel.deb
 3fb544091d50279506e3ac8666c1b714becaab56a8a2042c917bdb0fd31ceae5 69700 cockpit-pcp_287.1-0+deb12u3_armel.deb
 a86b761379c12eae7a32ac8dd437b338bffb67272dac3cd28d5bd54990e5f2d9 4696 cockpit-tests-dbgsym_287.1-0+deb12u3_armel.deb
 6fc69550080ec0cd0e06a42425e15ea68d8b906eb4a9bc7523d09c5bd4a5dd0a 474952 cockpit-tests_287.1-0+deb12u3_armel.deb
 1194e94149853084945c1e1a146b716407fb65cf89da4ead6988fe53fd0ea8d1 458732 cockpit-ws-dbgsym_287.1-0+deb12u3_armel.deb
 20096866f4983a893cf9b923f8868c0c5578dbaed2dcb5ebd330e75b9021302a 793156 cockpit-ws_287.1-0+deb12u3_armel.deb
 53289a8a9c90178e7933ece0a1f0a83a5eb320edccecb0e585aefdfb99d462e3 12293 cockpit_287.1-0+deb12u3_armel-buildd.buildinfo
Files:
 87141840f3f7fb6304f8eefd0935e2dd 729476 debug optional cockpit-bridge-dbgsym_287.1-0+deb12u3_armel.deb
 59a0c141ed6534075d51749e1187bafd 225000 admin optional cockpit-bridge_287.1-0+deb12u3_armel.deb
 4ab937136dd16895a8a6db3cc3380dfa 221272 debug optional cockpit-pcp-dbgsym_287.1-0+deb12u3_armel.deb
 bb84233db7577fd05a4cdb92a4b1cb84 69700 admin optional cockpit-pcp_287.1-0+deb12u3_armel.deb
 f5783b49495eb01dd31242751368a580 4696 debug optional cockpit-tests-dbgsym_287.1-0+deb12u3_armel.deb
 aa0357364d743c2458e814743ceb43ba 474952 admin optional cockpit-tests_287.1-0+deb12u3_armel.deb
 edba4e35fff393c838934145ee6b8018 458732 debug optional cockpit-ws-dbgsym_287.1-0+deb12u3_armel.deb
 c0159197b6be6c8ea9bb138ea3fde35e 793156 admin optional cockpit-ws_287.1-0+deb12u3_armel.deb
 efcface839a7b7d71566a29427ce56a6 12293 admin optional cockpit_287.1-0+deb12u3_armel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElif5H+pIB11ZS5Aay8vyjiVDuNYFAmazEAAACgkQy8vyjiVD
uNbS9g/+M/NjurvvYgVx/buSIOsWXz8p+8RYKT84SSfe+NYy9LQHuyytgInKRZ/D
h2B1AXefSlUV6Da8Nq6d5bk4pu2YKbb/cHyaTDclaXdqnqYi8Vqlh1RiN4/xqW+C
l+uX9ixflr6u8j+eVFklOh6WCANjFIsKMx4xldjojjIYpNT6XREYEttjAOaYezD3
Wr05B5jwoOqsA5eXpJ/QlSnXHEAVIIoKpw9ptYkSxwNY5T0/LXGeEofZWdB+KCOR
ZjAgjbbBbG9P97onc00/gdNq6zzHbxn/C7TrBlET8HKsiezEd2hAMFBWOtsavtdM
rC4pZItey+mYHBa4/aDq2MkLCpc1FNEJ1DS/bzfEnF7ksLGsgvWXTRaCxaNY5zM9
+LTqyyzHPM8Zxvv0jfRSQxSb37mjg+jXOAgR+lx+KsXOzgD4Gsr2SVTSueQ2jXuR
id8ZDYht3Os8iHhSmvUiV85+ubZ7o4BLIeCA8xyvRLb6b1XB+x+zDDj3SeQdq8x4
YuyHEIGHtl4thm6ko4WtdNJdR6dRRkyocz1p8aeSQkmEvkBTBMojteLPYZDpCbjy
CruzR9TrPH4V52twBodLewA1UEYJiB4cefT/+fCkz/lr350I17zK9K+/KDtrM00a
tcZg1i1HNvNt4KO96rd+g3aaEXsU0/w6jodjs64ujtwRatVaCQM=
=2Eys
-----END PGP SIGNATURE-----