-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit-bridge cockpit-bridge-dbgsym cockpit-pcp cockpit-pcp-dbgsym cockpit-tests cockpit-tests-dbgsym cockpit-ws cockpit-ws-dbgsym
Architecture: s390x
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit-bridge - Cockpit bridge server-side component
 cockpit-pcp - Cockpit PCP integration
 cockpit-tests - Tests for Cockpit
 cockpit-ws - Cockpit Web Service
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 3c3f34463e46fcec92eed7ad80d57b42c6f14c48 709876 cockpit-bridge-dbgsym_287.1-0+deb12u3_s390x.deb
 de759f850e351f9b2b8469c4cc2d097d52249955 228072 cockpit-bridge_287.1-0+deb12u3_s390x.deb
 1988fb2eb2b3cfb238ef7127cb3e93c812020c0f 215692 cockpit-pcp-dbgsym_287.1-0+deb12u3_s390x.deb
 9ce4d75a0df3358ed1a9c630bad375f0413df2ac 69816 cockpit-pcp_287.1-0+deb12u3_s390x.deb
 05433664628928f549841bf595343e92283add05 4484 cockpit-tests-dbgsym_287.1-0+deb12u3_s390x.deb
 a7b34ed068d6051f6e3f507e63c10205349304f5 475024 cockpit-tests_287.1-0+deb12u3_s390x.deb
 512a17796ecf50d7a58dbfb2173714f82e90d56c 449380 cockpit-ws-dbgsym_287.1-0+deb12u3_s390x.deb
 8165bcf15c1c294e10d2c4211dfeae477c18337e 797592 cockpit-ws_287.1-0+deb12u3_s390x.deb
 f7aa5a7df71e7ae843cc1e2890f058d022b085a5 12331 cockpit_287.1-0+deb12u3_s390x-buildd.buildinfo
Checksums-Sha256:
 1eb9357dd6b2cd7d2daa7c03c5a85bd78a048480283996e9cf6a7eb1dbdbac60 709876 cockpit-bridge-dbgsym_287.1-0+deb12u3_s390x.deb
 da7d8b51fbf9a9310ed30cd46da409fb026395bcddca2837e4326477fd6f8ba3 228072 cockpit-bridge_287.1-0+deb12u3_s390x.deb
 c7bea2010b4e4dbacc8c7a71f1adbc6a3a66a5d18b46c9a4c48423d668e20a02 215692 cockpit-pcp-dbgsym_287.1-0+deb12u3_s390x.deb
 b5b68026bf104ac44eb279a82cff1606767f2870984c1f57c23bccaea45c1cdc 69816 cockpit-pcp_287.1-0+deb12u3_s390x.deb
 8802a299c94eca4ab1f062b3e743880e7ac066e2e6e0b7746038971a70342915 4484 cockpit-tests-dbgsym_287.1-0+deb12u3_s390x.deb
 43e44bb3f1cf5d719a323302b2314cb3a57a970440efbf54bb219ca567d6a228 475024 cockpit-tests_287.1-0+deb12u3_s390x.deb
 0f52923e0fac833fdd28b82bd320469ae658e729ce18f4596e639337a7da5ded 449380 cockpit-ws-dbgsym_287.1-0+deb12u3_s390x.deb
 1d2f563902b8d5f75e8a087320acb94312b93f3efbba420db7433f778e3820d9 797592 cockpit-ws_287.1-0+deb12u3_s390x.deb
 244135316030ffb380576c54e2acad73605afac57e49159f75be88bbb0da78de 12331 cockpit_287.1-0+deb12u3_s390x-buildd.buildinfo
Files:
 6ea20f8f066fc373fa890cec5eb0f424 709876 debug optional cockpit-bridge-dbgsym_287.1-0+deb12u3_s390x.deb
 71a84ffe033e0d1a98fa299eb1819c1e 228072 admin optional cockpit-bridge_287.1-0+deb12u3_s390x.deb
 7d1365548cd175c716b0c02fa4c8ca85 215692 debug optional cockpit-pcp-dbgsym_287.1-0+deb12u3_s390x.deb
 d70f72be9455a622e0f582206261c8de 69816 admin optional cockpit-pcp_287.1-0+deb12u3_s390x.deb
 7b7ab5ea0677a10506238f703c4d1e3d 4484 debug optional cockpit-tests-dbgsym_287.1-0+deb12u3_s390x.deb
 73ebbeb73e19940a934a6fcead0c9047 475024 admin optional cockpit-tests_287.1-0+deb12u3_s390x.deb
 27a9fd0556365f994432d6e1f942639a 449380 debug optional cockpit-ws-dbgsym_287.1-0+deb12u3_s390x.deb
 f676e3aa477133a522b64f2a960f9746 797592 admin optional cockpit-ws_287.1-0+deb12u3_s390x.deb
 6d96453fa3c177f8bc39f05e99ea66f7 12331 admin optional cockpit_287.1-0+deb12u3_s390x-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmazKzUACgkQ6b+AMjGg
QHiNCQ//eWJy2bgtM5t08AG7OUddPB4uLkdKqlD3ZHTYBx5BZRdglfMnofJR0KBE
o8vdhsNc3ao+jpjhT0o29itqDrPIydizV3WDNxEpyL8FEpO5OZpoWl+fr1LO04Jt
0oZPUN6RMvkhH2XU/qkt06qbbCIoAun62C9gFl5xQ+q63rQJZNSTudlNG8AqxAdE
MLkrFJHQXmuuHUsxdJs5yK6lsVWVA5UYude9jzpFual1ixbJ4TmSEGfb3+tEJq0a
MAM+13IZFQbUFnUweudc48GR9aMGtzA74nb3h4t0n3TEPTyJpEAgupvXZ5zD8JsI
q6Jfdpv6KNI1Gd3/FuOiVnp5bT1D5xnEMQvQHkAeLY01S6058sqXJrJOByOmo92K
r2LV+/q6EqI50S6EOyG5DhN79nPoaF/fjuQJZQAmemqpyvY0uXklYqNXVTiHKb09
30+l0zlYx1U5XZfdX4GWJejfVfHErK+CHbwmu/2AquDkSWKb44mfLp/tiMB3sLy1
fOS9vl2Pdei3xjhhb1iYSKXdQ5BnPC8wWgAuTnWvfQZSxlG/zJefprTXN/SHqjB7
0uxTODFUohES/HCohGbuW0LhUXB7FbEkfmDvmlO3/VrtTILHaSOenzzsGqqlO+zh
u30Hu0K+h9N8hiqScLctqvMH9EiVQ6OYnYcdrTEUbppMug+HcuI=
=rtjw
-----END PGP SIGNATURE-----