-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jul 2024 06:15:50 +0200
Source: cockpit
Binary: cockpit-bridge cockpit-bridge-dbgsym cockpit-pcp cockpit-pcp-dbgsym cockpit-tests cockpit-tests-dbgsym cockpit-ws cockpit-ws-dbgsym
Architecture: armhf
Version: 287.1-0+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 cockpit-bridge - Cockpit bridge server-side component
 cockpit-pcp - Cockpit PCP integration
 cockpit-tests - Tests for Cockpit
 cockpit-ws - Cockpit Web Service
Changes:
 cockpit (287.1-0+deb12u3) bookworm; urgency=medium
 .
   * Add 0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch:
     Cockpit’s pam_ssh_add module had a vulnerability when user_readenv is
     enabled in /etc/pam.d/cockpit (which is the default on Debian). This could
     cause a Denial of Service if a locally-authenticated user crafted a
     ~/.pam_environment file: it would kill an arbitrary process on the
     system with root privileges when logging out of a Cockpit session.
     Patch cherry-picked from upstream (08965365ac311f906a5).
     [CVE-2024-6126]
Checksums-Sha1:
 f8f4855ebc7f75b7715eee9526ce2e132121f09f 699928 cockpit-bridge-dbgsym_287.1-0+deb12u3_armhf.deb
 44e3e1137773afb128e2797f78c0360af04d1016 222652 cockpit-bridge_287.1-0+deb12u3_armhf.deb
 289c92f39f845b82a60797c43b054ddf40c7d508 213388 cockpit-pcp-dbgsym_287.1-0+deb12u3_armhf.deb
 d4a28f8e7a7538d3569b69639c92feb17a32e80d 68216 cockpit-pcp_287.1-0+deb12u3_armhf.deb
 1310e0adf18f54b34c38dd0f95117ebe035f87b8 4712 cockpit-tests-dbgsym_287.1-0+deb12u3_armhf.deb
 804856dd1c2dfaee452412caa2e5e540aac675e8 474892 cockpit-tests_287.1-0+deb12u3_armhf.deb
 d88fcda8682419201e7d1e2b083bd02059109531 446020 cockpit-ws-dbgsym_287.1-0+deb12u3_armhf.deb
 a30a0cdec518eae6a339f6792640b15a885908ee 792660 cockpit-ws_287.1-0+deb12u3_armhf.deb
 357739be4520c9ac00c069850a35aaef7db1a54d 12295 cockpit_287.1-0+deb12u3_armhf-buildd.buildinfo
Checksums-Sha256:
 ff70fbfdfd163bebcf5f7caa28bb4ce4e9e0055db4ae618c32ec71263313f57f 699928 cockpit-bridge-dbgsym_287.1-0+deb12u3_armhf.deb
 ca654a0c2a534d6d7ed2c18b32c1239c8bfe2d585f7d5189dd71cf2d98514b37 222652 cockpit-bridge_287.1-0+deb12u3_armhf.deb
 dbe0259ba97cfc2c3fb741d0f179b8f2a3821879d9f1550445ab5206f857ab87 213388 cockpit-pcp-dbgsym_287.1-0+deb12u3_armhf.deb
 5f98b26cca85ddbf342dd32d74495d684dd9aac5e1c37b314cd91df893886c2b 68216 cockpit-pcp_287.1-0+deb12u3_armhf.deb
 6d341ac2491f460506c9036c2a014539ae678c429fb13c58d9a6339d11529f5e 4712 cockpit-tests-dbgsym_287.1-0+deb12u3_armhf.deb
 8d3bc6767ccf3a2c97cdfdef8825382ce897688164c397963533992280061dc3 474892 cockpit-tests_287.1-0+deb12u3_armhf.deb
 c246d99c9349271962a60d6a51cfe9143353578ebf2d89c24e2b4d9c42877528 446020 cockpit-ws-dbgsym_287.1-0+deb12u3_armhf.deb
 d15d79b998708ae12306e7196a9c55775847adb0852f7180c36ead51314e3242 792660 cockpit-ws_287.1-0+deb12u3_armhf.deb
 0f676723eb667cba4760979ba1af024c3539a3c45530179518aefb1d9ccc7057 12295 cockpit_287.1-0+deb12u3_armhf-buildd.buildinfo
Files:
 8406c9cbc76214ee80e23d1bac7c5e10 699928 debug optional cockpit-bridge-dbgsym_287.1-0+deb12u3_armhf.deb
 bc9e6f56c227dc34094406fb40c905ef 222652 admin optional cockpit-bridge_287.1-0+deb12u3_armhf.deb
 3767df4c0755393e72c56a0c6310ebe5 213388 debug optional cockpit-pcp-dbgsym_287.1-0+deb12u3_armhf.deb
 97d79d32724ddaca6f9954a1ed976a38 68216 admin optional cockpit-pcp_287.1-0+deb12u3_armhf.deb
 af5f98a3e3325a5be79da656114bfd7a 4712 debug optional cockpit-tests-dbgsym_287.1-0+deb12u3_armhf.deb
 6f3da0c66a5bedfca2e3bd167ef33d06 474892 admin optional cockpit-tests_287.1-0+deb12u3_armhf.deb
 6c5921d57d09b977558c6e120d7bb9c8 446020 debug optional cockpit-ws-dbgsym_287.1-0+deb12u3_armhf.deb
 81ab7d95c8c69721bb603b074f4a0edd 792660 admin optional cockpit-ws_287.1-0+deb12u3_armhf.deb
 7d51a1bcab4cf79556c1f953757efab6 12295 admin optional cockpit_287.1-0+deb12u3_armhf-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmazDvwACgkQLffeOnPn
bLUcsg/9EV5dMCZ0c7TEQm0Lgm2VB/RF+D3urfsFNThKYxchNehmpY0uH3/c2JLU
A0lASv8HiPhgwnKguz/21Z7qUA7Gye+gmMbpU6+Fqudw5jKyHjnAp40Q1I4ZmrBv
qXuXuHj+w0a5edfEVdea8KH38uJ5qAMLDQAZ1aiaXUKbGU9WwMBxN0zOEjJKLHBa
NJnV4R3MlUHLfm5ZT6QrfR4q1S6qXmnA8fgq/xYItaA83jAJHiA6IbVJouXbR555
/e+YgQVKhIn79dmWNH1bJyfiCl2fLJ+L01wmDPVlIvfJ7TuzAagIa0teJHGrEjaU
bvcAcINJh7akTXqezrhsE2mfP+kqAkXs8Y9HaQvMchtOMj5jDB+5XCi/JQcsQeE1
0GeFcY9PuQtWTlMlOLbpPTk8jaqa+QK+kPfhtwoEd30hpwbBDMACIB9CmvQPHoDl
ceiWWfBOvkqw6sa+wWPIYUcEDdsuSr/lRkcmH+NHusDcM7Ip2tMRzo9aBQdJaCdy
HVPkfKeJCcWHriZSD/nQo8fDpq2S9se3j/k0hm3wNYcEB12Hfrw7jLHClyfs4dtr
GKFdJ5+EiBFjRMgpx2xCLhOpgFg57bakaoI6k1WbMez+86CoK4gHv9oN3wj9Br9/
8VHfmWPYGByuTCReSLnDY+HSPGFbOlkVkccxNVSsGoOQQg8Od2g=
=3DgF
-----END PGP SIGNATURE-----