openSUSE-SU-2024:0206-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0206-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0206-1
Related
Published
2024-07-21T12:01:36Z
Modified
2024-07-21T12:01:36Z
Summary
Security update for cockpit
Details

This update for cockpit fixes the following issues:

  • new version 320:

    • pam-ssh-add: Fix insecure killing of session ssh-agent (boo#1226040, CVE-2024-6126)

  • changes in older versions:

    • Storage: Btrfs snapshots
    • Podman: Add image pull action
    • Files: Bookmark support
    • webserver: System user changes
    • Metrics: Grafana setup now prefers Valkey
  • Invalid json against the storaged manifest boo#1227299
References

Affected packages

SUSE:Package Hub 15 SP6 / cockpit

Package

Name
cockpit
Purl
pkg:rpm/suse/cockpit&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
320-bp156.2.6.3

Ecosystem specific 

{
    "binaries": [
        {
            "cockpit-ws": "320-bp156.2.6.3",
            "cockpit-packagekit": "320-bp156.2.6.3",
            "cockpit": "320-bp156.2.6.3",
            "cockpit-doc": "320-bp156.2.6.3",
            "cockpit-bridge": "320-bp156.2.6.3",
            "cockpit-devel": "320-bp156.2.6.3",
            "cockpit-networkmanager": "320-bp156.2.6.3",
            "cockpit-pcp": "320-bp156.2.6.3",
            "cockpit-storaged": "320-bp156.2.6.3",
            "cockpit-system": "320-bp156.2.6.3",
            "cockpit-kdump": "320-bp156.2.6.3",
            "cockpit-selinux": "320-bp156.2.6.3"
        }
    ]
}

openSUSE:Leap 15.6 / cockpit

Package

Name
cockpit
Purl
pkg:rpm/opensuse/cockpit&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
320-bp156.2.6.3

Ecosystem specific 

{
    "binaries": [
        {
            "cockpit-ws": "320-bp156.2.6.3",
            "cockpit-packagekit": "320-bp156.2.6.3",
            "cockpit": "320-bp156.2.6.3",
            "cockpit-doc": "320-bp156.2.6.3",
            "cockpit-bridge": "320-bp156.2.6.3",
            "cockpit-devel": "320-bp156.2.6.3",
            "cockpit-networkmanager": "320-bp156.2.6.3",
            "cockpit-pcp": "320-bp156.2.6.3",
            "cockpit-storaged": "320-bp156.2.6.3",
            "cockpit-system": "320-bp156.2.6.3",
            "cockpit-kdump": "320-bp156.2.6.3",
            "cockpit-selinux": "320-bp156.2.6.3"
        }
    ]
}