[ALSA-2022:2008] Moderate: cockpit security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2022-05-10
Description:
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. The following packages have been upgraded to a later upstream version: cockpit (264.1). (BZ#1984902, BZ#1992620, BZ#2004041, BZ#2008208) Security Fix(es): * cockpit: authenticates with revoked certificates (CVE-2021-3698) * cockpit: pages vulnerable to clickjacking (CVE-2021-3660) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 cockpit-264.1-1.el8.aarch64.rpm 1b8dc4e1fca88d620bbca3413984907e095ee80be70123bd2e837a6ef8b31f11
aarch64 cockpit-bridge-264.1-1.el8.aarch64.rpm 4180214f282abdba784918d6482b80591640392f3f148c08aa771dc67a4e4d24
aarch64 cockpit-ws-264.1-1.el8.aarch64.rpm e9de70bd3758ae186f35363f9f9ee5984841f4be53afa77aaa7b315724bd986d
noarch cockpit-doc-264.1-1.el8.noarch.rpm bb443c3d85e8f088111176b651cbdd2742d03819f1d86d53d3ce663a4186d576
noarch cockpit-system-264.1-1.el8.noarch.rpm d6af0b338062ae239f49b654d897378e50430d29a16e78216f9aad9499a0e63b
ppc64le cockpit-bridge-264.1-1.el8.ppc64le.rpm 15f2602ced086954b1a6190acec9c6b89731cee8da2896d772d1c5be1843069f
ppc64le cockpit-264.1-1.el8.ppc64le.rpm 1ce6a191477b1477ee7107a70104a750fd14fe64e914936bb4f33b2ee1e80731
ppc64le cockpit-ws-264.1-1.el8.ppc64le.rpm 37467346e7d9eb0d22e9a528d155f66a362d762bb212ca7673bb9c98c0a43eda
x86_64 cockpit-bridge-264.1-1.el8.x86_64.rpm 1662301e65a7811fa0daa244895adfc239955d22c17da8069a8cd533ef13f7a3
x86_64 cockpit-264.1-1.el8.x86_64.rpm 58d07a130c091c7afd037d8462d783960902de4d6ee50ce50edb210665b401ac
x86_64 cockpit-ws-264.1-1.el8.x86_64.rpm f973b07f5367dcc891984b921741f427f0d338e331563c6a69ad9d7fb20574d6
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.