ALSA-2024:9325

[ALSA-2024:9325] Low: cockpit security update

Type:

security

Severity:

low

Release date:

2024-11-18

Description:

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.  

Security Fix(es):  

  * cockpit: Authenticated user can kill any process when enabling pam_env's user_readenv option (CVE-2024-6126)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	cockpit-pcp-323.1-1.el9_5.aarch64.rpm	2a6e538e6cbc762804daff3640843637940457d0fcf425661e422f072fcce26d
aarch64	cockpit-ws-323.1-1.el9_5.aarch64.rpm	588918f86ac1942225bfaba67174ff2ef6c7259a3c28f6f9708b5da912ab3cb7
aarch64	cockpit-323.1-1.el9_5.aarch64.rpm	e8259d6db8bf8650684f1d3c735521575fa232533f932bf467a00049e6a9f250
aarch64	cockpit-bridge-323.1-1.el9_5.aarch64.rpm	f18ffac26d96e054f0a920ac46d5c123c4a2e5f95dd7849d46ae24fa68118400
noarch	cockpit-storaged-323.1-1.el9_5.noarch.rpm	5c0b31aa290dae63c6d54434ed4c52453aad980f8cd50858b037b655c8065bd5
noarch	cockpit-system-323.1-1.el9_5.noarch.rpm	cdf2fb7bbfe7bb2e80b3fe43c86de823d68e66151a164327ba25ab5c6fe77f86
noarch	cockpit-doc-323.1-1.el9_5.noarch.rpm	e85cf41907667446afcda7471b80d7d8f046b766b8d8f52ff8d27eefd6358156
noarch	cockpit-packagekit-323.1-1.el9_5.noarch.rpm	f11f8d5faa1930670c93db8d29bfe7043deab6aa3678c51c44aae49deb2c9f05
ppc64le	cockpit-pcp-323.1-1.el9_5.ppc64le.rpm	5b03657ce0f1b8298c622a1a26a990fc734b0f0423bac7888dfaae7fcb199508
ppc64le	cockpit-bridge-323.1-1.el9_5.ppc64le.rpm	5c1755e3d845716a03498618ea30b6ec5f56995909a55eb8ef4139fd8092d746
ppc64le	cockpit-323.1-1.el9_5.ppc64le.rpm	702aae2d460ee96af203d17fe9a3f4dbb1ff7863b63aff50068c9af062218869
ppc64le	cockpit-ws-323.1-1.el9_5.ppc64le.rpm	faf2855dbaac348f00087bb84d72e0af53dd42471ccf2b55bffe3e686c482d1f
s390x	cockpit-bridge-323.1-1.el9_5.s390x.rpm	17a8fb34b1d70e698e0956501b397440c8577b59578631aec57dfb79f02eab24
s390x	cockpit-pcp-323.1-1.el9_5.s390x.rpm	208f299af2bea8524c58a2442bb402235c12751504e3a2c94085d24ad8fb61ca
s390x	cockpit-ws-323.1-1.el9_5.s390x.rpm	6f52e2bda1f04ed180af8c7f556867246e2d721722c8e6e61a628f77b94e0379
s390x	cockpit-323.1-1.el9_5.s390x.rpm	89cb4de18e5e27f85b48308a8cdd11610c7b24347ec4f7095d9f46b9334f802e
x86_64	cockpit-bridge-323.1-1.el9_5.x86_64.rpm	48fd889385ec628844eaae9a2d765e6a947539f82279dece96e7d8ff3ecf8a30
x86_64	cockpit-pcp-323.1-1.el9_5.x86_64.rpm	5759987383ea3f0f91db645806115b7cfe1116f1c56988cc7c23307a519cd4ef
x86_64	cockpit-ws-323.1-1.el9_5.x86_64.rpm	5b715069254e8d755dd50f31a49c4055b5dbc0e76f1117e3f97c10720994fbdf
x86_64	cockpit-323.1-1.el9_5.x86_64.rpm	7c2ca163030355714ce2348623b7d1f8c0161185d20968adb4287ac736ed17ce

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.