SUSE Package Hub - openSUSE-2024-206

Update Info

openSUSE-2024-206

Security update for cockpit

Type: security

Severity: moderate

Issued: 2024-07-21

Description:

This update for cockpit fixes the following issues:

- new version 320:

  * pam-ssh-add: Fix insecure killing of session ssh-agent
    (boo#1226040, CVE-2024-6126)

- changes in older versions:

  * Storage: Btrfs snapshots
  * Podman: Add image pull action
  * Files: Bookmark support
  * webserver: System user changes
  * Metrics: Grafana setup now prefers Valkey
- Invalid json against the storaged manifest boo#1227299

References

CVE: CVE-2024-6126
Bugzilla: 1227299 "Storage" does not appear in left menu and URL doesn't work
Bugzilla: 1226040 https://bugzilla.opensuse.org/show_bug.cgi?id=1226040

Packages

cockpit-320-bp156.2.6.3