{"affected":[{"ecosystem_specific":{"binaries":[{"cockpit":"320-bp156.2.6.3","cockpit-bridge":"320-bp156.2.6.3","cockpit-devel":"320-bp156.2.6.3","cockpit-doc":"320-bp156.2.6.3","cockpit-kdump":"320-bp156.2.6.3","cockpit-networkmanager":"320-bp156.2.6.3","cockpit-packagekit":"320-bp156.2.6.3","cockpit-pcp":"320-bp156.2.6.3","cockpit-selinux":"320-bp156.2.6.3","cockpit-storaged":"320-bp156.2.6.3","cockpit-system":"320-bp156.2.6.3","cockpit-ws":"320-bp156.2.6.3"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"cockpit","purl":"pkg:rpm/suse/cockpit&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"320-bp156.2.6.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"cockpit":"320-bp156.2.6.3","cockpit-bridge":"320-bp156.2.6.3","cockpit-devel":"320-bp156.2.6.3","cockpit-doc":"320-bp156.2.6.3","cockpit-kdump":"320-bp156.2.6.3","cockpit-networkmanager":"320-bp156.2.6.3","cockpit-packagekit":"320-bp156.2.6.3","cockpit-pcp":"320-bp156.2.6.3","cockpit-selinux":"320-bp156.2.6.3","cockpit-storaged":"320-bp156.2.6.3","cockpit-system":"320-bp156.2.6.3","cockpit-ws":"320-bp156.2.6.3"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"cockpit","purl":"pkg:rpm/opensuse/cockpit&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"320-bp156.2.6.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for cockpit fixes the following issues:\n\n- new version 320:\n\n  * pam-ssh-add: Fix insecure killing of session ssh-agent\n    (boo#1226040, CVE-2024-6126)\n\n- changes in older versions:\n\n  * Storage: Btrfs snapshots\n  * Podman: Add image pull action\n  * Files: Bookmark support\n  * webserver: System user changes\n  * Metrics: Grafana setup now prefers Valkey\n- Invalid json against the storaged manifest boo#1227299\n","id":"openSUSE-SU-2024:0206-1","modified":"2024-07-21T12:01:36Z","published":"2024-07-21T12:01:36Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CNZTH7PKY4BMSDPSUA32JS3BZQRTKTGF/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226040"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227299"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-6126"}],"related":["CVE-2024-6126"],"summary":"Security update for cockpit","upstream":["CVE-2024-6126"]}