Bug 33368

Summary: cockpit new security issue CVE-2024-6126
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: NEW --- QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9TOO
Source RPM: cockpit-269-2.mga9.src.rpm CVE: CVE-2024-6126
Status comment: Fixed upstream in 320

Description Nicolas Salguero 2024-07-05 14:32:54 CEST 
Fedora has issued an advisory on July 5:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZNUO624QLYNAUYWEADVMZTKMGHYHDA2/

The problem is fixed in version 320.

Mageia 9 is also affected.
Nicolas Salguero 2024-07-05 14:33:11 CEST

Source RPM: (none) => cockpit-269-2.mga9.src.rpm
Whiteboard: (none) => MGA9TOO
CVE: (none) => CVE-2024-6126
Status comment: (none) => Fixed upstream in 320

Comment 1 Lewis Smith 2024-07-05 20:42:06 CEST 
Different packagers update this, so assigning this update globally.

Assignee: bugsquad => pkg-bugs