[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-4802 in cockpit for LTS.
Chris Lamb (@lamby)
lamby at debian.org
Mon Jun 29 23:11:25 BST 2026
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8206fde3 by Chris Lamb at 2026-06-29T15:11:18-07:00
Triage CVE-2026-4802 in cockpit for LTS.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -33504,6 +33504,8 @@ CVE-2026-6093 (Corteza contains a SQL injection vulnerability in its Microsoft S
NOT-FOR-US: Corteza
CVE-2026-4802 (A flaw was found in Cockpit. This vulnerability allows a remote attack ...)
- cockpit 362-1
+ [bookworm] - cockpit <postponed> (Minor issue; difficult to backport, as code to re-minify patched Javascript not functional in LTS)
+ [bullseye] - cockpit <postponed> (Minor issue; difficult to backport, as code to re-minify patched Javascript not functional in LTS)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/19
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2451155
NOTE: Fixed by: https://github.com/cockpit-project/cockpit/commit/e3a47d70f99a0dbbb427b3146ae9571cecc44296 (362)
=====================================
data/dla-needed.txt
=====================================
@@ -112,9 +112,6 @@ ckeditor/bullseye
NOTE: 20241002: Added by Front-Desk (Beuc)
NOTE: 20241002: Multiple CVEs have been piling up (Beuc/front-desk)
--
-cockpit (Chris Lamb)
- NOTE: 20260611: Added by Front-Desk (rouca)
---
composer/bullseye
NOTE: 20260417: Added by Front-Desk (rouca)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8206fde3ff3c61c58ca3804a0e4fd1ea7eb9074e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8206fde3ff3c61c58ca3804a0e4fd1ea7eb9074e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/8f32793f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list