Release date:
2026-06-10 11:36:19 UTC
Description:
- CVE-2026-4802: fix shell command injection via boot descriptor query string in
the system logs page by quoting journalctl arguments using shlex-style single-
quote escaping
- CVE-2024-6126: fix insecure killing of session ssh-agent; include upstream
follow-up commit for proper strtoul() error handling when parsing SSH_AGENT_PID
Updated packages:
-
cockpit-286.2-1.el9_2.tuxcare.els2.x86_64.rpm
sha:1fc782a5dd3429bcdfb9a2e33a0add35ad4acce5a62b14bf2ef52a26d6d4534d
-
cockpit-bridge-286.2-1.el9_2.tuxcare.els2.x86_64.rpm
sha:14e421441cdab5d2f0680c7fdce48dd930fe1793366f8aed65828e8260e4dc21
-
cockpit-doc-286.2-1.el9_2.tuxcare.els2.noarch.rpm
sha:6daf350b9b0e27026ffb361b5fd4b02b3093f2a7ab1f09de7dac6fc261458fb7
-
cockpit-packagekit-286.2-1.el9_2.tuxcare.els2.noarch.rpm
sha:0d240a45e8b748cbb5ee208c166c38d5bdc5c086cb536dff84a2e7ac50248b00
-
cockpit-pcp-286.2-1.el9_2.tuxcare.els2.x86_64.rpm
sha:4a1be0fd43cb505f9fb34fd6c4a31d5553fcb7e1b4429cddd7d1fbb1c3f4788a
-
cockpit-storaged-286.2-1.el9_2.tuxcare.els2.noarch.rpm
sha:cbfa22152330421cf2ccd688ffe185d6657c88e40887fee196b7a6b0ac7f756c
-
cockpit-system-286.2-1.el9_2.tuxcare.els2.noarch.rpm
sha:159759d018cb2329ef341dfa751b2a42f2fe35366091263c0d585c5228c1d973
-
cockpit-tests-286.2-1.el9_2.tuxcare.els2.x86_64.rpm
sha:15d9aade34c9c8e12b2540f6bbfb6dc2d3b93622db84a03cba9d68214875cd3b
-
cockpit-ws-286.2-1.el9_2.tuxcare.els2.x86_64.rpm
sha:897181913d6c09a2cc98bc1551ae3fce98762b2015770e553eae85fe18336fc7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
