Debian Package Tracker
Register | Log in
Subscribe

cockpit

Web Console for Linux servers

Choose email to subscribe with

general
  • source: cockpit (main)
  • version: 362-1
  • maintainer: Utopia Maintenance Team (archive) (DMD)
  • uploaders: Michael Biebl [DMD] – Martin Pitt [DMD]
  • arch: all any
  • std-ver: 4.7.4
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 239-1
  • oldstable: 287.1-0+deb12u3
  • old-sec: 287.1-0+deb12u2
  • old-bpo: 337-1~bpo12+1
  • stable: 337-1+deb13u1
  • stable-bpo: 362-1~bpo13+1
  • testing: 362-1
  • unstable: 362-1
versioned links
  • 239-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 287.1-0+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 287.1-0+deb12u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 337-1~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 337-1+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 362-1~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 362-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • cockpit
  • cockpit-bridge (1 bugs: 0, 1, 0, 0)
  • cockpit-doc
  • cockpit-networkmanager
  • cockpit-packagekit
  • cockpit-sosreport
  • cockpit-storaged
  • cockpit-system
  • cockpit-ws
action needed
A new upstream version is available: 364 high
A new upstream version 364 is available, you should consider packaging it.
Created: 2026-06-06 Last update: 2026-07-01 03:30
1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:
  • CVE-2026-4802: A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
Created: 2026-05-21 Last update: 2026-06-30 00:17
1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:
  • CVE-2026-4802: (postponed; to be fixed through a stable update) A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-05-21 Last update: 2026-06-30 00:17
news
[rss feed]
  • [2026-05-31] Accepted cockpit 362-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-05-31] cockpit 362-1 MIGRATED to testing (Debian testing watch)
  • [2026-05-29] Accepted cockpit 362-1 (source) into unstable (Martin Pitt)
  • [2026-05-03] Accepted cockpit 337-1+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Martin Pitt)
  • [2026-04-12] Accepted cockpit 360-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-04-12] cockpit 360-1 MIGRATED to testing (Debian testing watch)
  • [2026-04-09] Accepted cockpit 360-1 (source) into unstable (Martin Pitt)
  • [2026-03-22] Accepted cockpit 358-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-03-21] cockpit 358-1 MIGRATED to testing (Debian testing watch)
  • [2026-03-19] Accepted cockpit 358-1 (source) into unstable (Martin Pitt)
  • [2026-02-19] Accepted cockpit 356-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-02-19] cockpit 356-1 MIGRATED to testing (Debian testing watch)
  • [2026-02-11] Accepted cockpit 356-1 (source) into unstable (Martin Pitt)
  • [2026-01-31] Accepted cockpit 355-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-01-31] cockpit 355-1 MIGRATED to testing (Debian testing watch)
  • [2026-01-29] Accepted cockpit 355-1 (source) into unstable (Martin Pitt)
  • [2026-01-17] Accepted cockpit 354-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2026-01-09] cockpit 354-1 MIGRATED to testing (Debian testing watch)
  • [2026-01-07] Accepted cockpit 354-1 (source) into unstable (Martin Pitt)
  • [2025-12-18] Accepted cockpit 353.1-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2025-12-18] cockpit 353.1-1 MIGRATED to testing (Debian testing watch)
  • [2025-12-15] Accepted cockpit 353.1-1 (source) into unstable (Martin Pitt)
  • [2025-11-29] Accepted cockpit 352-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2025-11-29] cockpit 352-1 MIGRATED to testing (Debian testing watch)
  • [2025-11-27] Accepted cockpit 352-1 (source) into unstable (Martin Pitt)
  • [2025-11-02] Accepted cockpit 350-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2025-11-02] cockpit 350-1 MIGRATED to testing (Debian testing watch)
  • [2025-10-31] Accepted cockpit 350-1 (source) into unstable (Martin Pitt)
  • [2025-10-06] Accepted cockpit 348-1~bpo13+1 (source) into stable-backports (Martin Pitt)
  • [2025-10-05] cockpit 348-1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 4
  • RC: 0
  • I&N: 2
  • M&W: 2
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • other distros
  • security tracker
  • screenshots
  • l10n (-, 97)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 362-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing