-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4e95f130fc 2024-03-31 00:17:00.326957 --------------------------------------------------------------------------------
Name : cockpit Product : Fedora 40 Version : 314 Release : 1.fc40 URL : https://cockpit-project.org/ Summary : Web Console for Linux servers Description : The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser.
It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.
-------------------------------------------------------------------------------- Update Information:
Automatic update for cockpit-314-1.fc40. Changelog for cockpit * Thu Mar 28 2024 Packit hello@packit.dev - 314-1 - Diagnostic reports: Fix command injection vulnerability with crafted report names - Storage: Improvements to read-only encrypted filesystems -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2024 Packit hello@packit.dev - 314-1 - Diagnostic reports: Fix command injection vulnerability with crafted report names - Storage: Improvements to read-only encrypted filesystems -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2271614 - CVE-2024-2947 cockpit: command injection when deleting a sosreport with a crafted name https://bugzilla.redhat.com/show_bug.cgi?id=2271614 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4e95f130fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------