[SECURITY] Fedora 39 Update: cockpit-314-1.fc39

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-6065341780 2024-03-30 01:08:11.513675 -------------------------------------------------------------------------------- Name : cockpit Product : Fedora 39 Version : 314 Release : 1.fc39 URL : https://cockpit-project.org/ Summary : Web Console for Linux servers Description : The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. -------------------------------------------------------------------------------- Update Information: Automatic update for cockpit-314-1.fc39. -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 28 2024 Packit <hello(a)packit.dev&gt; - 314-1 - Diagnostic reports: Fix command injection vulnerability with crafted report names - Storage: Improvements to read-only encrypted filesystems -------------------------------------------------------------------------------- References: [ 1 ] Bug #2271614 - CVE-2024-2947 cockpit: command injection when deleting a sosreport with a crafted name https://bugzilla.redhat.com/show_bug.cgi?id=2271614 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6065341780' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------