Fedora 38: cockpit 2024-31e83b461d Security Advisory Updates
Summary
The Cockpit Web Console enables users to administer GNU/Linux servers using a
web browser.
It offers network configuration, log inspection, diagnostic reports, SELinux
troubleshooting, interactive command-line sessions, and more.
Update Information:
sosreport: Fix command injection with crafted report names [CVE-2024-2947]
Change Log
* Tue Apr 2 2024 Packit
References
[ 1 ] Bug #2271815 - CVE-2024-2947 cockpit: command injection when deleting a sosreport with a crafted name [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2271815
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-31e83b461d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label