Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 39: 2024-7053101990 Moderate - Cockpit Command Injection Flaw Fixed

fedora
Calendar Grey March 30, 2024
Dist Fedora Esm H88
Fedora 39 introduces an automated refresh for cockpit, rectifying a command injection vulnerability. Ensure you maintain security by applying these updates promptly.
Automatic update for cockpit-314-1.fc39.

Summary

The Cockpit Web Console enables users to administer GNU/Linux servers using a

web browser.

It offers network configuration, log inspection, diagnostic reports, SELinux

troubleshooting, interactive command-line sessions, and more.

Update Information:

Automatic update for cockpit-314-1.fc39.

Topics%20covered

Topics Covered

security advisory Fedora command injection web console automatic update

Change Log

* Thu Mar 28 2024 Packit - 314-1 - Diagnostic reports: Fix command injection vulnerability with crafted report names - Storage: Improvements to read-only encrypted filesystems

References


[ 1 ] Bug #2271614 - CVE-2024-2947 cockpit: command injection when deleting a sosreport with a crafted name https://bugzilla.redhat.com/show_bug.cgi?id=2271614

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6065341780' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: cockpit
Product: Fedora 39
Version: 314
Release: 1.fc39
URL: https://cockpit-project.org/
Summary: Web Console for Linux servers

Topics%20covered

Topics Covered

security advisory Fedora command injection web console automatic update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here