Debian Security Advisory 5655-1

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5655-1                   [email protected]://www.debian.org/security/                       Moritz MuehlenhoffApril 04, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : cockpitCVE ID         : CVE-2024-2947It was discovered that Cockpit, a web console for Linux servers, wassusceptible to arbitrary command execution if an administrative userwas tricked into opening an sosreport file with a malformed filename.For the stable distribution (bookworm), this problem has been fixed inversion 287.1-0+deb12u1.We recommend that you upgrade your cockpit packages.For the detailed security status of cockpit please refer toits security tracker page at:https://security-tracker.debian.org/tracker/cockpitFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYO+CkACgkQEMKTtsN8Tjah6w/+KMkDnUZXuYjUaF6XZLi05PEH8S60u4MYNu0kDIgNAaxfOvwJC9FiIOXfBWDA8q3GofBgAozeHpBIr/c654yn8mCu8/w6eX/j4eDK+5Obj+BGUBvBNxOt2hZK7rPmv7Dklz0mF0yFqGG9f+/MOT3HZU4tN4CZK37kbFUBvIbgf1X3vWVbJrdWBn/6yI6O7bogx4B0eG233Yc7jnSNTU6V2PfD9Eo8PpxwUnLB6ybgfhcgjmxbyTRp8UwKgfvon2XDI1BpcO7EJUf1XssNm7E7LdH8ZgWclOL7mHLym4nL9vOAPHY5ST1wfGlweTuvIYda/lOUc2Tu5K/r5YaWczVfNG4hhIAOAtJfHOAbog1+pJ73Ic4MPDCPkMyV994xEwyyFo5a1xJl5+BGnXjAuEQDJ8Jf7W9axI9TNqmsQusEt77jr17o0gDiX9JGidXh60sPLMoXO/SvzzI7Yw6SGOMBdu+q1QzoXezPa8ZU14ihXswbM/m01J8pg9abxA8RHVsyHMfF8L6YYbTLIqpMzhpDsxEeHF7MDvbMAMwKPLOM3nxZe4eC9/7glrHS5VHlWzpJ+V8H/ndCvCkkAKDTEEAxQEmrVDXJxP5hzRM4BtX4TlzAFWZDF/aw8CLw71x/Ene8Kp7SaNfNZfBhv9D2LZ95Eec38bFQoNT6+fphei3xv6M==cD4W-----END PGP SIGNATURE-----