Fedora Linux 8814 Published by

The following security updates have been released today for Fedora Linux 39 to address security issues in Cockpit and three Python packages:

Fedora 39 Update: cockpit-320-1.fc39
Fedora 39 Update: python-astropy-5.3.3-1.fc39
Fedora 39 Update: python3-docs-3.12.4-1.fc39
Fedora 39 Update: python3.12-3.12.4-1.fc39




Fedora 39 Update: cockpit-320-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-9eb3674b7c
2024-07-05 01:17:38.455557
--------------------------------------------------------------------------------

Name : cockpit
Product : Fedora 39
Version : 320
Release : 1.fc39
URL : https://cockpit-project.org/
Summary : Web Console for Linux servers
Description :
The Cockpit Web Console enables users to administer GNU/Linux servers using a
web browser.

It offers network configuration, log inspection, diagnostic reports, SELinux
troubleshooting, interactive command-line sessions, and more.

--------------------------------------------------------------------------------
Update Information:

Automatic update for cockpit-320-1.fc39.
Changelog for cockpit
* Wed Jul 03 2024 Packit [hello@packit.dev] - 320-1
- pam-ssh-add: Fix insecure killing of session ssh-agent [CVE-2024-6126]
- sosreport: Read report directory from sos config (fix page on Debian/Ubuntu)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 3 2024 Packit [hello@packit.dev] - 320-1
- pam-ssh-add: Fix insecure killing of session ssh-agent [CVE-2024-6126]
- sosreport: Read report directory from sos config (fix page on Debian/Ubuntu)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2290859 - [CVE-2024-6126] authenticated user can kill any process when enabling pam_env's user_readenv option
https://bugzilla.redhat.com/show_bug.cgi?id=2290859
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-9eb3674b7c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



Fedora 39 Update: python-astropy-5.3.3-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-d8ac19de55
2024-07-05 01:17:38.455512
--------------------------------------------------------------------------------

Name : python-astropy
Product : Fedora 39
Version : 5.3.3
Release : 1.fc39
URL : http://astropy.org
Summary : A Community Python Library for Astronomy
Description :
The Astropy project is a common effort to develop a single core package
for Astronomy. Major packages such as PyFITS, PyWCS, vo, and asciitable
already merged in, and many more components being worked on. In
particular, we are developing imaging, photometric, and spectroscopic
functionality, as well as frameworks for cosmology, unit handling, and
coordinate transformations.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2023-41334
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 26 2024 Sergio Pascual [sergiopr@fedoraproject.org] - 5.3.3-1
- New upstream source 5.3.3
- Fixes #2270187
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2270185 - CVE-2023-41334 python-astropy: Remote code execution in TranformGraph().to_dot_graph function
https://bugzilla.redhat.com/show_bug.cgi?id=2270185
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-d8ac19de55' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



Fedora 39 Update: python3-docs-3.12.4-1.fc39


--



Fedora 39 Update: python3.12-3.12.4-1.fc39


--