{"update": {"autokarma": true, "autotime": true, "stable_karma": 2, "stable_days": 14, "unstable_karma": -1, "require_bugs": false, "require_testcases": true, "display_name": "", "notes": "sosreport: Fix command injection with crafted report names [CVE-2024-2947]\n", "type": "security", "status": "stable", "request": null, "severity": "medium", "suggest": "logout", "locked": false, "pushed": true, "critpath": true, "critpath_groups": "critical-path-server", "close_bugs": true, "date_submitted": "2024-04-02 07:52:05", "date_modified": "2024-04-02 07:52:37", "date_approved": "2024-04-17 02:15:19", "date_testing": "2024-04-03 02:13:32", "date_stable": "2024-04-18 01:14:20", "alias": "FEDORA-2024-31e83b461d", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2024-04-18 01:14:20", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-31e83b461d", "title": "cockpit-311.2-1.fc38", "version_hash": "28a120849be4046cf944b07e825f970d6f5415f1", "release": {"name": "F38", "long_name": "Fedora 38", "version": "38", "id_prefix": "FEDORA", "branch": "f38", "dist_tag": "f38", "stable_tag": "f38-updates", "testing_tag": "f38-updates-testing", "candidate_tag": "f38-updates-candidate", "pending_signing_tag": "f38-signing-pending", "pending_testing_tag": "f38-updates-testing-pending", "pending_stable_tag": "f38-updates-pending", "override_tag": "f38-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2024-05-21", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "martinpitt", "email": "mpitt@redhat.com", "id": 3506, "avatar": "https://seccdn.libravatar.org/avatar/a6a00790fadaca10623f4464437e482d4ec110fe331397506ea9fe2664bec740?s=24&d=retro", "openid": "martinpitt.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cockpitteam"}, {"name": "ocp-cico-cockpit"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by martinpitt. ", "timestamp": "2024-04-02 07:52:06", "update_id": 601325, "user_id": 91, "id": 3473313, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-04-02 07:52:07", "update_id": 601325, "user_id": 91, "id": 3473314, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "martinpitt edited this update.", "timestamp": "2024-04-02 07:52:37", "update_id": 601325, "user_id": 91, "id": 3473315, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2024-04-02 08:43:25", "update_id": 601325, "user_id": 91, "id": 3473367, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2024-04-03 02:13:58", "update_id": 601325, "user_id": 91, "id": 3474504, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2024-04-17 02:15:19", "update_id": 601325, "user_id": 91, "id": 3493330, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2024-04-18 01:14:40", "update_id": 601325, "user_id": 91, "id": 3494755, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "cockpit-311.2-1.fc38", "signed": true, "release_id": 66, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 2271815, "title": "CVE-2024-2947 cockpit: command injection when deleting a sosreport with a crafted name [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3470458, "bug_id": 2271815, "comment": {"karma": 1, "karma_critpath": 0, "text": "upgrades, installs, works fine", "timestamp": "2024-03-29 19:18:32", "update_id": 600800, "user_id": 3506, "id": 3470458, "testcase_feedback": [{"karma": 0, "comment_id": 3470458, "testcase_id": 522, "testcase": {"name": "QA:Testcase cockpit", "id": 522}}, {"karma": 0, "comment_id": 3470458, "testcase_id": 122, "testcase": {"name": "QA:Testcase realmd join cockpit", "id": 122}}], "user": {"name": "martinpitt", "email": "mpitt@redhat.com", "id": 3506, "avatar": "https://seccdn.libravatar.org/avatar/a6a00790fadaca10623f4464437e482d4ec110fe331397506ea9fe2664bec740?s=24&d=retro", "openid": "martinpitt.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cockpitteam"}, {"name": "ocp-cico-cockpit"}]}}}, {"karma": 0, "comment_id": 3470460, "bug_id": 2271815, "comment": {"karma": 1, "karma_critpath": 0, "text": "updates, installs, runs fine", "timestamp": "2024-03-29 19:18:58", "update_id": 600799, "user_id": 3506, "id": 3470460, "testcase_feedback": [{"karma": 0, "comment_id": 3470460, "testcase_id": 522, "testcase": {"name": "QA:Testcase cockpit", "id": 522}}, {"karma": 0, "comment_id": 3470460, "testcase_id": 122, "testcase": {"name": "QA:Testcase realmd join cockpit", "id": 122}}], "user": {"name": "martinpitt", "email": "mpitt@redhat.com", "id": 3506, "avatar": "https://seccdn.libravatar.org/avatar/a6a00790fadaca10623f4464437e482d4ec110fe331397506ea9fe2664bec740?s=24&d=retro", "openid": "martinpitt.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cockpitteam"}, {"name": "ocp-cico-cockpit"}]}}}, {"karma": 0, "comment_id": 3470913, "bug_id": 2271815, "comment": {"karma": 1, "karma_critpath": 0, "text": "Working so far.", "timestamp": "2024-03-30 04:19:04", "update_id": 600800, "user_id": 4756, "id": 3470913, "testcase_feedback": [{"karma": 0, "comment_id": 3470913, "testcase_id": 522, "testcase": {"name": "QA:Testcase cockpit", "id": 522}}, {"karma": 0, "comment_id": 3470913, "testcase_id": 122, "testcase": {"name": "QA:Testcase realmd join cockpit", "id": 122}}], "user": {"name": "nixuser", "email": "nixuser@mail.com", "id": 4756, "avatar": "https://seccdn.libravatar.org/avatar/365861a25716b355bf17bd01d55d25c29e1d98a79e197ef46bd8cfafdd93c836?s=24&d=retro", "openid": "nixuser.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}]}], "updateid": "FEDORA-2024-31e83b461d", "karma": 0, "content_type": "rpm", "test_cases": [{"name": "QA:Testcase cockpit", "id": 522}, {"name": "QA:Testcase realmd join cockpit", "id": 122}]}, "can_edit": false, "ci_allowed": false}