ALSA-2026:21676

[ALSA-2026:21676] Important: cockpit security update

Type:

security

Severity:

important

Release date:

2026-05-28

Description:

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.  

Security Fix(es):  

  * cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI (CVE-2026-4802)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	cockpit-356.2-1.el10_2.aarch64.rpm	621795ffce36477c396276df7c67ca8e946284d42c042bc18d9e793a578df449
aarch64	cockpit-ws-356.2-1.el10_2.aarch64.rpm	868e2d64e0706ee0dda8047a20991e2326fa914c1ffadb5e39e336723ff4a019
aarch64	cockpit-ws-selinux-356.2-1.el10_2.aarch64.rpm	dff992d03321617a7a13bc0999c143ee17103c8d74107f7a2911cf6c26285f48
noarch	cockpit-packagekit-356.2-1.el10_2.noarch.rpm	29bea62d6da80ffe7185c0a5c07130c9f8bdd8cf3db5e6956ab11f4675ba353b
noarch	cockpit-bridge-356.2-1.el10_2.noarch.rpm	69809bd2b67896ae5625bdac03f99782c25446ce48e676fab21a2c56793e777e
noarch	cockpit-doc-356.2-1.el10_2.noarch.rpm	d08c8b96ba98f9fe8baecf04c8836f93b6fcf0365213b8d39621d6b7d360b39d
noarch	cockpit-storaged-356.2-1.el10_2.noarch.rpm	db2a2a221c93a54b55c9d8c46acdea7e845e9d978c1572d583e9113742dd59f2
noarch	cockpit-system-356.2-1.el10_2.noarch.rpm	f49a133e2eb12072f7769108e22882ba9074586d6a393ee0f9972bd2585b10a9
ppc64le	cockpit-ws-selinux-356.2-1.el10_2.ppc64le.rpm	447a59fda130ab60313f1fcec0bdc01830da96344fb24b2c1aed9c8d3d344ac2
ppc64le	cockpit-ws-356.2-1.el10_2.ppc64le.rpm	8a24af958df4119dc510ca0eb00c95e9a7ac114c1c4b6c3d49a3f15aa2809336
ppc64le	cockpit-356.2-1.el10_2.ppc64le.rpm	b0b477f4524714888d51cecfd5ee8a49d171f2c8ec4c81d548ba10abbd5ac58b
s390x	cockpit-356.2-1.el10_2.s390x.rpm	4f4782e21c0c30984987a838acb7dba7f5038385367aa48dbdfddc4ebb6b9ec2
s390x	cockpit-ws-356.2-1.el10_2.s390x.rpm	6366841b843b3689316c349f4ca3240c1c2c428116210253dce8fbc4e8d622ec
s390x	cockpit-ws-selinux-356.2-1.el10_2.s390x.rpm	e10468202b7dbc01ff4a617be7bb0d03f09debccde1f7bdc460860e99e3d3b3c
x86_64	cockpit-ws-356.2-1.el10_2.x86_64.rpm	71adb9dcf84aa1b1f0d78a3cd597c760c555d46a970d99033716ca3ab3ade34a
x86_64	cockpit-ws-selinux-356.2-1.el10_2.x86_64.rpm	e3004fe4499e339fe3f484c9e2336bf1abbbe10a7847ae6a6e207350671a612c
x86_64	cockpit-356.2-1.el10_2.x86_64.rpm	fa92a5dc4a4c8317e8874afd3d557828e00a9801982401d881e0b11755d8b8ff
x86_64_v2	cockpit-ws-356.2-1.el10_2.x86_64_v2.rpm	20a6f6bd64494940e5bf2d2b9b4c4491c40742d2c5af776248b4f60bdfe775d6
x86_64_v2	cockpit-356.2-1.el10_2.x86_64_v2.rpm	27ec8d8ba0e93e4fdbcabc9dbb7c2e87682c36536d129d8f863e0851d270945b
x86_64_v2	cockpit-ws-selinux-356.2-1.el10_2.x86_64_v2.rpm	a643744ec887c32053793d8461b415db9e7c592beefd1978053b42965d5f9848

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.