ALSA-2026:21468

[ALSA-2026:21468] Important: cockpit security update

Type:

security

Severity:

important

Release date:

2026-05-28

Description:

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.  

Security Fix(es):  

  * cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI (CVE-2026-4802)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	cockpit-ws-356.2-1.el9_8.aarch64.rpm	135da666e17a4c9556fd2553537edd378ef16912899dd3390c49ac25ff2afb1a
aarch64	cockpit-356.2-1.el9_8.aarch64.rpm	37105048c90d29ba01a06227309d51610a780169ec877788f5c97addd562129f
aarch64	cockpit-ws-selinux-356.2-1.el9_8.aarch64.rpm	6f74a33e7e55b69f53460ac9188442ad2b187bc059148dc4d8130adc185edca6
noarch	cockpit-system-356.2-1.el9_8.noarch.rpm	32eb8395ea33394cd76f313ef1e883287aa2a400cd18cf677ce252283e21f698
noarch	cockpit-packagekit-356.2-1.el9_8.noarch.rpm	37861ee4d0ecfb3e385eacc38d6344e4416d27285a4f56bc6e61904d5282e326
noarch	cockpit-storaged-356.2-1.el9_8.noarch.rpm	8a0d02108ed04e514bf99ed16018067d3439b4b57b6ca725f660d86984537950
noarch	cockpit-doc-356.2-1.el9_8.noarch.rpm	a13363c2a782acbc9c9499ec95b56218995e4abf1ee3bd64f4a12c094a0034d5
noarch	cockpit-bridge-356.2-1.el9_8.noarch.rpm	d810871229062ae0bb8d717a464a152bc99967c3fb8bfb5f6c848b8c0d2718a5
ppc64le	cockpit-356.2-1.el9_8.ppc64le.rpm	9419afd5d884fead44b4f942be2c10c695bed61b362e9bb3bc9934515500b42a
ppc64le	cockpit-ws-356.2-1.el9_8.ppc64le.rpm	ac5ff8ce350c03df53b6ccaba0cbaa4c14226e58b0286e65730c403ac6106259
ppc64le	cockpit-ws-selinux-356.2-1.el9_8.ppc64le.rpm	e48aebe4b48b82fe81304ce8ef82d61afcb6cfd91005327e976b3647e8c3197c
s390x	cockpit-ws-selinux-356.2-1.el9_8.s390x.rpm	74657642bfe4053648954150646f1ef098860b20f1caa660af1ca35960e6faa5
s390x	cockpit-356.2-1.el9_8.s390x.rpm	bb6ca37963f31e1b3c0628a267ef02af20ed2eee49782e1ea3a58d248ee0d583
s390x	cockpit-ws-356.2-1.el9_8.s390x.rpm	e26740aee32ee93f7455020922af5c23b113b5c26b69e6655ff4d9dc6b64be2b
x86_64	cockpit-ws-356.2-1.el9_8.x86_64.rpm	60d98f81a31bd02c996bae7cf122f095603761b3eb97d11f75b8c87f8c3fcf7d
x86_64	cockpit-356.2-1.el9_8.x86_64.rpm	bd642beae9da9dd40a94b34852c5169aedf02891927b2abb0b6b012b28fcd500
x86_64	cockpit-ws-selinux-356.2-1.el9_8.x86_64.rpm	bf532a1b4055e8dd1d6a0e4baaea0b8636ec7990b40c8940fc36c4bda693a010

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.