From 8e668a97f8a5a7d5b22ade035cf355b4a0a0e223 Mon Sep 17 00:00:00 2001
From: Martin Pitt <martin@piware.de>
Date: Tue, 2 Apr 2024 04:08:26 +0200
Subject: [PATCH] Update to upstream release 314

CVE-2024-2947

Resolves: jira#RHEL-30453
---
 .gitignore    |  3 +++
 README.packit |  2 +-
 cockpit.spec  | 59 +++++++++++++++++++++++++++++++--------------------
 packit.yaml   |  8 +++----
 sources       |  2 +-
 5 files changed, 45 insertions(+), 29 deletions(-)

diff --git a/.gitignore b/.gitignore
index c85c873..86a7ea7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -283,3 +283,6 @@
 /cockpit-310.2.tar.xz
 /cockpit-311.tar.xz
 /cockpit-311.1.tar.xz
+/cockpit-312.tar.xz
+/cockpit-313.tar.xz
+/cockpit-314.tar.xz
diff --git a/README.packit b/README.packit
index 7553f6b..d401b46 100644
--- a/README.packit
+++ b/README.packit
@@ -1,3 +1,3 @@
 This repository is maintained by packit.
 https://packit.dev/
-The file was generated using packit 0.92.0.
+The file was generated using packit 0.94.0.post1.dev8+g4b1f9717.
diff --git a/cockpit.spec b/cockpit.spec
index 17121e8..ed3dc27 100644
--- a/cockpit.spec
+++ b/cockpit.spec
@@ -49,7 +49,7 @@ Summary:        Web Console for Linux servers
 License:        LGPL-2.1-or-later
 URL:            https://cockpit-project.org/
 
-Version:        311.1
+Version:        314
 Release:        1%{?dist}
 Source0:        https://github.com/cockpit-project/cockpit/releases/download/%{version}/cockpit-%{version}.tar.xz
 
@@ -138,7 +138,7 @@ Requires: subscription-manager-cockpit
 
 BuildRequires:  python3-devel
 BuildRequires:  python3-pip
-%if 0%{?rhel} == 0
+%if 0%{?rhel} == 0 && !0%{?suse_version}
 # All of these are only required for running pytest (which we only do on Fedora)
 BuildRequires:  procps-ng
 BuildRequires:  pyproject-rpm-macros
@@ -345,19 +345,19 @@ Provides: cockpit-sosreport = %{version}-%{release}
 Recommends: (reportd if abrt)
 %endif
 
-Provides: bundled(npm(@patternfly/patternfly)) = 5.1.0
-Provides: bundled(npm(@patternfly/react-core)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-icons)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-styles)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-table)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-tokens)) = 5.1.2
+Provides: bundled(npm(@patternfly/patternfly)) = 5.2.1
+Provides: bundled(npm(@patternfly/react-core)) = 5.2.3
+Provides: bundled(npm(@patternfly/react-icons)) = 5.2.1
+Provides: bundled(npm(@patternfly/react-styles)) = 5.2.1
+Provides: bundled(npm(@patternfly/react-table)) = 5.2.4
+Provides: bundled(npm(@patternfly/react-tokens)) = 5.2.1
 Provides: bundled(npm(argparse)) = 1.0.10
 Provides: bundled(npm(array-buffer-byte-length)) = 1.0.1
 Provides: bundled(npm(attr-accept)) = 2.2.2
 Provides: bundled(npm(autolinker)) = 3.16.2
-Provides: bundled(npm(available-typed-arrays)) = 1.0.6
+Provides: bundled(npm(available-typed-arrays)) = 1.0.7
 Provides: bundled(npm(call-bind)) = 1.0.7
-Provides: bundled(npm(date-fns)) = 3.3.1
+Provides: bundled(npm(date-fns)) = 3.6.0
 Provides: bundled(npm(deep-equal)) = 2.2.3
 Provides: bundled(npm(define-data-property)) = 1.1.4
 Provides: bundled(npm(define-properties)) = 1.2.1
@@ -373,10 +373,10 @@ Provides: bundled(npm(get-intrinsic)) = 1.2.4
 Provides: bundled(npm(gopd)) = 1.0.1
 Provides: bundled(npm(has-bigints)) = 1.0.2
 Provides: bundled(npm(has-property-descriptors)) = 1.0.2
-Provides: bundled(npm(has-proto)) = 1.0.1
+Provides: bundled(npm(has-proto)) = 1.0.3
 Provides: bundled(npm(has-symbols)) = 1.0.3
 Provides: bundled(npm(has-tostringtag)) = 1.0.2
-Provides: bundled(npm(hasown)) = 2.0.1
+Provides: bundled(npm(hasown)) = 2.0.2
 Provides: bundled(npm(internal-slot)) = 1.0.7
 Provides: bundled(npm(is-arguments)) = 1.1.1
 Provides: bundled(npm(is-array-buffer)) = 3.0.4
@@ -384,15 +384,15 @@ Provides: bundled(npm(is-bigint)) = 1.0.4
 Provides: bundled(npm(is-boolean-object)) = 1.1.2
 Provides: bundled(npm(is-callable)) = 1.2.7
 Provides: bundled(npm(is-date-object)) = 1.0.5
-Provides: bundled(npm(is-map)) = 2.0.2
+Provides: bundled(npm(is-map)) = 2.0.3
 Provides: bundled(npm(is-number-object)) = 1.0.7
 Provides: bundled(npm(is-regex)) = 1.1.4
-Provides: bundled(npm(is-set)) = 2.0.2
-Provides: bundled(npm(is-shared-array-buffer)) = 1.0.2
+Provides: bundled(npm(is-set)) = 2.0.3
+Provides: bundled(npm(is-shared-array-buffer)) = 1.0.3
 Provides: bundled(npm(is-string)) = 1.0.7
 Provides: bundled(npm(is-symbol)) = 1.0.4
-Provides: bundled(npm(is-weakmap)) = 2.0.1
-Provides: bundled(npm(is-weakset)) = 2.0.2
+Provides: bundled(npm(is-weakmap)) = 2.0.2
+Provides: bundled(npm(is-weakset)) = 2.0.3
 Provides: bundled(npm(isarray)) = 2.0.5
 Provides: bundled(npm(js-sha1)) = 0.7.0
 Provides: bundled(npm(js-sha256)) = 0.11.0
@@ -402,9 +402,10 @@ Provides: bundled(npm(lodash)) = 4.17.21
 Provides: bundled(npm(loose-envify)) = 1.4.0
 Provides: bundled(npm(object-assign)) = 4.1.1
 Provides: bundled(npm(object-inspect)) = 1.13.1
-Provides: bundled(npm(object-is)) = 1.1.5
+Provides: bundled(npm(object-is)) = 1.1.6
 Provides: bundled(npm(object-keys)) = 1.1.1
 Provides: bundled(npm(object.assign)) = 4.1.5
+Provides: bundled(npm(possible-typed-array-names)) = 1.0.0
 Provides: bundled(npm(prop-types)) = 15.8.1
 Provides: bundled(npm(react-dom)) = 18.2.0
 Provides: bundled(npm(react-dropzone)) = 14.2.3
@@ -413,9 +414,9 @@ Provides: bundled(npm(react)) = 18.2.0
 Provides: bundled(npm(regexp.prototype.flags)) = 1.5.2
 Provides: bundled(npm(remarkable)) = 2.0.1
 Provides: bundled(npm(scheduler)) = 0.23.0
-Provides: bundled(npm(set-function-length)) = 1.2.1
-Provides: bundled(npm(set-function-name)) = 2.0.1
-Provides: bundled(npm(side-channel)) = 1.0.5
+Provides: bundled(npm(set-function-length)) = 1.2.2
+Provides: bundled(npm(set-function-name)) = 2.0.2
+Provides: bundled(npm(side-channel)) = 1.0.6
 Provides: bundled(npm(sprintf-js)) = 1.0.3
 Provides: bundled(npm(stop-iteration-iterator)) = 1.0.0
 Provides: bundled(npm(tabbable)) = 6.2.0
@@ -423,8 +424,8 @@ Provides: bundled(npm(throttle-debounce)) = 5.0.0
 Provides: bundled(npm(tslib)) = 2.6.2
 Provides: bundled(npm(uuid)) = 9.0.1
 Provides: bundled(npm(which-boxed-primitive)) = 1.0.2
-Provides: bundled(npm(which-collection)) = 1.0.1
-Provides: bundled(npm(which-typed-array)) = 1.1.14
+Provides: bundled(npm(which-collection)) = 1.0.2
+Provides: bundled(npm(which-typed-array)) = 1.1.15
 Provides: bundled(npm(xterm-addon-canvas)) = 0.5.0
 Provides: bundled(npm(xterm)) = 5.3.0
 
@@ -696,6 +697,18 @@ via PackageKit.
 
 # The changelog is automatically generated and merged
 %changelog
+* Thu Mar 28 2024 Packit <hello@packit.dev> - 314-1
+- Diagnostic reports: Fix command injection vulnerability with crafted report names
+- Storage: Improvements to read-only encrypted filesystems
+
+* Wed Mar 13 2024 Packit <hello@packit.dev> - 313-1
+- assorted bug fixes and improvements
+
+* Wed Feb 28 2024 Packit <hello@packit.dev> - 312-1
+- Accounts: support lastlog2 and make the page faster
+- Storage: Various Anaconda mode fixes
+- Fix package build if cockpit-bridge package is installed
+
 * Tue Feb 20 2024 Packit <hello@packit.dev> - 311.1-1
 - Update documentation links to RHEL 9 (RHEL-3954)
 - Storage: Various bug fixes
diff --git a/packit.yaml b/packit.yaml
index 0c59c8c..fa5260c 100644
--- a/packit.yaml
+++ b/packit.yaml
@@ -27,8 +27,8 @@ jobs:
     identifier: self
     trigger: pull_request
     targets:
-      - fedora-38
       - fedora-39
+      - fedora-40
       - fedora-latest-aarch64
       - fedora-development
       - centos-stream-9-x86_64
@@ -89,19 +89,19 @@ jobs:
     trigger: release
     dist_git_branches:
       - fedora-development
-      - fedora-38
       - fedora-39
+      - fedora-40
 
   - job: koji_build
     trigger: commit
     dist_git_branches:
       - fedora-development
-      - fedora-38
       - fedora-39
+      - fedora-40
 
   - job: bodhi_update
     trigger: commit
     dist_git_branches:
       # rawhide updates are created automatically
-      - fedora-38
       - fedora-39
+      - fedora-40
diff --git a/sources b/sources
index 1a23c19..0779fb3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (cockpit-311.1.tar.xz) = 2cf3dee1245a428573a40e94ec22957c34f69613c52f94604bd15d63d5df05a01e83f3599751e699db8a0af947dc17550809fbb775c3d0ac57c0f484679bea5a
+SHA512 (cockpit-314.tar.xz) = b2fb99ee3b8de4c5ab1b99de03c3e76d710c8d6187f0ddae3cb29f35cff9bb200dc9aacfa652440d111fa3b1ea0b7d7e3e98cad8003fefdcbda08407fda08a65