Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 40: FEDORA-2024-8a545718b1 Critical: booth HMAC Issue

fedora
Calendar Grey June 16, 2024
Dist Fedora Esm H88
Ubuntu 22.04 patches released, incorporating a vital security patch for CVE-2024-3050 aimed at reinforcing system resilience and performance stability.
Security fix for CVE-2024-3049

Summary

Booth manages tickets which authorize cluster sites located

in geographically dispersed locations to run resources.

It facilitates support of geographically distributed

clustering in Pacemaker.

Update Information:

Security fix for CVE-2024-3049

Topics%20covered

Topics Covered

security advisory fedora critical fix booth ticket management CVE-2024-3049 HMAC issue

Change Log

* Fri Jun 7 2024 Jan Friesse - 1.2-1 - New upstream release - auth: Check result of gcrypt gcry_md_get_algo_dlen (fixes CVE-2024-3049)

References


[ 1 ] Bug #2272082 - CVE-2024-3049 booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server https://bugzilla.redhat.com/show_bug.cgi?id=2272082

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-8a545718b1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: booth
Product: Fedora 40
Version: 1.2
Release: 1.fc40
URL: https://github.com/ClusterLabs/booth
Summary: Ticket Manager for Multi-site Clusters

Topics%20covered

Topics Covered

security advisory fedora critical fix booth ticket management CVE-2024-3049 HMAC issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here