First published: Thu Mar 28 2024(Updated: )
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/booth | <1.1 | 1.1 |
Clusterlabs Booth | <1.1 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
Redhat Enterprise Linux Eus | =8.4 | |
Redhat Enterprise Linux Eus | =8.8 | |
Redhat Enterprise Linux Eus | =9.2 | |
Redhat Enterprise Linux For Arm 64 | =8.0_aarch64 | |
Redhat Enterprise Linux For Arm 64 | =8.8_aarch64 | |
Redhat Enterprise Linux For Arm 64 | =9.2_aarch64 | |
Redhat Enterprise Linux For Arm 64 | =9.4_aarch64 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0_s390x | |
Redhat Enterprise Linux For Ibm Z Systems | =9.2_s390x | |
Redhat Enterprise Linux For Ibm Z Systems | =9.4_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =8.8_s390x | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.0_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.4_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.8_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =9.2_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =9.4_ppc64le | |
Redhat Enterprise Linux Server Update Services For Sap Solutions | =8.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.