booth security update

2024-06-1413:59:33

Rockylinux Product Errata

errata.rockylinux.org

rocky linux 8

cve-2024-3049

cvss base score

pacemaker cluster

distributed consensus-based service

high availability clusters

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

35.1%

JSON

An update is available for booth.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The Booth cluster ticket manager is a component to bridge high availability
clusters spanning multiple sites, in particular, to provide decision inputs to
local Pacemaker cluster resource managers. It operates as a distributed
consensus-based service, presumably on a separate physical network. Tickets
facilitated by a Booth formation are the units of authorization that can be
bound to certain resources. This will ensure that the resources are run at only
one (granted) site at a time.

Security Fix(es):

booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky8aarch64booth< 1.1-1.el8_10.1booth-0:1.1-1.el8_10.1.aarch64.rpm
rocky8x86_64booth< 1.1-1.el8_10.1booth-0:1.1-1.el8_10.1.x86_64.rpm
rocky8noarchbooth-arbitrator< 1.1-1.el8_10.1booth-arbitrator-0:1.1-1.el8_10.1.noarch.rpm
rocky8aarch64booth-core< 1.1-1.el8_10.1booth-core-0:1.1-1.el8_10.1.aarch64.rpm
rocky8x86_64booth-core< 1.1-1.el8_10.1booth-core-0:1.1-1.el8_10.1.x86_64.rpm
rocky8aarch64booth-core-debuginfo< 1.1-1.el8_10.1booth-core-debuginfo-0:1.1-1.el8_10.1.aarch64.rpm
rocky8x86_64booth-core-debuginfo< 1.1-1.el8_10.1booth-core-debuginfo-0:1.1-1.el8_10.1.x86_64.rpm
rocky8aarch64booth-debugsource< 1.1-1.el8_10.1booth-debugsource-0:1.1-1.el8_10.1.aarch64.rpm
rocky8x86_64booth-debugsource< 1.1-1.el8_10.1booth-debugsource-0:1.1-1.el8_10.1.x86_64.rpm
rocky8noarchbooth-site< 1.1-1.el8_10.1booth-site-0:1.1-1.el8_10.1.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	aarch64	booth	< 1.1-1.el8_10.1	booth-0:1.1-1.el8_10.1.aarch64.rpm
rocky	8	x86_64	booth	< 1.1-1.el8_10.1	booth-0:1.1-1.el8_10.1.x86_64.rpm
rocky	8	noarch	booth-arbitrator	< 1.1-1.el8_10.1	booth-arbitrator-0:1.1-1.el8_10.1.noarch.rpm
rocky	8	aarch64	booth-core	< 1.1-1.el8_10.1	booth-core-0:1.1-1.el8_10.1.aarch64.rpm
rocky	8	x86_64	booth-core	< 1.1-1.el8_10.1	booth-core-0:1.1-1.el8_10.1.x86_64.rpm
rocky	8	aarch64	booth-core-debuginfo	< 1.1-1.el8_10.1	booth-core-debuginfo-0:1.1-1.el8_10.1.aarch64.rpm
rocky	8	x86_64	booth-core-debuginfo	< 1.1-1.el8_10.1	booth-core-debuginfo-0:1.1-1.el8_10.1.x86_64.rpm
rocky	8	aarch64	booth-debugsource	< 1.1-1.el8_10.1	booth-debugsource-0:1.1-1.el8_10.1.aarch64.rpm
rocky	8	x86_64	booth-debugsource	< 1.1-1.el8_10.1	booth-debugsource-0:1.1-1.el8_10.1.x86_64.rpm
rocky	8	noarch	booth-site	< 1.1-1.el8_10.1	booth-site-0:1.1-1.el8_10.1.noarch.rpm