Search CVE reports
1 – 2 of 2 results
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
1 affected package
booth
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| booth | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 2 of 11
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented...
1 affected package
booth
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| booth | Needs evaluation | Fixed | Fixed | Needs evaluation |