VYPR

rpm package

suse/booth&distro=SUSE Linux Enterprise High Availability Extension 15 SP2

pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2

Vulnerabilities (2)

  • CVE-2024-3049Jun 6, 2024
    affected < 1.0-150100.11.6.1fixed 1.0-150100.11.6.1

    A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

  • CVE-2022-2553Jul 28, 2022
    affected < 1.0-150100.11.3.1fixed 1.0-150100.11.3.1

    The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.