SUSE-SU-2024:2041-1

Опубликовано: 17 июн. 2024

Источник: suse-cvrf

Описание

Security update for booth

This update for booth fixes the following issues:

CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server. (bsc#1226032)

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP2

booth-1.0-150100.11.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242041-1/
Link for SUSE-SU-2024:2041-1
https://lists.suse.com/pipermail/sle-updates/2024-June/035598.html
E-Mail link for SUSE-SU-2024:2041-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1226032
SUSE Bug 1226032
https://www.suse.com/security/cve/CVE-2024-3049/
SUSE CVE CVE-2024-3049 page

Описание

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

Затронутые продукты

SUSE Linux Enterprise High Availability Extension 15 SP2:booth-1.0-150100.11.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-3049.html
CVE-2024-3049
https://bugzilla.suse.com/1226032
SUSE Bug 1226032

SUSE-SU-2024:2041-1

Описание

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP2

Ссылки

Уязвимость: CVE-2024-3049

Описание

Затронутые продукты

Ссылки