ALSA-2022:6439

[ALSA-2022:6439] Moderate: booth security update

Type:

security

Severity:

moderate

Release date:

2022-10-11

Description:

The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one (granted) site at a time.

Security Fix(es):

* booth: authfile directive in booth config file is completely ignored. (CVE-2022-2553)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	booth-1.0-199.1.ac1d34c.git.el8_6.1.aarch64.rpm	52952f4a3aa45cc166a1bcfa3bc2e0c19a9a027d3e3e0e5c88a8b578dfcbf582
aarch64	booth-core-1.0-199.1.ac1d34c.git.el8_6.1.aarch64.rpm	ea76cddf44aa6e04d731315393c832fc1069c792a84ee45a02bac468baa10395
noarch	booth-arbitrator-1.0-199.1.ac1d34c.git.el8_6.1.noarch.rpm	01c0dac9a8f42077035f4e5c03b5449c69c6f6a9c80ae995d05dcde15ca8a6a7
noarch	booth-site-1.0-199.1.ac1d34c.git.el8_6.1.noarch.rpm	49521ed948e3e12ec2970897efe740f7dca8ad85091475b4e3edb8c07cacdc45
noarch	booth-test-1.0-199.1.ac1d34c.git.el8_6.1.noarch.rpm	9ba23dd05371c3e52f54f1a8d5ad6d78a1fb9a9aabf50b24d14888b0d7679a41
ppc64le	booth-core-1.0-199.1.ac1d34c.git.el8_6.1.ppc64le.rpm	aecbb48e0267f9b4510b6b7c1d8c39bc0e07d3ac5ea018942e211ea2e86a0c74
ppc64le	booth-1.0-199.1.ac1d34c.git.el8_6.1.ppc64le.rpm	e30bc7bd8e06f0a9099fb3f56d00fc7e98ff7b49f2182de9969adfd9818a86b5
s390x	booth-core-1.0-199.1.ac1d34c.git.el8_6.1.s390x.rpm	ee6c5196d65b4c57660a299d2c978f100206b827ba9444c2b3c04d608e2a2015
s390x	booth-1.0-199.1.ac1d34c.git.el8_6.1.s390x.rpm	fa1fe771e8d2194a798c3ef46eef07e2edd0d9615027c1402219eaf7949e7406
x86_64	booth-1.0-199.1.ac1d34c.git.el8_6.1.x86_64.rpm	2e71fb1e508c8c10312e13afcdf9ff73ecd9a03e0b548212b70e444a3e424d22
x86_64	booth-core-1.0-199.1.ac1d34c.git.el8_6.1.x86_64.rpm	6cb463df1514d39c170f01d50201e2d76fdd4d6b9046f244eaf91fa3f489f785

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.