ClusterLabs/booth
Releases12
Frequency1 year 1 month
Last Release
Stars54
The Booth Cluster Ticket Manager
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 1.1 | 5.9 MEDIUM | — | ||
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. | ||||
| <= 1.0 | 6.5 MEDIUM | — | ||
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster. | ||||