ClusterLabs/booth

ClusterLabs/booth

Releases12
Frequency1 year 1 month
Last Release
Stars54
The Booth Cluster Ticket Manager

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 1.15.9 MEDIUM

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

<= 1.06.5 MEDIUM

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.