红帽产品勘误 RHSA-2024:3657 - Security Advisory
发布:
2024-06-06
已更新:
2024-06-06

RHSA-2024:3657 - Security Advisory

概述

Important: booth security update

类型/严重性

Security Advisory: Important

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for booth is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

描述

The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one (granted) site at a time.

Security Fix(es):

  • booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat Enterprise Linux High Availability for x86_64 - Telecommunications Update Service 8.4 x86_64
  • Red Hat Enterprise Linux High Availability for x86_64 - Advanced Update Support 8.4 x86_64
  • Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Extension 8.4 x86_64

修复

  • BZ - 2272082 - CVE-2024-3049 booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server

Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 8.4

SRPM
booth-1.0-199.1.ac1d34c.git.el8_4.2.src.rpm SHA-256: 7322568a99291457c19fa51292dcef351137f7c1d271c540a8ee04e74edb93b6
ppc64le
booth-1.0-199.1.ac1d34c.git.el8_4.2.ppc64le.rpm SHA-256: d219c9802fc0a45399b6d4a598fa59ecd7341844f1a319a65b97bf9035b22513
booth-arbitrator-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: cfd4a19867738d099ba63fbc99d49f7bbd60bc5bab6011efe75fea5d126f8e30
booth-core-1.0-199.1.ac1d34c.git.el8_4.2.ppc64le.rpm SHA-256: eb1aeecc231bacdc0a5e4c43d7a5460e10aff8ae095056fef8bccb80c9368f37
booth-core-debuginfo-1.0-199.1.ac1d34c.git.el8_4.2.ppc64le.rpm SHA-256: e02203da1dffc820ef920e3c810abe63a03f5f1765e487b7c62f44d18f5cbc3c
booth-debugsource-1.0-199.1.ac1d34c.git.el8_4.2.ppc64le.rpm SHA-256: 7c5adacaf7213e86b6303e029633c1c3522ab1d61d6f72d702952c81135f1559
booth-site-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: bb910fa6d27df0605d33175c95d2f41014a4efb03da9045186f2a83dd9382757
booth-test-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: e20b6f0b5c29292225fd1f8dd08c14f7aaaf49a8086320a417f9461c586102cc

Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 8.4

SRPM
booth-1.0-199.1.ac1d34c.git.el8_4.2.src.rpm SHA-256: 7322568a99291457c19fa51292dcef351137f7c1d271c540a8ee04e74edb93b6
x86_64
booth-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: b6f3cf0cea1762947a721b304c71744938177cb3dedce1e68ddffaefb438fd99
booth-arbitrator-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: cfd4a19867738d099ba63fbc99d49f7bbd60bc5bab6011efe75fea5d126f8e30
booth-core-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 970a73d536b4f28c56cf51f6628aa1a9106c7eb5c94102f4f46d206202f9c955
booth-core-debuginfo-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 512b673361bf9c1c92c270f508bc20d2a78ef3da7dc8a32072d3fbeab4bb54da
booth-debugsource-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 447941ac2a7da677af5f6f56bf61d577803a97ff8314494793f59657ef79cd3f
booth-site-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: bb910fa6d27df0605d33175c95d2f41014a4efb03da9045186f2a83dd9382757
booth-test-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: e20b6f0b5c29292225fd1f8dd08c14f7aaaf49a8086320a417f9461c586102cc

Red Hat Enterprise Linux High Availability for x86_64 - Telecommunications Update Service 8.4

SRPM
booth-1.0-199.1.ac1d34c.git.el8_4.2.src.rpm SHA-256: 7322568a99291457c19fa51292dcef351137f7c1d271c540a8ee04e74edb93b6
x86_64
booth-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: b6f3cf0cea1762947a721b304c71744938177cb3dedce1e68ddffaefb438fd99
booth-arbitrator-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: cfd4a19867738d099ba63fbc99d49f7bbd60bc5bab6011efe75fea5d126f8e30
booth-core-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 970a73d536b4f28c56cf51f6628aa1a9106c7eb5c94102f4f46d206202f9c955
booth-core-debuginfo-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 512b673361bf9c1c92c270f508bc20d2a78ef3da7dc8a32072d3fbeab4bb54da
booth-debugsource-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 447941ac2a7da677af5f6f56bf61d577803a97ff8314494793f59657ef79cd3f
booth-site-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: bb910fa6d27df0605d33175c95d2f41014a4efb03da9045186f2a83dd9382757
booth-test-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: e20b6f0b5c29292225fd1f8dd08c14f7aaaf49a8086320a417f9461c586102cc

Red Hat Enterprise Linux High Availability for x86_64 - Advanced Update Support 8.4

SRPM
booth-1.0-199.1.ac1d34c.git.el8_4.2.src.rpm SHA-256: 7322568a99291457c19fa51292dcef351137f7c1d271c540a8ee04e74edb93b6
x86_64
booth-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: b6f3cf0cea1762947a721b304c71744938177cb3dedce1e68ddffaefb438fd99
booth-arbitrator-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: cfd4a19867738d099ba63fbc99d49f7bbd60bc5bab6011efe75fea5d126f8e30
booth-core-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 970a73d536b4f28c56cf51f6628aa1a9106c7eb5c94102f4f46d206202f9c955
booth-core-debuginfo-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 512b673361bf9c1c92c270f508bc20d2a78ef3da7dc8a32072d3fbeab4bb54da
booth-debugsource-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 447941ac2a7da677af5f6f56bf61d577803a97ff8314494793f59657ef79cd3f
booth-site-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: bb910fa6d27df0605d33175c95d2f41014a4efb03da9045186f2a83dd9382757
booth-test-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: e20b6f0b5c29292225fd1f8dd08c14f7aaaf49a8086320a417f9461c586102cc

Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Extension 8.4

SRPM
booth-1.0-199.1.ac1d34c.git.el8_4.2.src.rpm SHA-256: 7322568a99291457c19fa51292dcef351137f7c1d271c540a8ee04e74edb93b6
x86_64
booth-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: b6f3cf0cea1762947a721b304c71744938177cb3dedce1e68ddffaefb438fd99
booth-arbitrator-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: cfd4a19867738d099ba63fbc99d49f7bbd60bc5bab6011efe75fea5d126f8e30
booth-core-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 970a73d536b4f28c56cf51f6628aa1a9106c7eb5c94102f4f46d206202f9c955
booth-core-debuginfo-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 512b673361bf9c1c92c270f508bc20d2a78ef3da7dc8a32072d3fbeab4bb54da
booth-debugsource-1.0-199.1.ac1d34c.git.el8_4.2.x86_64.rpm SHA-256: 447941ac2a7da677af5f6f56bf61d577803a97ff8314494793f59657ef79cd3f
booth-site-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: bb910fa6d27df0605d33175c95d2f41014a4efb03da9045186f2a83dd9382757
booth-test-1.0-199.1.ac1d34c.git.el8_4.2.noarch.rpm SHA-256: e20b6f0b5c29292225fd1f8dd08c14f7aaaf49a8086320a417f9461c586102cc

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/