[SECURITY] [DLA 3894-1] booth security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3894-1] booth security update
From: Adrian Bunk <bunk@debian.org>
Date: Tue, 24 Sep 2024 18:52:23 +0300
Message-id: <ZvLgN/Ggh3wcR7S1@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3894-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
September 24, 2024                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : booth
Version        : 1.0-237-gdd88847-2+deb11u2
CVE ID         : CVE-2024-3049
Debian Bug     : 1073249

Invalid HMAC could have been accepted in the Booth Cluster Ticket 
Manager.

For Debian 11 bullseye, this problem has been fixed in version
1.0-237-gdd88847-2+deb11u2.

We recommend that you upgrade your booth packages.

For the detailed security status of booth please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/booth

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmby4DcACgkQiNJCh6LY
mLE0JBAAmX4FdqonY9ThcezG4G7MF8eE0345WnNhKsTnXJ8B9ZyO+roOU4QvxlDE
FuP8UiXCWddrtHtX6lbapJK2lzOJcn4uVWAzbt42LyMZOjqx7d6yjiGPL7QUUa/v
afGKWtUk8cJL17uI8uV9ymZ7/DRU5ZfB0g/PcMfyB5+w/2VuMs1OH80IOleHCrmm
XGpjiYFMx54oKqmPdQ14mGOmGkZCw2z1EAHU2FwEuFDMimYr0M8E/y+6MQpnN6Qs
PR5Vdpca1rLpXcFdZ5JZg/XD8tGDhg/kUM29pVBQPJaYO4AUjTmrSTaEA9Lz5ZVe
G/yAUF8CgpcZ1LzEzNV0vbj4OBbnVqi4StdfXWUxmBGF4efQpFR4/CjYy3REhJgg
mBJrawOqiajsgDZd6vpWElXR1EorQj485d+7m3eoU5FS241fuk8VXTaf9AwsSZu8
SH88480+GbL4oCTjP21M94bgrojuh82mY+02w5/xPqJKZCwBhS5iU/ppjMh4PCJD
ltE0RbuNNQawT6VAyZ4GoMTkTMzZemmTes/885JoxqESyn9at0k8TRUId8vG8iOc
RN4PYKml4zBaeGeHAdI4wzBzet2mYDZlWlp2bMHXxvzTBxIthQHEclwuhLlGrKe+
2IjbHE/Gc2YIfT5EVX74YAwdbPwEX1VACMRjlxVEZhO0ijAAk/s=
=CmT7
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3893-1] expat security update
Next by Date: [SECURITY] [DLA 3895-1] puredata security update
Previous by thread: [SECURITY] [DLA 3893-1] expat security update
Next by thread: [SECURITY] [DLA 3895-1] puredata security update
Index(es):
- Date
- Thread