it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5777-1] booth security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5777-1] booth security update
Date: Fri, 27 Sep 2024 16:12:38 +0000
Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/ZvbZdqqT17IOj+OK AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=TZ9bWypbYQFQttJfDauGW8PbvwxHAPze3KwsdruWQ4A=; b=lr 8pzeTelUVySCRMEkUel+sm6sYwub8lhHdptQ2K6en/AmqJMhGRU8O7Sk4osDVGtQA50ZJYm3i97NW HT3bA60fNb3Nt7Zr2bDsrsWEEv9OaJrBPqXX3xSiIxB5XPTKCxzKQtaEu61132hfxFBUap4FJrejZ hsYxqYDaC+sLNz9x4P82whBCAn7oKbaizuaqeYFT5Xc2oRUSwm4yV8ih6NGt1Lh29HhSxbc9ndmKL Mdr7IgR7HzgA6/trzwVE24fa9H3aDNG0i23FyPkONjTSYYkS3qOvHIB777o9cIUeOTOPwGBUqSBl/ ZXiZQO5hZmvJUZ+pwc+73u0Z2caOVDwA==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 27 Sep 2024 16:13:12 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <yLjgwo6C6r.A.ssII.Ymt9mB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5777-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 27, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : booth
CVE ID : CVE-2024-3049

It was discovered that the Booth cluster ticket manager failed to
correctly validate some authentication hashes.

For the stable distribution (bookworm), this problem has been fixed in
version 1.0-283-g9d4029a-2+deb12u1.

We recommend that you upgrade your booth packages.

For the detailed security status of booth please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/booth

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmb22HgACgkQEMKTtsN8
TjZI6Q//QX5bGCCAzOJDo9KTp8iixUenBrznfyctVZ0pFVKAIP3ENACkW0rMH+Sw
GBIsIJRCQwdBbSYV1Jn3F2i7wvMby2HUhabMsnorM49lC0ptoz6HZ6iKWcIvZwRF
vDmFPnCEfVVbGZy+6NkQMNDQb0PzbKtGT70L/E3Iss3Dtpknd97tNu4urJTleSG8
ZkrM3QkXs/4IPluEYTrnoJHXR7sJ5GyqPBRZnLn7Lwx3bPesN7E7Zz5UClyMr6iO
teExKLY/Vfjh507818eaVHRcoEDSElZjb//93RzyOuGpUNnwCNKLkwsGIlmsFfmC
0ikzeO9eDe1y6EvpY7/xAWneoxGnX9CKjcwUVD0Kqq7hHnpxP/506Alp38D07tWn
s+Yz7SeK4RSIDIzwb0gCLmt22eE6t/3cZxR1RE9qk1hWwuV/YdB8WyYqPz410myN
JO2IFWg9NzGP5zOWtuyytzOZTEHkLvNp5i4ktIU16Y4tLvstgSnNUoSHImr6YXrC
hOVWmqvqif3UurHCctHfmZVkjMFmFcKPjOFOQ3TNEuDAT3PtUNGs5aSEVMhtMvUp
oPYLRVxRYKSqP61rwUoyPlaOB39vtraKdMiTvjm8VNUS655lPB/VOZibVhI8+ym4
/H7mXtJXBN8LsdVx4+Nnr2wc4ZFtVXUGdyChER8+VmfLDtfwkZk=
=futv
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5777-1] booth security update, Moritz Muehlenhoff, 27.09.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.