Oval Definition:oval:org.opensuse.security:def:67420
Revision Date:2021-07-27Version:1
Title:Security update for slurm (Important)
Description:

This update for slurm fixes the following issues:

Updated to 20.11.7

Summary of new features:

CVE-2021-31215: Fixed a remote code execution as SlurmUser (bsc#1186024). * slurmd - handle configless failures gracefully instead of hanging indefinitely. * select/cons_tres - fix Dragonfly topology not selecting nodes in the same leaf switch when it should as well as requests with *-switches option. * Fix issue where certain step requests wouldn't run if the first node in the job allocation was full and there were idle resources on other nodes in the job allocation. * Fix deadlock issue with Slurmctld. * torque/qstat - fix printf error message in output. * When adding associations or wckeys avoid checking multiple times a user or cluster name. * Fix wrong jobacctgather information on a step on multiple nodes due to timeouts sending its the information gathered on its node. * Fix missing xstrdup which could result in slurmctld segfault on array jobs. * Fix security issue in PrologSlurmctld and EpilogSlurmctld by always prepending SPANK_ to all user-set environment variables. CVE-2021-31215. * Fix sacct assert with the --qos option. * Use pkg-config --atleast-version instead of --modversion for systemd. * common/fd - fix getsockopt() call in fd_get_socket_error(). * Properly handle the return from fd_get_socket_error() in _conn_readable(). * cons_res - Fix issue where running jobs were not taken into consideration when creating a reservation. * Avoid a deadlock between job_list for_each and assoc QOS_LOCK. * Fix TRESRunMins usage for partition qos on restart/reconfig. * Fix printing of number of tasks on a completed job that didn't request tasks. * Fix updating GrpTRESRunMins when decrementing job time is bigger than it. * Make it so we handle multithreaded allocations correctly when doing --exclusive or --core-spec allocations. * Fix incorrect round-up division in _pick_step_cores * Use appropriate math to adjust cpu counts when --ntasks-per-core=1. * cons_tres - Fix consideration of power downed nodes. * cons_tres - Fix DefCpuPerGPU, increase cpus-per-task to match with gpus-per-task * cpus-per-gpu. * Fix under-cpu memory auto-adjustment when MaxMemPerCPU is set. * Make it possible to override CR_CORE_DEFAULT_DIST_BLOCK. * Perl API - fix retrieving/storing of slurm_step_id_t in job_step_info_t. * Recover state of burst buffers when slurmctld is restarted to avoid skipping burst buffer stages. * Fix race condition in burst buffer plugin which caused a burst buffer in stage-in to not get state saved if slurmctld stopped. * auth/jwt - print an error if jwt_file= has not been set in slurmdbd. * Fix RESV_DEL_HOLD not being a valid state when using squeue --states. * Add missing squeue selectable states in valid states error message. * Fix scheduling last array task multiple times on error, causing segfault. * Fix issue where a step could be allocated more memory than the job when dealing with --mem-per-cpu and --threads-per-core. * Fix removing qos from assoc with -= can lead to assoc with no qos * auth/jwt - fix segfault on invalid credential in slurmdbd due to missing validate_slurm_user() function in context. * Fix single Port= not being applied to range of nodes in slurm.conf * Fix Jobs not requesting a tres are not starting because of that tres limit. * acct_gather_energy/rapl - fix AveWatts calculation. * job_container/tmpfs - Fix issues with cleanup and slurmd restarting on running jobs.
Family:unixClass:patch
Status:Reference(s):1065600
1065729
1071995
1085030
1120163
1133021
1149032
1152472
1152489
1154353
1154492
1155518
1156395
1159058
1160634
1167773
1169790
1171634
1171688
1172108
1172197
1172247
1172418
1172871
1172963
1173468
1173485
1173798
1173813
1173954
1174002
1174003
1174026
1174321
1174387
1174484
1174625
1174645
1174689
1174699
1174737
1174757
1174762
1174770
1174771
1174777
1174805
1174824
1174825
1174852
1174865
1174880
1174897
1174906
1174969
1175009
1175010
1175011
1175012
1175013
1175014
1175015
1175016
1175017
1175018
1175019
1175020
1175021
1175052
1175112
1175116
1175128
1175149
1175175
1175176
1175180
1175181
1175182
1175183
1175184
1175185
1175186
1175187
1175188
1175189
1175190
1175191
1175192
1175195
1175199
1175213
1175232
1175263
1175284
1175296
1175344
1175345
1175346
1175347
1175367
1175377
1175440
1175493
1175546
1175550
1175654
1175691
1175768
1175769
1175770
1175771
1175772
1175774
1175775
1175834
1175873
1180700
1186024
CVE-2020-14314
CVE-2020-14356
CVE-2020-15103
CVE-2020-16166
CVE-2021-31215
SUSE-SU-2020:2408-1
SUSE-SU-2020:2485-1
SUSE-SU-2021:2473-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Public Cloud 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP3 is installed
  • AND Package Information
  • libnss_slurm2-20.11.7-4.3.1 is installed
  • OR libpmi0-20.11.7-4.3.1 is installed
  • OR libslurm36-20.11.7-4.3.1 is installed
  • OR perl-slurm-20.11.7-4.3.1 is installed
  • OR slurm-20.11.7-4.3.1 is installed
  • OR slurm-auth-none-20.11.7-4.3.1 is installed
  • OR slurm-config-20.11.7-4.3.1 is installed
  • OR slurm-config-man-20.11.7-4.3.1 is installed
  • OR slurm-devel-20.11.7-4.3.1 is installed
  • OR slurm-doc-20.11.7-4.3.1 is installed
  • OR slurm-lua-20.11.7-4.3.1 is installed
  • OR slurm-munge-20.11.7-4.3.1 is installed
  • OR slurm-node-20.11.7-4.3.1 is installed
  • OR slurm-pam_slurm-20.11.7-4.3.1 is installed
  • OR slurm-plugins-20.11.7-4.3.1 is installed
  • OR slurm-rest-20.11.7-4.3.1 is installed
  • OR slurm-slurmdbd-20.11.7-4.3.1 is installed
  • OR slurm-sql-20.11.7-4.3.1 is installed
  • OR slurm-sview-20.11.7-4.3.1 is installed
  • OR slurm-torque-20.11.7-4.3.1 is installed
  • OR slurm-webdoc-20.11.7-4.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • AND Package Information
  • kernel-azure-5.3.18-18.15 is installed
  • OR kernel-azure-devel-5.3.18-18.15 is installed
  • OR kernel-devel-azure-5.3.18-18.15 is installed
  • OR kernel-source-azure-5.3.18-18.15 is installed
  • OR kernel-syms-azure-5.3.18-18.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • freerdp-2.1.2-15.10 is installed
  • OR freerdp-devel-2.1.2-15.10 is installed
  • OR libfreerdp2-2.1.2-15.10 is installed
  • OR libwinpr2-2.1.2-15.10 is installed
  • OR winpr2-devel-2.1.2-15.10 is installed
    • BACK