| Revision Date: | 2020-01-16 | Version: | 1 |
| Title: | Security update for slurm (Important) |
| Description: |
This update for slurm to version 18.08.9 fixes the following issues:
Security issues fixed:
- CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects (bsc#1159692). - CVE-2019-12838: Fixed SchedMD Slurm SQL Injection issue (bnc#1140709). - CVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784). Bug fixes:
- Fix ownership of /var/spool/slurm on new installations and upgrade (bsc#1158696). - Fix %posttrans macro _res_update to cope with added newline (bsc#1153259). - Move srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work. 'slurm-node' is a requirement when 'slurm' is installed (bsc#1153095).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1140709
1153095
1153259
1155784
1158696
1159692
CVE-2019-12838
CVE-2019-19727
CVE-2019-19728
SUSE-SU-2020:0110-1
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
| Product(s): | |