File _patchinfo of Package patchinfo.13672
<patchinfo incident="13672">
<issue tracker="jsc" id="SLE-7341"/>
<issue tracker="jsc" id="SLE-7342"/>
<issue tracker="bnc" id="1158798">[TRACKERBUG, HPC, pdsh] jsc#SLE-7341 [ECO] Provide SLURM version 18.08</issue>
<issue tracker="bnc" id="1158709">[TRACKERBUG, HPC, SLURM] jsc#SLE-7341 Provide SLURM 18.08</issue>
<issue tracker="bnc" id="1155784">VUL-0: CVE-2019-19727: slurm: slurmdbd: slurmdbd.conf has an insecure Permission by default</issue>
<issue tracker="bnc" id="1159692">VUL-0: CVE-2019-19728: slurm: [HPC,SLURM,CVE-2019-19728] Due to Race srun may run as User root</issue>
<issue tracker="bnc" id="1095508">VUL-0: CVE-2018-10995: slurm: Insecure handling of username and gid fields</issue>
<issue tracker="bnc" id="1065697">VUL-0: CVE-2017-15566: slurm problem</issue>
<issue tracker="bnc" id="1140709">VUL-0: CVE-2019-12838: slurm: 19.05.1 and 18.08.8 release</issue>
<issue tracker="bnc" id="1123304">VUL-1: CVE-2019-6438: slurm: 18.08.5 and 17.11.13</issue>
<issue tracker="bnc" id="1018371">VUL-0: CVE-2016-10030: slurm: prolog failure vulnerability</issue>
<issue tracker="bnc" id="1085240">VUL-0: CVE-2018-7033: slurm: security release 17.02.10, and 17.11.5</issue>
<issue tracker="cve" id="2019-12838"/>
<issue tracker="cve" id="2017-15566"/>
<issue tracker="cve" id="2019-19728"/>
<issue tracker="cve" id="2018-10995"/>
<issue tracker="cve" id="2019-19727"/>
<issue tracker="cve" id="2019-6438"/>
<issue tracker="cve" id="2018-7033"/>
<issue tracker="cve" id="2016-10030"/>
<packager>eeich</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for pdsh, slurm_18_08</summary>
<description>This update for pdsh, slurm_18_08 fixes the following issues:
Slurm was included in the 18.08 release, as "slurm_18_08" package. The version 18.08.9 contains all recent security fixes, including:
- CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects (bsc#1159692).
- CVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).
pdsh was updated to:
- Add support for an alternative SLURM version when building the
slurm plugin.
</description>
</patchinfo>