Overview

File _patchinfo of Package patchinfo.13672

<patchinfo incident="13672">
  <issue tracker="jsc" id="SLE-7341"/>
  <issue tracker="jsc" id="SLE-7342"/>
  <issue tracker="bnc" id="1158798">[TRACKERBUG, HPC, pdsh] jsc#SLE-7341 [ECO] Provide SLURM version 18.08</issue>
  <issue tracker="bnc" id="1158709">[TRACKERBUG, HPC, SLURM] jsc#SLE-7341 Provide SLURM 18.08</issue>
  <issue tracker="bnc" id="1155784">VUL-0: CVE-2019-19727: slurm: slurmdbd: slurmdbd.conf has an insecure Permission by default</issue>
  <issue tracker="bnc" id="1159692">VUL-0: CVE-2019-19728: slurm: [HPC,SLURM,CVE-2019-19728] Due to Race srun may run as User root</issue>
  <issue tracker="bnc" id="1095508">VUL-0: CVE-2018-10995: slurm: Insecure handling of username and gid fields</issue>
  <issue tracker="bnc" id="1065697">VUL-0: CVE-2017-15566: slurm problem</issue>
  <issue tracker="bnc" id="1140709">VUL-0: CVE-2019-12838: slurm: 19.05.1 and 18.08.8 release</issue>
  <issue tracker="bnc" id="1123304">VUL-1: CVE-2019-6438: slurm: 18.08.5 and 17.11.13</issue>
  <issue tracker="bnc" id="1018371">VUL-0: CVE-2016-10030: slurm: prolog failure vulnerability</issue>
  <issue tracker="bnc" id="1085240">VUL-0: CVE-2018-7033: slurm: security release 17.02.10, and 17.11.5</issue>
  <issue tracker="cve" id="2019-12838"/>
  <issue tracker="cve" id="2017-15566"/>
  <issue tracker="cve" id="2019-19728"/>
  <issue tracker="cve" id="2018-10995"/>
  <issue tracker="cve" id="2019-19727"/>
  <issue tracker="cve" id="2019-6438"/>
  <issue tracker="cve" id="2018-7033"/>
  <issue tracker="cve" id="2016-10030"/>
  <packager>eeich</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for pdsh, slurm_18_08</summary>
  <description>This update for pdsh, slurm_18_08 fixes the following issues:

Slurm was included in the 18.08 release, as "slurm_18_08" package. The version 18.08.9 contains all recent security fixes, including:

- CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects (bsc#1159692).
- CVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).

pdsh was updated to:

- Add support for an alternative SLURM version when building the
  slurm plugin.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places