Overview

File U_19-Add-NEWS-for-CVE-2023-41914.patch of Package slurm.32313

From: Tim Wickberg <tim@schedmd.com>
Date: Wed Oct 11 12:45:25 2023 -0600
Subject: [PATCH 19/19]Add NEWS for CVE-2023-41914.
Patch-mainline: Upstream
Git-repo: https://github.com/SchedMD/slurm
Git-commit: dcaf435138294c5f458fa880a50722e495bd73d1
References: bsc#1216207
Signed-off-by: Egbert Eich <eich@suse.de>

Preceeding commits close a number of race conditions that could let
an attacker take control of an arbitrary file, or remove entire
directories' contents.
---
 NEWS | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/NEWS b/NEWS
index 384e1c884a..cbeb64d61d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,12 @@
 This file describes changes in recent versions of Slurm. It primarily
 documents those changes that are of interest to users and administrators.
 
+* Backported changes
+====================
+ -- Fix filesystem handling race conditions that could lead to an attacker
+    taking control of an arbitrary file, or removing entire directories'
+    contents. CVE-2023-41914.
+
 * Changes in Slurm 20.11.9
 ==========================
  -- burst_buffer - add missing common directory to the Makefile SUBDIRS.
openSUSE Build Service is sponsored by
Places