Overview

File _patchinfo of Package patchinfo.14855

<patchinfo incident="14855">
  <issue tracker="cve" id="2020-12693"/>
  <issue tracker="bnc" id="1172004">VUL-0: CVE-2020-12693: slurm: Authentication Bypass via an Alternate Path or Channel when Message Aggregation is enabled</issue>
  <packager>eeich</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for slurm_18_08</summary>
  <description>This update for slurm_18_08 fixes the following issues:

- Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693
  This fixes and issue where authentication could be bypassed via an alternate
  path or channel when message Aggregation was enabled.
  A race condition allowed a user to launch a process as an arbitrary user.
  (CVE-2020-12693, bsc#1172004).
  Add: Fix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020-12693.patch
- Remove unneeded build dependency to postgresql-devel.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places