File U_19-Add-NEWS-for-CVE-2023-41914.patch of Package slurm.38903
From: Tim Wickberg <tim@schedmd.com> Date: Wed Oct 11 12:45:25 2023 -0600 Subject: [PATCH 19/19]Add NEWS for CVE-2023-41914. Patch-mainline: Upstream Git-repo: https://github.com/SchedMD/slurm Git-commit: dcaf435138294c5f458fa880a50722e495bd73d1 References: bsc#1216207 Signed-off-by: Egbert Eich <eich@suse.de> Preceeding commits close a number of race conditions that could let an attacker take control of an arbitrary file, or remove entire directories' contents. --- NEWS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/NEWS b/NEWS index 384e1c884a..cbeb64d61d 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,12 @@ This file describes changes in recent versions of Slurm. It primarily documents those changes that are of interest to users and administrators. +* Backported changes +==================== + -- Fix filesystem handling race conditions that could lead to an attacker + taking control of an arbitrary file, or removing entire directories' + contents. CVE-2023-41914. + * Changes in Slurm 20.11.9 ========================== -- burst_buffer - add missing common directory to the Makefile SUBDIRS.




