Overview

File _patchinfo of Package patchinfo.7760

<patchinfo incident="7760">
  <issue tracker="bnc" id="1095508">VUL-0: CVE-2018-10995: slurm: Insecure handling of username and gid fields</issue>
  <issue tracker="cve" id="2018-10995"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>eeich</packager>
  <description>This update for slurm to version 17.11.7 fixes the following issues:

This security issue was fixed:

- CVE-2018-10995: Ensure correct handling of user names and group ids (bsc#1095508).

These non-security issues were fixed:

- CRAY - Add slurmsmwd to the contribs/cray dir
- PMIX - Added the direct connect authentication.
- Prevent the backup slurmctld from losing the active/available node features
  list on takeover.
- Be able to force power_down of cloud node even if in power_save state.
- Allow cloud nodes to be recognized in Slurm when booted out of band.
- Notify srun and ctld when unkillable stepd exits.
- Fixes daemoniziation in newly introduced slurmsmwd daemon.
</description>
  <summary>Security update for slurm</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places