[security-announce] openSUSE-SU-2018:1955-1: moderate: Security update for slurm
openSUSE Security Update: Security update for slurm ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1955-1 Rating: moderate References: #1095508 #1100850 Cross-References: CVE-2018-10995 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for slurm to version 17.11.7 fixes the following issues: This security issue was fixed: - CVE-2018-10995: Ensure correct handling of user names and group ids (bsc#1095508). These non-security issues were fixed: - CRAY - Add slurmsmwd to the contribs/cray dir - PMIX - Added the direct connect authentication. - Prevent the backup slurmctld from losing the active/available node features list on takeover. - Be able to force power_down of cloud node even if in power_save state. - Allow cloud nodes to be recognized in Slurm when booted out of band. - Notify srun and ctld when unkillable stepd exits. - Fixes daemoniziation in newly introduced slurmsmwd daemon. The following tracked packaging changes are included: - avoid postun error in libpmi0 (bsc#1100850) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-729=1 Package List: - openSUSE Leap 15.0 (x86_64): libpmi0-17.11.7-lp150.5.7.1 libpmi0-debuginfo-17.11.7-lp150.5.7.1 libslurm32-17.11.7-lp150.5.7.1 libslurm32-debuginfo-17.11.7-lp150.5.7.1 perl-slurm-17.11.7-lp150.5.7.1 perl-slurm-debuginfo-17.11.7-lp150.5.7.1 slurm-17.11.7-lp150.5.7.1 slurm-auth-none-17.11.7-lp150.5.7.1 slurm-auth-none-debuginfo-17.11.7-lp150.5.7.1 slurm-config-17.11.7-lp150.5.7.1 slurm-debuginfo-17.11.7-lp150.5.7.1 slurm-debugsource-17.11.7-lp150.5.7.1 slurm-devel-17.11.7-lp150.5.7.1 slurm-doc-17.11.7-lp150.5.7.1 slurm-lua-17.11.7-lp150.5.7.1 slurm-lua-debuginfo-17.11.7-lp150.5.7.1 slurm-munge-17.11.7-lp150.5.7.1 slurm-munge-debuginfo-17.11.7-lp150.5.7.1 slurm-node-17.11.7-lp150.5.7.1 slurm-node-debuginfo-17.11.7-lp150.5.7.1 slurm-openlava-17.11.7-lp150.5.7.1 slurm-pam_slurm-17.11.7-lp150.5.7.1 slurm-pam_slurm-debuginfo-17.11.7-lp150.5.7.1 slurm-plugins-17.11.7-lp150.5.7.1 slurm-plugins-debuginfo-17.11.7-lp150.5.7.1 slurm-seff-17.11.7-lp150.5.7.1 slurm-sjstat-17.11.7-lp150.5.7.1 slurm-slurmdbd-17.11.7-lp150.5.7.1 slurm-slurmdbd-debuginfo-17.11.7-lp150.5.7.1 slurm-sql-17.11.7-lp150.5.7.1 slurm-sql-debuginfo-17.11.7-lp150.5.7.1 slurm-sview-17.11.7-lp150.5.7.1 slurm-sview-debuginfo-17.11.7-lp150.5.7.1 slurm-torque-17.11.7-lp150.5.7.1 slurm-torque-debuginfo-17.11.7-lp150.5.7.1 References: https://www.suse.com/security/cve/CVE-2018-10995.html https://bugzilla.suse.com/1095508 https://bugzilla.suse.com/1100850 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
participants (1)
-
opensuse-security@opensuse.org