SUSE-SU-2018:0987-1

Опубликовано: 19 апр. 2018

Источник: suse-cvrf

Описание

Security update for slurm

This update for slurm fixes the following issues:

Fix interaction with systemd: systemd expects that a daemonizing process doesn't go away until the PID file with it PID of the daemon has bee written (bsc#1084125).
Make sure systemd services get restarted only when all packages are in a consistent state, not in the middle of an 'update' transaction (bsc#1088693). Since the %postun scripts that run on update are from the old package they cannot be changed - thus we work around the restart breakage.
CVE-2018-7033: Fixed security issue in accounting_storage/mysql plugin by always escaping strings within the slurmdbd (bsc#1085240).

libpmi0-17.02.10-6.16.1

libslurm31-17.02.10-6.16.1

perl-slurm-17.02.10-6.16.1

slurm-17.02.10-6.16.1

slurm-auth-none-17.02.10-6.16.1

slurm-devel-17.02.10-6.16.1

slurm-doc-17.02.10-6.16.1

slurm-lua-17.02.10-6.16.1

slurm-munge-17.02.10-6.16.1

slurm-pam_slurm-17.02.10-6.16.1

slurm-plugins-17.02.10-6.16.1

slurm-sched-wiki-17.02.10-6.16.1

slurm-slurmdb-direct-17.02.10-6.16.1

slurm-slurmdbd-17.02.10-6.16.1

slurm-sql-17.02.10-6.16.1

slurm-torque-17.02.10-6.16.1

SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.

SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.10-6.16.1

SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.10-6.16.1

SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.10-6.16.1

SUSE Linux Enterprise Module for HPC 12:slurm-17.02.10-6.16.1