SUSE-SU-2021:1811-1

Опубликовано: 31 мая 2021

Источник: suse-cvrf

Описание

Security update for slurm

This update for slurm fixes the following issues:

CVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024)

Список пакетов

Image SLES15-SP1-EC2-HPC-HVM-BYOS

libslurm33-18.08.9-3.19.1

slurm-18.08.9-3.19.1

slurm-config-18.08.9-3.19.1

slurm-node-18.08.9-3.19.1

slurm-plugins-18.08.9-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libpmi0-18.08.9-3.19.1

libslurm33-18.08.9-3.19.1

perl-slurm-18.08.9-3.19.1

slurm-18.08.9-3.19.1

slurm-auth-none-18.08.9-3.19.1

slurm-config-18.08.9-3.19.1

slurm-config-man-18.08.9-3.19.1

slurm-devel-18.08.9-3.19.1

slurm-doc-18.08.9-3.19.1

slurm-lua-18.08.9-3.19.1

slurm-munge-18.08.9-3.19.1

slurm-node-18.08.9-3.19.1

slurm-pam_slurm-18.08.9-3.19.1

slurm-plugins-18.08.9-3.19.1

slurm-slurmdbd-18.08.9-3.19.1

slurm-sql-18.08.9-3.19.1

slurm-sview-18.08.9-3.19.1

slurm-torque-18.08.9-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libpmi0-18.08.9-3.19.1

libslurm33-18.08.9-3.19.1

perl-slurm-18.08.9-3.19.1

slurm-18.08.9-3.19.1

slurm-auth-none-18.08.9-3.19.1

slurm-config-18.08.9-3.19.1

slurm-config-man-18.08.9-3.19.1

slurm-devel-18.08.9-3.19.1

slurm-doc-18.08.9-3.19.1

slurm-lua-18.08.9-3.19.1

slurm-munge-18.08.9-3.19.1

slurm-node-18.08.9-3.19.1

slurm-pam_slurm-18.08.9-3.19.1

slurm-plugins-18.08.9-3.19.1

slurm-slurmdbd-18.08.9-3.19.1

slurm-sql-18.08.9-3.19.1

slurm-sview-18.08.9-3.19.1

slurm-torque-18.08.9-3.19.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20211811-1/
Link for SUSE-SU-2021:1811-1
https://lists.suse.com/pipermail/sle-security-updates/2021-May/008891.html
E-Mail link for SUSE-SU-2021:1811-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186024
SUSE Bug 1186024
https://www.suse.com/security/cve/CVE-2021-31215/
SUSE CVE CVE-2021-31215 page

Описание

SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.

Затронутые продукты

Image SLES15-SP1-EC2-HPC-HVM-BYOS:libslurm33-18.08.9-3.19.1

Image SLES15-SP1-EC2-HPC-HVM-BYOS:slurm-18.08.9-3.19.1

Image SLES15-SP1-EC2-HPC-HVM-BYOS:slurm-config-18.08.9-3.19.1

Image SLES15-SP1-EC2-HPC-HVM-BYOS:slurm-node-18.08.9-3.19.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-31215.html
CVE-2021-31215
https://bugzilla.suse.com/1186024
SUSE Bug 1186024

SUSE-SU-2021:1811-1

Описание

Список пакетов

Image SLES15-SP1-EC2-HPC-HVM-BYOS

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

Ссылки

Уязвимость: CVE-2021-31215

Описание

Затронутые продукты

Ссылки