Описание
Security update for slurm_23_02
This update for slurm_23_02 fixes the following issues:
- CVE-2023-41914: Fixed a filesystem handling race conditions that could have led to an attacker taking control of an arbitrary file, or removing entire directoy contents (bsc#1216207).
Bug fixes:
- Add missing dependencies to slurm-config to plugins package. These should help to tie down the slurm version and help to avoid a package mix (bsc#1216869).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libnss_slurm2_23_02-23.02.6-150100.3.14.1
libpmi0_23_02-23.02.6-150100.3.14.1
libslurm39-23.02.6-150100.3.14.1
perl-slurm_23_02-23.02.6-150100.3.14.1
slurm_23_02-23.02.6-150100.3.14.1
slurm_23_02-auth-none-23.02.6-150100.3.14.1
slurm_23_02-config-23.02.6-150100.3.14.1
slurm_23_02-config-man-23.02.6-150100.3.14.1
slurm_23_02-cray-23.02.6-150100.3.14.1
slurm_23_02-devel-23.02.6-150100.3.14.1
slurm_23_02-doc-23.02.6-150100.3.14.1
slurm_23_02-lua-23.02.6-150100.3.14.1
slurm_23_02-munge-23.02.6-150100.3.14.1
slurm_23_02-node-23.02.6-150100.3.14.1
slurm_23_02-pam_slurm-23.02.6-150100.3.14.1
slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150100.3.14.1
slurm_23_02-plugins-23.02.6-150100.3.14.1
slurm_23_02-rest-23.02.6-150100.3.14.1
slurm_23_02-slurmdbd-23.02.6-150100.3.14.1
slurm_23_02-sql-23.02.6-150100.3.14.1
slurm_23_02-sview-23.02.6-150100.3.14.1
slurm_23_02-torque-23.02.6-150100.3.14.1
slurm_23_02-webdoc-23.02.6-150100.3.14.1
Ссылки
- Link for SUSE-SU-2023:4564-1
- E-Mail link for SUSE-SU-2023:4564-1
- SUSE Security Ratings
- SUSE Bug 1216207
- SUSE Bug 1216869
- SUSE CVE CVE-2023-41914 page
Описание
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libnss_slurm2_23_02-23.02.6-150100.3.14.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libpmi0_23_02-23.02.6-150100.3.14.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libslurm39-23.02.6-150100.3.14.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:perl-slurm_23_02-23.02.6-150100.3.14.1
Ссылки
- CVE-2023-41914
- SUSE Bug 1216207