SUSE-SU-2023:4579-1

Опубликовано: 27 нояб. 2023

Источник: suse-cvrf

Описание

Security update for slurm_22_05

This update for slurm_22_05 fixes the following issues:

CVE-2023-41914: Fixed a filesystem handling race condition that could have led to an attacker taking control of an arbitrary file, or removing entire directory contents (bsc#1216207).

Bug fixes:

Add missing dependencies to slurm-config to plugins package. These should help to tie down the slurm version and help to avoid a package mix (bsc#1216869).
Add missing Provides:, Conflicts: and Obsoletes: to slurm-cray, slurm-hdf5 and slurm-testsuite to avoid package conflicts (bsc#1208810).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

libnss_slurm2_22_05-22.05.10-150300.7.6.1

libpmi0_22_05-22.05.10-150300.7.6.1

libslurm38-22.05.10-150300.7.6.1

perl-slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-auth-none-22.05.10-150300.7.6.1

slurm_22_05-config-22.05.10-150300.7.6.1

slurm_22_05-config-man-22.05.10-150300.7.6.1

slurm_22_05-devel-22.05.10-150300.7.6.1

slurm_22_05-doc-22.05.10-150300.7.6.1

slurm_22_05-lua-22.05.10-150300.7.6.1

slurm_22_05-munge-22.05.10-150300.7.6.1

slurm_22_05-node-22.05.10-150300.7.6.1

slurm_22_05-pam_slurm-22.05.10-150300.7.6.1

slurm_22_05-plugins-22.05.10-150300.7.6.1

slurm_22_05-rest-22.05.10-150300.7.6.1

slurm_22_05-slurmdbd-22.05.10-150300.7.6.1

slurm_22_05-sql-22.05.10-150300.7.6.1

slurm_22_05-sview-22.05.10-150300.7.6.1

slurm_22_05-torque-22.05.10-150300.7.6.1

slurm_22_05-webdoc-22.05.10-150300.7.6.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

libnss_slurm2_22_05-22.05.10-150300.7.6.1

libpmi0_22_05-22.05.10-150300.7.6.1

libslurm38-22.05.10-150300.7.6.1

perl-slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-auth-none-22.05.10-150300.7.6.1

slurm_22_05-config-22.05.10-150300.7.6.1

slurm_22_05-config-man-22.05.10-150300.7.6.1

slurm_22_05-devel-22.05.10-150300.7.6.1

slurm_22_05-doc-22.05.10-150300.7.6.1

slurm_22_05-lua-22.05.10-150300.7.6.1

slurm_22_05-munge-22.05.10-150300.7.6.1

slurm_22_05-node-22.05.10-150300.7.6.1

slurm_22_05-pam_slurm-22.05.10-150300.7.6.1

slurm_22_05-plugins-22.05.10-150300.7.6.1

slurm_22_05-rest-22.05.10-150300.7.6.1

slurm_22_05-slurmdbd-22.05.10-150300.7.6.1

slurm_22_05-sql-22.05.10-150300.7.6.1

slurm_22_05-sview-22.05.10-150300.7.6.1

slurm_22_05-torque-22.05.10-150300.7.6.1

slurm_22_05-webdoc-22.05.10-150300.7.6.1

SUSE Linux Enterprise Module for HPC 15 SP4

libnss_slurm2_22_05-22.05.10-150300.7.6.1

libpmi0_22_05-22.05.10-150300.7.6.1

libslurm38-22.05.10-150300.7.6.1

perl-slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-auth-none-22.05.10-150300.7.6.1

slurm_22_05-config-22.05.10-150300.7.6.1

slurm_22_05-config-man-22.05.10-150300.7.6.1

slurm_22_05-cray-22.05.10-150300.7.6.1

slurm_22_05-devel-22.05.10-150300.7.6.1

slurm_22_05-doc-22.05.10-150300.7.6.1

slurm_22_05-lua-22.05.10-150300.7.6.1

slurm_22_05-munge-22.05.10-150300.7.6.1

slurm_22_05-node-22.05.10-150300.7.6.1

slurm_22_05-pam_slurm-22.05.10-150300.7.6.1

slurm_22_05-plugins-22.05.10-150300.7.6.1

slurm_22_05-rest-22.05.10-150300.7.6.1

slurm_22_05-slurmdbd-22.05.10-150300.7.6.1

slurm_22_05-sql-22.05.10-150300.7.6.1

slurm_22_05-sview-22.05.10-150300.7.6.1

slurm_22_05-torque-22.05.10-150300.7.6.1

slurm_22_05-webdoc-22.05.10-150300.7.6.1

openSUSE Leap 15.4

libnss_slurm2_22_05-22.05.10-150300.7.6.1

libpmi0_22_05-22.05.10-150300.7.6.1

libslurm38-22.05.10-150300.7.6.1

perl-slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-auth-none-22.05.10-150300.7.6.1

slurm_22_05-config-22.05.10-150300.7.6.1

slurm_22_05-config-man-22.05.10-150300.7.6.1

slurm_22_05-cray-22.05.10-150300.7.6.1

slurm_22_05-devel-22.05.10-150300.7.6.1

slurm_22_05-doc-22.05.10-150300.7.6.1

slurm_22_05-hdf5-22.05.10-150300.7.6.1

slurm_22_05-lua-22.05.10-150300.7.6.1

slurm_22_05-munge-22.05.10-150300.7.6.1

slurm_22_05-node-22.05.10-150300.7.6.1

slurm_22_05-openlava-22.05.10-150300.7.6.1

slurm_22_05-pam_slurm-22.05.10-150300.7.6.1

slurm_22_05-plugins-22.05.10-150300.7.6.1

slurm_22_05-rest-22.05.10-150300.7.6.1

slurm_22_05-seff-22.05.10-150300.7.6.1

slurm_22_05-sjstat-22.05.10-150300.7.6.1

slurm_22_05-slurmdbd-22.05.10-150300.7.6.1

slurm_22_05-sql-22.05.10-150300.7.6.1

slurm_22_05-sview-22.05.10-150300.7.6.1

slurm_22_05-testsuite-22.05.10-150300.7.6.1

slurm_22_05-torque-22.05.10-150300.7.6.1

slurm_22_05-webdoc-22.05.10-150300.7.6.1

openSUSE Leap 15.5

libnss_slurm2_22_05-22.05.10-150300.7.6.1

libpmi0_22_05-22.05.10-150300.7.6.1

libslurm38-22.05.10-150300.7.6.1

perl-slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-22.05.10-150300.7.6.1

slurm_22_05-auth-none-22.05.10-150300.7.6.1

slurm_22_05-config-22.05.10-150300.7.6.1

slurm_22_05-config-man-22.05.10-150300.7.6.1

slurm_22_05-cray-22.05.10-150300.7.6.1

slurm_22_05-devel-22.05.10-150300.7.6.1

slurm_22_05-doc-22.05.10-150300.7.6.1

slurm_22_05-hdf5-22.05.10-150300.7.6.1

slurm_22_05-lua-22.05.10-150300.7.6.1

slurm_22_05-munge-22.05.10-150300.7.6.1

slurm_22_05-node-22.05.10-150300.7.6.1

slurm_22_05-openlava-22.05.10-150300.7.6.1

slurm_22_05-pam_slurm-22.05.10-150300.7.6.1

slurm_22_05-plugins-22.05.10-150300.7.6.1

slurm_22_05-rest-22.05.10-150300.7.6.1

slurm_22_05-seff-22.05.10-150300.7.6.1

slurm_22_05-sjstat-22.05.10-150300.7.6.1

slurm_22_05-slurmdbd-22.05.10-150300.7.6.1

slurm_22_05-sql-22.05.10-150300.7.6.1

slurm_22_05-sview-22.05.10-150300.7.6.1

slurm_22_05-testsuite-22.05.10-150300.7.6.1

slurm_22_05-torque-22.05.10-150300.7.6.1

slurm_22_05-webdoc-22.05.10-150300.7.6.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234579-1/
Link for SUSE-SU-2023:4579-1
https://lists.suse.com/pipermail/sle-security-updates/2023-November/017227.html
E-Mail link for SUSE-SU-2023:4579-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1208810
SUSE Bug 1208810
https://bugzilla.suse.com/1216207
SUSE Bug 1216207
https://bugzilla.suse.com/1216869
SUSE Bug 1216869
https://www.suse.com/security/cve/CVE-2023-41914/
SUSE CVE CVE-2023-41914 page

Описание

SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:libnss_slurm2_22_05-22.05.10-150300.7.6.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:libpmi0_22_05-22.05.10-150300.7.6.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:libslurm38-22.05.10-150300.7.6.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:perl-slurm_22_05-22.05.10-150300.7.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-41914.html
CVE-2023-41914
https://bugzilla.suse.com/1216207
SUSE Bug 1216207

SUSE-SU-2023:4579-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Module for HPC 15 SP4

openSUSE Leap 15.4

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2023-41914

Описание

Затронутые продукты

Ссылки