SUSE-SU-2020:0434-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:0434-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:0434-1
Related
Published
2020-02-21T16:35:15Z
Modified
2020-02-21T16:35:15Z
Summary
Security update for pdsh, slurm_18_08
Details

This update for pdsh, slurm1808 fixes the following issues:

Slurm was included in the 18.08 release, as 'slurm1808' package. The version 18.08.9 contains all recent security fixes, including:

  • CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects (bsc#1159692).
  • CVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).

pdsh was updated to:

  • Add support for an alternative SLURM version when building the slurm plugin.
References

Affected packages

SUSE:Linux Enterprise Module for HPC 12 / pdsh

Package

Name
pdsh
Purl
purl:rpm/suse/pdsh&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.33-7.18.1

Ecosystem specific

{
    "binaries": [
        {
            "libpmi0_18_08": "18.08.9-3.5.1",
            "pdsh-slurm": "2.33-7.18.1",
            "slurm_18_08-pam_slurm": "18.08.9-3.5.1",
            "slurm_18_08-config": "18.08.9-3.5.1",
            "slurm_18_08-plugins": "18.08.9-3.5.1",
            "pdsh-netgroup": "2.33-7.18.1",
            "pdsh": "2.33-7.18.1",
            "pdsh-genders": "2.33-7.18.1",
            "slurm_18_08-devel": "18.08.9-3.5.1",
            "slurm_18_08": "18.08.9-3.5.1",
            "slurm_18_08-slurmdbd": "18.08.9-3.5.1",
            "slurm_18_08-torque": "18.08.9-3.5.1",
            "pdsh-dshgroup": "2.33-7.18.1",
            "slurm_18_08-sql": "18.08.9-3.5.1",
            "pdsh-machines": "2.33-7.18.1",
            "slurm_18_08-node": "18.08.9-3.5.1",
            "pdsh-slurm_18_08": "2.33-7.18.1",
            "slurm_18_08-lua": "18.08.9-3.5.1",
            "libslurm33": "18.08.9-3.5.1",
            "perl-slurm_18_08": "18.08.9-3.5.1",
            "slurm_18_08-auth-none": "18.08.9-3.5.1",
            "slurm_18_08-doc": "18.08.9-3.5.1",
            "slurm_18_08-munge": "18.08.9-3.5.1"
        }
    ]
}

SUSE:Linux Enterprise Module for HPC 12 / slurm_18_08

Package

Name
slurm_18_08
Purl
purl:rpm/suse/slurm_18_08&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
18.08.9-3.5.1

Ecosystem specific

{
    "binaries": [
        {
            "libpmi0_18_08": "18.08.9-3.5.1",
            "pdsh-slurm": "2.33-7.18.1",
            "slurm_18_08-pam_slurm": "18.08.9-3.5.1",
            "slurm_18_08-config": "18.08.9-3.5.1",
            "slurm_18_08-plugins": "18.08.9-3.5.1",
            "pdsh-netgroup": "2.33-7.18.1",
            "pdsh": "2.33-7.18.1",
            "pdsh-genders": "2.33-7.18.1",
            "slurm_18_08-devel": "18.08.9-3.5.1",
            "slurm_18_08": "18.08.9-3.5.1",
            "slurm_18_08-slurmdbd": "18.08.9-3.5.1",
            "slurm_18_08-torque": "18.08.9-3.5.1",
            "pdsh-dshgroup": "2.33-7.18.1",
            "slurm_18_08-sql": "18.08.9-3.5.1",
            "pdsh-machines": "2.33-7.18.1",
            "slurm_18_08-node": "18.08.9-3.5.1",
            "pdsh-slurm_18_08": "2.33-7.18.1",
            "slurm_18_08-lua": "18.08.9-3.5.1",
            "libslurm33": "18.08.9-3.5.1",
            "perl-slurm_18_08": "18.08.9-3.5.1",
            "slurm_18_08-auth-none": "18.08.9-3.5.1",
            "slurm_18_08-doc": "18.08.9-3.5.1",
            "slurm_18_08-munge": "18.08.9-3.5.1"
        }
    ]
}