SUSE-SU-2020:2600-1
- Source
- https://www.suse.com/support/update/announcement/2020/suse-su-20202600-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2600-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:2600-1
- Upstream
- Related
- Published
- 2020-09-10T13:30:02Z
- Modified
- 2025-05-02T04:09:42.709512Z
- Summary
- Security update for slurm_18_08
- Details
-
This update for slurm1808 fixes the following issues:
- Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. Add: Fix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020-12693.patch (CVE-2020-12693, bsc#1172004).
- Remove unneeded build dependency to postgresql-devel.
- References
Affected packages
SUSE:Linux Enterprise Module for HPC 12 / slurm_18_08
Package
- Name
- slurm_18_08
- Purl
- pkg:rpm/suse/slurm_18_08&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed18.08.9-3.8.1
Ecosystem specific
{
"binaries": [
{
"slurm_18_08-slurmdbd": "18.08.9-3.8.1",
"slurm_18_08-node": "18.08.9-3.8.1",
"slurm_18_08-plugins": "18.08.9-3.8.1",
"perl-slurm_18_08": "18.08.9-3.8.1",
"slurm_18_08-torque": "18.08.9-3.8.1",
"slurm_18_08-lua": "18.08.9-3.8.1",
"slurm_18_08-devel": "18.08.9-3.8.1",
"slurm_18_08-auth-none": "18.08.9-3.8.1",
"slurm_18_08-pam_slurm": "18.08.9-3.8.1",
"slurm_18_08-munge": "18.08.9-3.8.1",
"libslurm33": "18.08.9-3.8.1",
"slurm_18_08-config": "18.08.9-3.8.1",
"slurm_18_08": "18.08.9-3.8.1",
"slurm_18_08-sql": "18.08.9-3.8.1",
"libpmi0_18_08": "18.08.9-3.8.1",
"slurm_18_08-doc": "18.08.9-3.8.1"
}
]
}