SUSE-SU-2020:3506-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203506-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3506-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3506-1
Related
Published
2020-11-24T16:16:45Z
Modified
2020-11-24T16:16:45Z
Summary
Security update for slurm
Details

This update for slurm fixes the following issues:

  • Updated to 20.02.6:
    • CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890).
    • CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).
    • Added support for openPMIx (bsc#1173805).
References

Affected packages

SUSE:Linux Enterprise Module for HPC 15 SP2 / slurm

Package

Name
slurm
Purl
pkg:rpm/suse/slurm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20.02.6-3.3.4

Ecosystem specific

{
    "binaries": [
        {
            "slurm-config": "20.02.6-3.3.4",
            "slurm-plugins": "20.02.6-3.3.4",
            "slurm-auth-none": "20.02.6-3.3.4",
            "libslurm35": "20.02.6-3.3.4",
            "slurm-slurmdbd": "20.02.6-3.3.4",
            "slurm-devel": "20.02.6-3.3.4",
            "slurm-pam_slurm": "20.02.6-3.3.4",
            "slurm-config-man": "20.02.6-3.3.4",
            "slurm-doc": "20.02.6-3.3.4",
            "slurm-munge": "20.02.6-3.3.4",
            "perl-slurm": "20.02.6-3.3.4",
            "slurm-sview": "20.02.6-3.3.4",
            "slurm-sql": "20.02.6-3.3.4",
            "libnss_slurm2": "20.02.6-3.3.4",
            "slurm-webdoc": "20.02.6-3.3.4",
            "libpmi0": "20.02.6-3.3.4",
            "slurm": "20.02.6-3.3.4",
            "slurm-lua": "20.02.6-3.3.4",
            "slurm-node": "20.02.6-3.3.4",
            "slurm-torque": "20.02.6-3.3.4"
        }
    ]
}