SUSE-SU-2023:4578-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2023/suse-su-20234578-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:4578-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:4578-1
Related
Published
2023-11-27T08:30:35Z
Modified
2023-11-27T08:30:35Z
Summary
Security update for slurm
Details

This update for slurm fixes the following issues:

  • CVE-2023-41914: Fixed a filesystem handling race conditions that could have led to an attacker taking control of an arbitrary file, or removing entire directoy contents (bsc#1216207).

Bug fixes:

  • Add missing dependencies to slurm-config to plugins package. These should help to tie down the slurm version and help to avoid a package mix (bsc#1216869).
References

Affected packages

SUSE:Linux Enterprise Module for HPC 15 SP5 / slurm

Package

Name
slurm
Purl
pkg:rpm/suse/slurm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
23.02.6-150500.5.12.1

Ecosystem specific 

{
    "binaries": [
        {
            "slurm-plugins": "23.02.6-150500.5.12.1",
            "slurm-plugin-ext-sensors-rrd": "23.02.6-150500.5.12.1",
            "slurm-auth-none": "23.02.6-150500.5.12.1",
            "slurm-cray": "23.02.6-150500.5.12.1",
            "libslurm39": "23.02.6-150500.5.12.1",
            "slurm-slurmdbd": "23.02.6-150500.5.12.1",
            "slurm-devel": "23.02.6-150500.5.12.1",
            "slurm-config": "23.02.6-150500.5.12.1",
            "slurm-rest": "23.02.6-150500.5.12.1",
            "slurm-pam_slurm": "23.02.6-150500.5.12.1",
            "slurm-config-man": "23.02.6-150500.5.12.1",
            "slurm-doc": "23.02.6-150500.5.12.1",
            "slurm-munge": "23.02.6-150500.5.12.1",
            "perl-slurm": "23.02.6-150500.5.12.1",
            "slurm-sview": "23.02.6-150500.5.12.1",
            "slurm-sql": "23.02.6-150500.5.12.1",
            "libnss_slurm2": "23.02.6-150500.5.12.1",
            "slurm-webdoc": "23.02.6-150500.5.12.1",
            "libpmi0": "23.02.6-150500.5.12.1",
            "slurm": "23.02.6-150500.5.12.1",
            "slurm-lua": "23.02.6-150500.5.12.1",
            "slurm-torque": "23.02.6-150500.5.12.1",
            "slurm-node": "23.02.6-150500.5.12.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 SP5 / slurm

Package

Name
slurm
Purl
pkg:rpm/suse/slurm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
23.02.6-150500.5.12.1

Ecosystem specific 

{
    "binaries": [
        {
            "slurm-config": "23.02.6-150500.5.12.1",
            "slurm-node": "23.02.6-150500.5.12.1",
            "slurm-auth-none": "23.02.6-150500.5.12.1",
            "slurm-seff": "23.02.6-150500.5.12.1",
            "slurm-cray": "23.02.6-150500.5.12.1",
            "libpmi0": "23.02.6-150500.5.12.1",
            "slurm-devel": "23.02.6-150500.5.12.1",
            "slurm-slurmdbd": "23.02.6-150500.5.12.1",
            "slurm-plugins": "23.02.6-150500.5.12.1",
            "slurm-pam_slurm": "23.02.6-150500.5.12.1",
            "slurm-rest": "23.02.6-150500.5.12.1",
            "slurm-config-man": "23.02.6-150500.5.12.1",
            "slurm-doc": "23.02.6-150500.5.12.1",
            "slurm-munge": "23.02.6-150500.5.12.1",
            "perl-slurm": "23.02.6-150500.5.12.1",
            "slurm-sview": "23.02.6-150500.5.12.1",
            "slurm-hdf5": "23.02.6-150500.5.12.1",
            "slurm-sql": "23.02.6-150500.5.12.1",
            "libnss_slurm2": "23.02.6-150500.5.12.1",
            "slurm-sjstat": "23.02.6-150500.5.12.1",
            "slurm-lua": "23.02.6-150500.5.12.1",
            "slurm": "23.02.6-150500.5.12.1",
            "slurm-openlava": "23.02.6-150500.5.12.1",
            "slurm-torque": "23.02.6-150500.5.12.1",
            "slurm-webdoc": "23.02.6-150500.5.12.1"
        }
    ]
}

openSUSE:Leap 15.5 / slurm

Package

Name
slurm
Purl
pkg:rpm/opensuse/slurm&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
23.02.6-150500.5.12.1

Ecosystem specific 

{
    "binaries": [
        {
            "slurm-cray": "23.02.6-150500.5.12.1",
            "slurm-config": "23.02.6-150500.5.12.1",
            "slurm-slurmdbd": "23.02.6-150500.5.12.1",
            "slurm-plugins": "23.02.6-150500.5.12.1",
            "slurm-devel": "23.02.6-150500.5.12.1",
            "slurm-pam_slurm": "23.02.6-150500.5.12.1",
            "slurm-testsuite": "23.02.6-150500.5.12.1",
            "slurm-doc": "23.02.6-150500.5.12.1",
            "libnss_slurm2": "23.02.6-150500.5.12.1",
            "slurm-lua": "23.02.6-150500.5.12.1",
            "slurm-webdoc": "23.02.6-150500.5.12.1",
            "libpmi0": "23.02.6-150500.5.12.1",
            "slurm-torque": "23.02.6-150500.5.12.1",
            "slurm-plugin-ext-sensors-rrd": "23.02.6-150500.5.12.1",
            "libslurm39": "23.02.6-150500.5.12.1",
            "slurm-rest": "23.02.6-150500.5.12.1",
            "slurm-auth-none": "23.02.6-150500.5.12.1",
            "slurm-seff": "23.02.6-150500.5.12.1",
            "slurm-config-man": "23.02.6-150500.5.12.1",
            "slurm-munge": "23.02.6-150500.5.12.1",
            "perl-slurm": "23.02.6-150500.5.12.1",
            "slurm-sview": "23.02.6-150500.5.12.1",
            "slurm-hdf5": "23.02.6-150500.5.12.1",
            "slurm-sql": "23.02.6-150500.5.12.1",
            "slurm-sjstat": "23.02.6-150500.5.12.1",
            "slurm": "23.02.6-150500.5.12.1",
            "slurm-openlava": "23.02.6-150500.5.12.1",
            "slurm-node": "23.02.6-150500.5.12.1"
        }
    ]
}