Headline
Debian Security Advisory 5609-1
Debian Linux Security Advisory 5609-1 - Several vulnerabilities were discovered in the Slurm Workload Manager, a cluster resource management and job scheduling system, which may result in privilege escalation, denial of service, bypass of message hash checks or opening files with an incorrect set of extended groups.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5609-1 [email protected]://www.debian.org/security/ Salvatore BonaccorsoJanuary 28, 2024 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : slurm-wlmCVE ID : CVE-2023-49933 CVE-2023-49936 CVE-2023-49937 CVE-2023-49938Debian Bug : 1058720Several vulnerabilities were discovered in the Slurm Workload Manager, acluster resource management and job scheduling system, which may resultin privilege escalation, denial of service, bypass of message hashchecks or opening files with an incorrect set of extended groups.For the stable distribution (bookworm), these problems have been fixedin version 22.05.8-4+deb12u2.We recommend that you upgrade your slurm-wlm packages.For the detailed security status of slurm-wlm please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/slurm-wlmFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmW2Sj9fFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0Q/0xAAiIX2hFquenx281NrzLcnOeIiuvf/+2eXs4/yVQ2P91S7kTzdbRc9n1dVAIwcvQHKHlQH7z/GHVLtjLDwjiAc34OcPzvLipiFgg6JRmKweOMWqyRns9DaIy4vRZRg7RvS4ltDOuqP9UXScTom4GAM3GCF6wrvxsyNwSvwayaJtqQw09OjWHJsKOPeaKJ6yIBfXUukreUQUctVH5P3HG58S1WD/8EqYrpgxC0mBYxs2Iv2FkEcyyiWY2mthuOqkmzfxf25xzQqlDg7kPMikHkqsHmKiFViAWOe44o0C7jED1JOh72BZk93ktrBWaA0lqj9w+CUhPoUinOL76qn+ija8URNIlnPExmY8/BlBDwEZ9pawTo/wv/IS34GzPDrpQQsBTRPpfO9FrJYPf87Ryfp7OpkWfa6LLqTckDp0PQc05/ABdKVtBw/OtfHZud9/qO+M80045IP4QIzDOiYkAQPEbnS3qlT6Io8RYu4C1tNiALBksMnuim3E63dKbRN4lBzCujKY0clKPLtafE6uNXv9gpQRdq2irDGo+IY8A2rfziWqrmdmiP5bxyQsZNpTuNSVGa5s+skId17xZDH/uQBi6UTT/0Qz8mceqa1Ufzu2bbpNHVdgGZ+YbAjAT7bOr5AY1JHqdCDXx6Pl2vQhIss20R3bxi8O0oZODPquGWgkwA==fdxl-----END PGP SIGNATURE-----Related news
Gentoo Linux Security Advisory 202409-16
Gentoo Linux Security Advisory 202409-16 - Multiple vulnerabilities have been discovered in Slurm, the worst of which could result in privilege escalation or code execution. Versions less than or equal to 22.05.3 are affected.