[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1010634: marked as done (slurm-wlm: CVE-2022-29500)



Your message dated Sat, 07 May 2022 07:19:05 +0000
with message-id <E1nnEiX-000DpG-1B@fasolo.debian.org>
and subject line Bug#1010634: fixed in slurm-wlm 21.08.8.2-1
has caused the Debian Bug report #1010634,
regarding slurm-wlm: CVE-2022-29500
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1010634: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010634
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Source: slurm-wlm
Version: 21.08.7-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 20.11.7+really20.11.4-2

Hi,

The following vulnerability was published for slurm-wlm.

CVE-2022-29500[0]:
| SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control
| that leads to Information Disclosure.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-29500
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29500
[1] https://lists.schedmd.com/pipermail/slurm-announce/2022/000072.html
[2] https://github.com/SchedMD/slurm/commit/500787548cf3da22cc69ca2111ce51f77543849b 

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: slurm-wlm
Source-Version: 21.08.8.2-1
Done: Gennaro Oliva <oliva.g@na.icar.cnr.it>

We believe that the bug you reported is fixed in the latest version of
slurm-wlm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1010634@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gennaro Oliva <oliva.g@na.icar.cnr.it> (supplier of updated slurm-wlm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 May 2022 21:14:09 +0200
Source: slurm-wlm
Architecture: source
Version: 21.08.8.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian HPC Team <debian-hpc@lists.debian.org>
Changed-By: Gennaro Oliva <oliva.g@na.icar.cnr.it>
Closes: 1010632 1010633 1010634
Changes:
 slurm-wlm (21.08.8.2-1) unstable; urgency=medium
 .
   * New upstream release fixes CVE-2022-29500,
     CVE-2022-29501 and CVE-2022-29502
     (Closes: #1010632, #1010633, #1010634)
   * Update libslurm symbols file
Checksums-Sha1:
 257db3912e4e6ac9fd49637806c454e49fe9505d 3752 slurm-wlm_21.08.8.2-1.dsc
 f7687c11f024fbbe5399b93906d1179adc5c3fb6 9181981 slurm-wlm_21.08.8.2.orig.tar.gz
 87b22595ec0da6f0fbf31f6461bad9da932f356e 131948 slurm-wlm_21.08.8.2-1.debian.tar.xz
 d940c44bc07fd7039b5ff4f6c0895c9bc972a60c 21992 slurm-wlm_21.08.8.2-1_amd64.buildinfo
Checksums-Sha256:
 38cab66ebf395ff38574e4d920856e4447663179a5c69b8dbf9eeab6c94be921 3752 slurm-wlm_21.08.8.2-1.dsc
 876d7dfa716990d7e579cfb9c6ffc123258e03a1450e993ade596d2ee90afcdd 9181981 slurm-wlm_21.08.8.2.orig.tar.gz
 e4a14ddf0a848e5df55b3880f64d09518f205ddbc60fbde7d5353e5116a6dd6f 131948 slurm-wlm_21.08.8.2-1.debian.tar.xz
 85e54c44bac7288ec3df8ddd6eae48aecc0a55ea7490b4f16fae358cd805ee5e 21992 slurm-wlm_21.08.8.2-1_amd64.buildinfo
Files:
 ae169dff579e404a2f6066a538b43782 3752 admin optional slurm-wlm_21.08.8.2-1.dsc
 14e7e5b80188b8b8829f3637110d4391 9181981 admin optional slurm-wlm_21.08.8.2.orig.tar.gz
 6894085a03d275302d4cd5448a235461 131948 admin optional slurm-wlm_21.08.8.2-1.debian.tar.xz
 a9f15ddfdd04a433f9d5d994b57706d3 21992 admin optional slurm-wlm_21.08.8.2-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJLBAEBCgA1FiEE6zNF9WRBuLgad5h2ffpBrZYZhdcFAmJ1eA8XHG9saXZhLmdA
bmEuaWNhci5jbnIuaXQACgkQffpBrZYZhddyyxAAoAF5AEn34cc5ApEGVgpbBdFj
Jmd/lwG51wVL3z5qxIock+yfo8BE1rkM1YEIs6tAT2ZGcu1+kKNtgTz9MSOD/9Qj
X2BpENXrzP3Vi3Jls5aAB1NcNrjQMNZAJazSPMyEgeZ51Fceq/Z3LvxvXJ/nEPrO
HJlxM2oUNizRocy10Bt1duVBNvTiYIhmdGO/AMgJ7Wngb9zTHIwJ1YGJQGICIlVp
ipqTZokD7uqQJ8ngH5H6qtqD2Eg+UfhfYH8fGsy4p45G8rxUdRZSa/TK476jjYoP
obujlRR1vjMtYzu6bQVQzeURIcueZKowXZA807CSwli6dcKGX01jBUjnXZ/OICQl
DvY2gtCUgXC7EXeUEkJheJ3kYRJEioxLbLuuHrJXlqeVR5ZNT22sxgnLv1yUTCAH
PRDj5BlxCXOPw+2R58eEM8HiXQfrOI275FyIv65eMb5l6H2dMXxTJW7fjnd/zFyq
WiBwoeUnEYZt5BScKk2CrNwVXBtBZor1O/7Ku1BcRk29rvHuSqlE5RiSroDTML1j
0u9vTkiJzbq1x0VnpZMphaqH6GbU8q4t04hSmN1n1x/XRk+Nfh6xZKpZ8OZlI9wu
q/JdEi6bA4uQ3UGMPVnX+5xgDmp0cTWy1tnc7VmBw3QFS2miDGjJhEsA0e7XCmvN
mpldlKLE790ss80enO4=
=tYYO
-----END PGP SIGNATURE-----

--- End Message ---

Reply to: