Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5

To: Gennaro Oliva <oliva.g@na.icar.cnr.it>, 869991@bugs.debian.org
Subject: Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 30 Jul 2017 22:46:45 +0100
Message-id: <[🔎] 1501451205.29960.43.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 869991@bugs.debian.org
In-reply-to: <[🔎] 20170728134005.GA24250@luke.sic.rm.cnr.it>
References: <[🔎] 20170728134005.GA24250@luke.sic.rm.cnr.it>

Control: tags -1 + confirmed

On Fri, 2017-07-28 at 15:40 +0200, Gennaro Oliva wrote:
> I'd like to update slurm-llnl in the next oldstable point release to
> address a vulnerability in how the slurmd daemon informs users of
> a Prolog failure on a compute node. That vulnerability could allow a
> user to assume control of an arbitrary file on the system. Any
> exploitation of this is dependent on the user being able to cause or
> anticipate the failure (non-zero return code) of a Prolog script that
> their job would run on (CVE-2016-10030).

+slurm-llnl (14.03.9-5+deb8u1) jessie-security; urgency=high

The distribution there wants to be "jessie". With that change, please go
ahead.

Regards,

Adam

Reply to:

References:
- Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
  - From: Gennaro Oliva <oliva.g@na.icar.cnr.it>

Prev by Date: Processed: Re: Bug#869966: stretch-pu: package gosa-plugin-mailaddress/0.99.5-2+deb9u1
Next by Date: Processed: Re: Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
Previous by thread: Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
Next by thread: Processed: Re: Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
Index(es):
- Date
- Thread