[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5



Control: tags -1 + confirmed

On Fri, 2017-07-28 at 15:40 +0200, Gennaro Oliva wrote:
> I'd like to update slurm-llnl in the next oldstable point release to
> address a vulnerability in how the slurmd daemon informs users of
> a Prolog failure on a compute node. That vulnerability could allow a
> user to assume control of an arbitrary file on the system. Any
> exploitation of this is dependent on the user being able to cause or
> anticipate the failure (non-zero return code) of a Prolog script that
> their job would run on (CVE-2016-10030).

+slurm-llnl (14.03.9-5+deb8u1) jessie-security; urgency=high

The distribution there wants to be "jessie". With that change, please go
ahead.

Regards,

Adam


Reply to: