Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5
Control: tag -1 pending
On Sun, Jul 30, 2017 at 10:46:45PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Fri, 2017-07-28 at 15:40 +0200, Gennaro Oliva wrote:
> > I'd like to update slurm-llnl in the next oldstable point release to
> > address a vulnerability in how the slurmd daemon informs users of
> > a Prolog failure on a compute node. That vulnerability could allow a
> > user to assume control of an arbitrary file on the system. Any
> > exploitation of this is dependent on the user being able to cause or
> > anticipate the failure (non-zero return code) of a Prolog script that
> > their job would run on (CVE-2016-10030).
>
> +slurm-llnl (14.03.9-5+deb8u1) jessie-security; urgency=high
>
> The distribution there wants to be "jessie". With that change, please go
> ahead.
Seems to have been uploaded; flagged for acceptance.
Thanks,
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Reply to: