[SECURITY] [DSA 5961-1] slurm-wlm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5961-1 security@debian.org
https://www.debian.org/security/ Shengqi Chen
July 08, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : slurm-wlm
CVE ID : CVE-2025-43904
Debian Bug : 1104929
Sekou Diakite from HPE discovered a mistake with permission handling for
Coordinators within the accounting system of Slurm Workload Manager, a
cluster resource management and job scheduling system, that it could allow
a Coordinator to promote a user to Administrator.
- -
For the stable distribution (bookworm), this problem has been fixed in
version 22.05.8-4+deb12u3.
We recommend that you upgrade your slurm-wlm packages.
For the detailed security status of slurm-wlm please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/slurm-wlm
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEBLHAyuu1xqoC2aJ5NP8o68vMTMgFAmhs2h4ACgkQNP8o68vM
TMhg+wf/aiE98TIxusPba3u0F49jnbdztNyK4A3DwBgds0ZUSyE/l2ZP/jmIPFdE
QBH1m2rK/X8oSuvkXQN4ruek95Jch/kvPy/26+YlSlNEwc50vLxYp6D+E22tr2QE
CEIoKapk4nKnoWMGfQCg/chuQm3oXYJ0Bd1jEh1ZvHW7IGW8JJAyDJ55Fgo2DDXP
QBN9ZCgta9GZyspmToAw1CCfBGTDdpsZYalE0zu/ldglAZTKKO07WzMjarCFSfh3
cwjtaDFrxhh4w6noM3+YWoxQFEfO7r2YxYqqRUg9rUQArhxSjuk+fVfU/ItQP0gO
E27m2dtxsxVcjNQv+BFona7VT0yMgQ==
=Pb5I
-----END PGP SIGNATURE-----
Reply to: