Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.32313
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.32313
<patchinfo incident="32313"> <issue tracker="cve" id="2023-49933"/> <issue tracker="cve" id="2023-49936"/> <issue tracker="cve" id="2023-41914"/> <issue tracker="cve" id="2023-49938"/> <issue tracker="cve" id="2023-49937"/> <issue tracker="bnc" id="1216207">VUL-0: CVE-2023-41914: slurm,slurm_18_08,slurm_20_02,slurm_20_11,slurm_22_05,slurm_23_02,slurmlibs:</issue> <issue tracker="bnc" id="1218051">VUL-0: CVE-2023-49937: slurm,slurm_22_05,slurm_23_02: double free</issue> <issue tracker="bnc" id="1218046">VUL-0: CVE-2023-49933: slurm,slurm_22_05,slurm_23_02: Improper Enforcement of Message Integrity</issue> <issue tracker="bnc" id="1218050">VUL-0: CVE-2023-49936: slurm,slurm_22_05,slurm_23_02: null pointer dereference</issue> <issue tracker="bnc" id="1218053">VUL-0: CVE-2023-49938: slurm,slurm_22_05,slurm_23_02: incorrect access control</issue> <issue tracker="bnc" id="1217711">[Slurm, slurmrestd] service file missing for slurmrestd</issue> <issue tracker="bnc" id="1216869">slurm-sview illogically updates to slurm_23_02-sview</issue> <issue tracker="bnc" id="1208810">[slurm_22_05, cray] Missing Conflicts and Provides may lead to dependency issues during Upgrade</issue> <packager>eeich</packager> <rating>important</rating> <category>security</category> <summary>Security update for slurm</summary> <description>This update for slurm fixes the following issues: Security fixes: - CVE-2023-41914: Prevent filesystem race conditions that could let an attacker take control of an arbitrary file, or remove entire directories' contents. (bsc#1216207) - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. (bsc#1218046) - CVE-2023-49936: Prevent NULL pointer dereference on `size_valp` overflow. (bsc#1218050) - CVE-2023-49937: Prevent double-xfree() on error in `_unpack_node_reg_resp()`. (bsc#1218051) - CVE-2023-49938: Prevent modified `sbcast` RPCs from opening a file with the wrong group permissions. (bsc#1218053) Other fixes: - Add missing service file for slurmrestd (bsc#1217711). - Fix slurm upgrading to incompatible versions (bsc#1216869). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor