[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1437-1] slurm-llnl security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : slurm-llnl
Version        : 14.03.9-5+deb8u3
CVE ID         : CVE-2018-7033 CVE-2018-10995


CVE-2018-7033
     Fix for issue in accounting_storage/mysql plugin by always
     escaping strings within the slurmdbd.

CVE-2018-10995
     Fix for mishandling of user names (aka user_name fields) and
     group ids (aka gid fields).


For Debian 8 "Jessie", these problems have been fixed in version
14.03.9-5+deb8u3.

We recommend that you upgrade your slurm-llnl packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJbUz5eXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH8k4P/2A2ycpthUgiQ2GovYUNoDct
k/Z+SyiV4uWOudxOS1GAe/UumOux8KIHqz3Ndtnp2qLeoCHCqajB/g6NuuIMNFV2
tw4U2QIb6uIxEKWWGjxxzn1koJK2OTPtOpMJcnBGlfafGGxuP3W9i/jhrcHfv7I7
2wZxXAeZUJqZ5ZOzXacFKWQJZ3xqsPttkPaT5r4oRha/ZREvjZV2FmYMsuaZyXV2
JiIhoh0J0RsnfikpdslygxYymeS0/7mHaGh6rALlEzY5CPSg0CVeWVWwb4haDF8F
UeiJ8CO3RF0IKNgPjSvNRVXyDsesQK+ZESoRAbP4rZBCxMhF4NZ2ftYkmMBmSP6p
RM+zSy3hYqZ6T72lgLoiPk5J9M9i/CKmWgREsoA+TdL/VwneGYptH3BMDe94inyI
ST7xo+OXZnb59S0QttHExzKGlqOjzL9v6oOSRkjVZn81FoF0Bu9nRUWFXedUm+st
HyQkzR0aiFbAgw+Z01e+n4mVRR2pOVzNMekWNv21i3j5lQkgs1NUQzVjSk5UXV9T
UBHuM/iStlE8w5+ifz69aCWO5zWBaLz8UNl6mfhRAUwFTqtBVCCx19ikSJYW0aLv
BCKsM4A4v1LBiYPjrMAkDdh7N7zEuY6UQe6uAifwrZBfVJZOjk77YKHLlkkn21EK
ippZUlgrdrVulLh7z3Lf
=pvhD
-----END PGP SIGNATURE-----


Reply to: