Bug 27689

Summary:	slurm new security issues CVE-2020-27745 and CVE-2020-27746
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	Chris Denice <eatdirt>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	critical
Priority:	Normal
Version:	Cauldron
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Source RPM:	slurm-20.02.5-1.mga8.src.rpm	CVE:
Status comment:

Description David Walser 2020-11-29 17:24:56 CET

openSUSE has issued an advisory on November 26:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YK5TOFTMMMLNW5U6MVRZ2CYJN3MTJQ3H/

The issues are fixed upstream in 20.02.6.

Comment 1 David Walser 2020-11-29 17:33:10 CET

Another reference:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U6EPEASTWK66PMT44C2GSQXHCPXCOLCZ/

Comment 2 David Walser 2020-11-29 17:43:24 CET

Fedora has issued an advisory for this on November 27:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EXGA4WHS6JC6NIKAY5YNUT6MVUUWI6FF/

Comment 3 David Walser 2020-11-30 18:21:56 CET

Fixed in slurm-20.02.6-1.mga8.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 4 Chris Denice 2020-12-01 00:32:10 CET

Thanks David!