27689 – slurm new security issues CVE-2020-27745 and CVE-2020-27746

Bug 27689 - slurm new security issues CVE-2020-27745 and CVE-2020-27746

Summary: slurm new security issues CVE-2020-27745 and CVE-2020-27746

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	Chris Denice
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-11-29 17:24 CET by David Walser
Modified:	2020-12-01 00:32 CET (History)
CC List:	0 users

See Also:
Source RPM:	slurm-20.02.5-1.mga8.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-11-29 17:24:56 CET

openSUSE has issued an advisory on November 26:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YK5TOFTMMMLNW5U6MVRZ2CYJN3MTJQ3H/

The issues are fixed upstream in 20.02.6.

Comment 1 David Walser 2020-11-29 17:33:10 CET

Another reference:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U6EPEASTWK66PMT44C2GSQXHCPXCOLCZ/

Comment 2 David Walser 2020-11-29 17:43:24 CET

Fedora has issued an advisory for this on November 27:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EXGA4WHS6JC6NIKAY5YNUT6MVUUWI6FF/

Comment 3 David Walser 2020-11-30 18:21:56 CET

Fixed in slurm-20.02.6-1.mga8.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 4 Chris Denice 2020-12-01 00:32:10 CET

Thanks David!

Note You need to log in before you can comment on or make changes to this bug.