Fedora has issued an advisory on May 24:
The issue is fixed upstream in 20.11.7.
Mageia 8 is also affected.
Fixed upstream in 20.11.7
New version 20.11.7 landing in updates_testing and Cauldron.
Updated slurm packages to fix security issue CVE-2021-31215.
Updated packages in core/updates_testing:
A look back in Bugzilla reveals that slurm is a recent addition to Mageia, and there are no earlier updates with test suggestions.
According to https://slurm.schedmd.com/overview.html slurm is "an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters." Reading the rest of that page, it becomes obvious that testing even the most basic of operations of slurm is much too complicated for most of QA - or maybe at least for me.
I can test for a clean install over the original, and I did do that in VirtualBox. So, I am going to give this an OK and validate, with the advisory in Comment 1. If there is something else I should do, please let me know.
Updated slurm packages fix a security vulnerability:
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (CVE-2021-31215).
Updated packages in 8/core/updates_testing:
Fixed upstream in 20.11.7 =>
An update for this issue has been pushed to the Mageia Updates repository.