Security update for slurm SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:0987-1 Final 1 1 2018-04-19T17:12:02Z current 2018-04-19T17:12:02Z 2018-04-19T17:12:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for slurm This update for slurm fixes the following issues: - Fix interaction with systemd: systemd expects that a daemonizing process doesn't go away until the PID file with it PID of the daemon has bee written (bsc#1084125). - Make sure systemd services get restarted only when all packages are in a consistent state, not in the middle of an 'update' transaction (bsc#1088693). Since the %postun scripts that run on update are from the old package they cannot be changed - thus we work around the restart breakage. - CVE-2018-7033: Fixed security issue in accounting_storage/mysql plugin by always escaping strings within the slurmdbd (bsc#1085240). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Module-HPC-12-2018-664 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20180987-1/ Link for SUSE-SU-2018:0987-1 https://lists.suse.com/pipermail/sle-security-updates/2018-April/003903.html E-Mail link for SUSE-SU-2018:0987-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1084125 SUSE Bug 1084125 https://bugzilla.suse.com/1085240 SUSE Bug 1085240 https://bugzilla.suse.com/1088693 SUSE Bug 1088693 https://www.suse.com/security/cve/CVE-2018-7033/ SUSE CVE CVE-2018-7033 page SUSE Linux Enterprise Module for HPC 12 libpmi0-17.02.10-6.16.1 libslurm31-17.02.10-6.16.1 perl-slurm-17.02.10-6.16.1 slurm-17.02.10-6.16.1 slurm-auth-none-17.02.10-6.16.1 slurm-devel-17.02.10-6.16.1 slurm-doc-17.02.10-6.16.1 slurm-lua-17.02.10-6.16.1 slurm-munge-17.02.10-6.16.1 slurm-pam_slurm-17.02.10-6.16.1 slurm-plugins-17.02.10-6.16.1 slurm-sched-wiki-17.02.10-6.16.1 slurm-slurmdb-direct-17.02.10-6.16.1 slurm-slurmdbd-17.02.10-6.16.1 slurm-sql-17.02.10-6.16.1 slurm-torque-17.02.10-6.16.1 libpmi0-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 libslurm31-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 perl-slurm-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-auth-none-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-devel-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-doc-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-lua-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-munge-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-pam_slurm-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-plugins-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-sched-wiki-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-slurmdb-direct-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-slurmdbd-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-sql-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 slurm-torque-17.02.10-6.16.1 as a component of SUSE Linux Enterprise Module for HPC 12 SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. CVE-2018-7033 SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.10-6.16.1 SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.10-6.16.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20180987-1/ https://www.suse.com/security/cve/CVE-2018-7033.html CVE-2018-7033 https://bugzilla.suse.com/1085240 SUSE Bug 1085240