Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:Update
patchinfo.32312
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.32312
<patchinfo incident="32312"> <issue tracker="cve" id="2023-49937"/> <issue tracker="cve" id="2023-49935"/> <issue tracker="cve" id="2023-49938"/> <issue tracker="cve" id="2023-49933"/> <issue tracker="cve" id="2023-49936"/> <issue tracker="bnc" id="1218051">VUL-0: CVE-2023-49937: slurm,slurm_22_05,slurm_23_02: double free</issue> <issue tracker="bnc" id="1218049">VUL-0: CVE-2023-49935: slurm,slurm_23_02: Incorrect Access Control</issue> <issue tracker="bnc" id="1218050">VUL-0: CVE-2023-49936: slurm,slurm_22_05,slurm_23_02: null pointer dereference</issue> <issue tracker="bnc" id="1217711">[Slurm, slurmrestd] service file missing for slurmrestd</issue> <issue tracker="bnc" id="1216869">slurm-sview illogically updates to slurm_23_02-sview</issue> <issue tracker="bnc" id="1218053">VUL-0: CVE-2023-49938: slurm,slurm_22_05,slurm_23_02: incorrect access control</issue> <issue tracker="bnc" id="1218046">VUL-0: CVE-2023-49933: slurm,slurm_22_05,slurm_23_02: Improper Enforcement of Message Integrity</issue> <packager>eeich</packager> <rating>important</rating> <category>security</category> <summary>Security update for slurm_23_02</summary> <description>This update for slurm_23_02 fixes the following issues: Update to slurm 23.02.6: Security fixes: - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. (bsc#1218046) - CVE-2023-49935: Prevent message hash bypass in slurmd which can allow an attacker to reuse root-level MUNGE tokens and escalate permissions. (bsc#1218049) - CVE-2023-49936: Prevent NULL pointer dereference on `size_valp` overflow. (bsc#1218050) - CVE-2023-49937: Prevent double-xfree() on error in `_unpack_node_reg_resp()`. (bsc#1218051) - CVE-2023-49938: Prevent modified `sbcast` RPCs from opening a file with the wrong group permissions. (bsc#1218053) Other fixes: - Add missing service file for slurmrestd (bsc#1217711). - Fix slurm upgrading to incompatible versions (bsc#1216869). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor