-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-540de58d84 2024-01-03 02:17:59.911405 -------------------------------------------------------------------------------- Name : slurm Product : Fedora 38 Version : 22.05.11 Release : 2.fc38 URL : https://slurm.schedmd.com/ Summary : Simple Linux Utility for Resource Management Description : Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules. -------------------------------------------------------------------------------- Update Information: - Update to 22.05.11 - Closes CVE-2023-49933 through CVE-2023-49938 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 22 2023 Neil Hanlon <neil@xxxxxxxxxxxxxxxxx> - 22.05.11-1 - Update to 22.05.11 (#2155310) - Closes CVE-2023-49933 through CVE-2023-49938; RHBZ bugs: - #2254496, #2254499, #2254502, #2254505, #2254507, #2254509 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2155310 - slurm-23.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2155310 [ 2 ] Bug #2254496 - CVE-2023-49938 slurm: incorrect access control [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254496 [ 3 ] Bug #2254499 - CVE-2023-49937 slurm: double free [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254499 [ 4 ] Bug #2254502 - CVE-2023-49936 slurm: null pointer dereference [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254502 [ 5 ] Bug #2254505 - CVE-2023-49935 slurm: Incorrect Access Control [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254505 [ 6 ] Bug #2254507 - CVE-2023-49934 slurm: SQL injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254507 [ 7 ] Bug #2254509 - CVE-2023-49933 slurm: Improper Enforcement of Message Integrity [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254509 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-540de58d84' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue