Package : slurm-llnl
Vulnerability : programming error
Problem type : local
Debian-specific: no
Debian Bug : 524980
It was discovered that the Simple Linux Utility for Resource Management (SLURM), a cluster job management and scheduling system, did not drop
the supplemental groups. These groups may be system groups with elevated privileges, which may allow a valid SLURM user to gain elevated privileges.
The old stable distribution (etch) does not contain a slurm-llnl package.
For the stable distribution (lenny), this problem has been fixed in
version 1.3.6-1lenny3.
For the unstable distribution (sid), this problem has been fixed in
version 1.3.15-1.
We recommend that you upgrade your slurm-llnl package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------