1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5961-1] slurm-wlm security update

    From Aron Xu@21:1/5 to All on Tue Jul 8 11:00:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5961-1 [email protected] https://www.debian.org/security/ Shengqi Chen
    July 08, 2025 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : slurm-wlm
    CVE ID : CVE-2025-43904
    Debian Bug : 1104929

    Sekou Diakite from HPE discovered a mistake with permission handling for Coordinators within the accounting system of Slurm Workload Manager, a
    cluster resource management and job scheduling system, that it could allow
    a Coordinator to promote a user to Administrator.

    - -
    For the stable distribution (bookworm), this problem has been fixed in
    version 22.05.8-4+deb12u3.

    We recommend that you upgrade your slurm-wlm packages.

    For the detailed security status of slurm-wlm please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/slurm-wlm

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQEzBAEBCAAdFiEEBLHAyuu1xqoC2aJ5NP8o68vMTMgFAmhs2h4ACgkQNP8o68vM TMhg+wf/aiE98TIxusPba3u0F49jnbdztNyK4A3DwBgds0ZUSyE/l2ZP/jmIPFdE QBH1m2rK/X8oSuvkXQN4ruek95Jch/kvPy/26+YlSlNEwc50vLxYp6D+E22tr2QE CEIoKapk4nKnoWMGfQCg/chuQm3oXYJ0Bd1jEh1ZvHW7IGW8JJAyDJ55Fgo2DDXP QBN9ZCgta9GZyspmToAw1CCfBGTDdpsZYalE0zu/ldglAZTKKO07WzMjarCFSfh3 cwjtaDFrxhh4w6noM3+YWoxQFEfO7r2YxYqqRUg9rUQArhxSjuk+fVfU/ItQP0gO E27m2dtxsxVcjNQv+BFona7VT0yMgQ==
    =Pb5I
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)