Security update for slurm_23_02
Announcement ID: | SUSE-SU-2024:0280-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves five vulnerabilities and has two security fixes can now be installed.
Description:
This update for slurm_23_02 fixes the following issues:
Update to slurm 23.02.6:
Security fixes:
- CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. (bsc#1218046)
- CVE-2023-49935: Prevent message hash bypass in slurmd which can allow an attacker to reuse root-level MUNGE tokens and escalate permissions. (bsc#1218049)
- CVE-2023-49936: Prevent NULL pointer dereference on
size_valp
overflow. (bsc#1218050) - CVE-2023-49937: Prevent double-xfree() on error in
_unpack_node_reg_resp()
. (bsc#1218051) - CVE-2023-49938: Prevent modified
sbcast
RPCs from opening a file with the wrong group permissions. (bsc#1218053)
Other fixes:
- Add missing service file for slurmrestd (bsc#1217711).
- Fix slurm upgrading to incompatible versions (bsc#1216869).
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-280=1
-
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-280=1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-280=1
-
openSUSE Leap 15.3
zypper in -t patch SUSE-2024-280=1
Package List:
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64)
- slurm_23_02-cray-23.02.7-150300.7.17.1
- slurm_23_02-torque-23.02.7-150300.7.17.1
- slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-devel-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-23.02.7-150300.7.17.1
- libpmi0_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sql-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-23.02.7-150300.7.17.1
- slurm_23_02-munge-23.02.7-150300.7.17.1
- perl-slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-23.02.7-150300.7.17.1
- slurm_23_02-sview-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-23.02.7-150300.7.17.1
- slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-cray-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-torque-debuginfo-23.02.7-150300.7.17.1
- libpmi0_23_02-debuginfo-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-debugsource-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-23.02.7-150300.7.17.1
- slurm_23_02-lua-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-debuginfo-23.02.7-150300.7.17.1
- perl-slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-munge-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.17.1
- libslurm39-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sview-23.02.7-150300.7.17.1
- slurm_23_02-sql-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-lua-23.02.7-150300.7.17.1
- libslurm39-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.17.1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
- slurm_23_02-config-23.02.7-150300.7.17.1
- slurm_23_02-doc-23.02.7-150300.7.17.1
- slurm_23_02-webdoc-23.02.7-150300.7.17.1
- slurm_23_02-config-man-23.02.7-150300.7.17.1
-
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64)
- slurm_23_02-cray-23.02.7-150300.7.17.1
- slurm_23_02-torque-23.02.7-150300.7.17.1
- slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-devel-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-23.02.7-150300.7.17.1
- libpmi0_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sql-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-23.02.7-150300.7.17.1
- slurm_23_02-munge-23.02.7-150300.7.17.1
- perl-slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-23.02.7-150300.7.17.1
- slurm_23_02-sview-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-23.02.7-150300.7.17.1
- slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-cray-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-torque-debuginfo-23.02.7-150300.7.17.1
- libpmi0_23_02-debuginfo-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-debugsource-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-23.02.7-150300.7.17.1
- slurm_23_02-lua-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-debuginfo-23.02.7-150300.7.17.1
- perl-slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-munge-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.17.1
- libslurm39-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sview-23.02.7-150300.7.17.1
- slurm_23_02-sql-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-lua-23.02.7-150300.7.17.1
- libslurm39-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.17.1
-
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
- slurm_23_02-config-23.02.7-150300.7.17.1
- slurm_23_02-doc-23.02.7-150300.7.17.1
- slurm_23_02-webdoc-23.02.7-150300.7.17.1
- slurm_23_02-config-man-23.02.7-150300.7.17.1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64)
- slurm_23_02-cray-23.02.7-150300.7.17.1
- slurm_23_02-torque-23.02.7-150300.7.17.1
- slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-devel-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-23.02.7-150300.7.17.1
- libpmi0_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sql-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-23.02.7-150300.7.17.1
- slurm_23_02-munge-23.02.7-150300.7.17.1
- perl-slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-23.02.7-150300.7.17.1
- slurm_23_02-sview-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-23.02.7-150300.7.17.1
- slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-cray-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-torque-debuginfo-23.02.7-150300.7.17.1
- libpmi0_23_02-debuginfo-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-debugsource-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-23.02.7-150300.7.17.1
- slurm_23_02-lua-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-debuginfo-23.02.7-150300.7.17.1
- perl-slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-munge-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.17.1
- libslurm39-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sview-23.02.7-150300.7.17.1
- slurm_23_02-sql-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-lua-23.02.7-150300.7.17.1
- libslurm39-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.17.1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
- slurm_23_02-config-23.02.7-150300.7.17.1
- slurm_23_02-doc-23.02.7-150300.7.17.1
- slurm_23_02-webdoc-23.02.7-150300.7.17.1
- slurm_23_02-config-man-23.02.7-150300.7.17.1
-
openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
- slurm_23_02-cray-23.02.7-150300.7.17.1
- slurm_23_02-torque-23.02.7-150300.7.17.1
- slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-devel-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-23.02.7-150300.7.17.1
- libpmi0_23_02-23.02.7-150300.7.17.1
- slurm_23_02-hdf5-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-rest-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sql-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-23.02.7-150300.7.17.1
- slurm_23_02-munge-23.02.7-150300.7.17.1
- perl-slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-rest-23.02.7-150300.7.17.1
- slurm_23_02-sview-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-23.02.7-150300.7.17.1
- slurm_23_02-23.02.7-150300.7.17.1
- slurm_23_02-cray-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-torque-debuginfo-23.02.7-150300.7.17.1
- libpmi0_23_02-debuginfo-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-node-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-debugsource-23.02.7-150300.7.17.1
- slurm_23_02-testsuite-23.02.7-150300.7.17.1
- libnss_slurm2_23_02-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-23.02.7-150300.7.17.1
- slurm_23_02-hdf5-23.02.7-150300.7.17.1
- slurm_23_02-lua-debuginfo-23.02.7-150300.7.17.1
- perl-slurm_23_02-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-plugins-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-munge-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.17.1
- libslurm39-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-sview-23.02.7-150300.7.17.1
- slurm_23_02-sql-debuginfo-23.02.7-150300.7.17.1
- slurm_23_02-lua-23.02.7-150300.7.17.1
- libslurm39-23.02.7-150300.7.17.1
- slurm_23_02-slurmdbd-23.02.7-150300.7.17.1
- slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.17.1
-
openSUSE Leap 15.3 (noarch)
- slurm_23_02-sjstat-23.02.7-150300.7.17.1
- slurm_23_02-config-man-23.02.7-150300.7.17.1
- slurm_23_02-webdoc-23.02.7-150300.7.17.1
- slurm_23_02-config-23.02.7-150300.7.17.1
- slurm_23_02-doc-23.02.7-150300.7.17.1
- slurm_23_02-openlava-23.02.7-150300.7.17.1
- slurm_23_02-seff-23.02.7-150300.7.17.1
References:
- https://www.suse.com/security/cve/CVE-2023-49933.html
- https://www.suse.com/security/cve/CVE-2023-49935.html
- https://www.suse.com/security/cve/CVE-2023-49936.html
- https://www.suse.com/security/cve/CVE-2023-49937.html
- https://www.suse.com/security/cve/CVE-2023-49938.html
- https://bugzilla.suse.com/show_bug.cgi?id=1216869
- https://bugzilla.suse.com/show_bug.cgi?id=1217711
- https://bugzilla.suse.com/show_bug.cgi?id=1218046
- https://bugzilla.suse.com/show_bug.cgi?id=1218049
- https://bugzilla.suse.com/show_bug.cgi?id=1218050
- https://bugzilla.suse.com/show_bug.cgi?id=1218051
- https://bugzilla.suse.com/show_bug.cgi?id=1218053