Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Fedora 35: FEDORA-2022-6d9d1862ee Moderate Access Control Issues

fedora
Calendar Grey May 17, 2022
Dist Fedora Esm H88
An update to Slurm version 21.08.8 on Fedora addresses vulnerabilities related to access control and information leakage.
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502

Summary

Slurm is an open source, fault-tolerant, and highly scalable

cluster management and job scheduling system for Linux clusters.

Components include machine status, partition management,

job management, scheduling and accounting modules.

Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502.

* Mon May 9 2022 Philip Kovacs - 21.08.8-2

- Update to 21.08.8-2 (upstream re-release)

* Thu May 5 2022 Carl George - 21.08.8-1

- Update to 21.08.8, resolves: rhbz#2082276

- Fix CVE-2022-29500, resolves: rhbz#2082286

- Fix CVE-2022-29501, resolves: rhbz#2082289

- Fix CVE-2022-29502, resolves: rhbz#2082293

* Sat Apr 2 2022 Philip Kovacs - 21.08.6-1

- Update to 21.08.6

* Sat Jan 22 2022 Fedora Release Engineering - 21.08.5-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

* Fri Jan 14 2022 Philip Kovacs - 21.08.5-1

- Update to 21.08.5

* Sun Nov 21 2021 Orion Poplawski - 21.08.4-2

- Rebuild for hdf5 1.12.1

[ 1 ] Bug #2082276 - slurm-21.08.8 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2082276

[ 2 ] Bug #2082286 - CVE-2022-29500 slurm: SchedMD has Incorrect Access Control that leads to Information Disclosure. [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2082286

[ 3 ] Bug #2082289 - CVE-2022-29501 slurm: usage leads to unprivileged access to send arbritary unix socket as root [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2082289

[ 4 ] Bug #2082293 - CVE-2022-29502 slurm: I/O key validation allows attacker to intercept communication [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2082293

su -c 'dnf upgrade --advisory FEDORA-2022-6d9d1862ee' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory update Fedora access control moderate severity information disclosure slurm

Change Log

References

Update Instructions

Product: Fedora 35
Version: 21.08.8
Release: 2.fc35
URL: https://slurm.schedmd.com/
Summary: Simple Linux Utility for Resource Management

Topics%20covered

Topics Covered

security advisory update Fedora access control moderate severity information disclosure slurm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here