Stay Vigilant with Timely Linux Security Advisories

security advisorydebianDoS

Debian 11 Ceph DLA-4460-1 Fix for CVE-2022-0670 Denial of Service

Ceph is a distributed object, block, and file storage platform. CVE-2022-0670 A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the. Debian LTS Advisory DLA-4460-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta February 01, 2026 https://wiki.debian.org/LTS Package : ceph Version : 14.2.21-1+deb11u2 CVE ID : CVE-2022-0670 CVE-2024-47866 Debian Bug : 1016069 1120797 Ceph is a distributed object, block, and file storage platform. CVE-2022-0670 A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise confidentiality and integrity of a file system. CVE-2024-47866 Using the argument `x-amz-copy-source` to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. For Debian 11 bullseye, these problems have been fixed in version 14.2.21-1+deb11u2. We recommend that you upgrade your ceph packages. For the detailed security status of ceph please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/ceph Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Discover crucial Ceph security updates for Debian LTS addressing important file system issues and DoS threats.. Ceph Security Update, Debian LTS Advisory, DoS Attack Prevention, CVE-2022-0670, Filesystem Integrity Fix. . Severity: Important. LinuxSecurity.com Team

Feb 01, 2026 •Important Debian LTS

security advisorycritical updatefilesystem issue

SUSE Linux 2023:4566-1 Important: slurm_23_02 Critical File Issue

* bsc#1216207 * bsc#1216869 Cross-References: * CVE-2023-41914 . # Security update for slurm_23_02 Announcement ID: SUSE-SU-2023:4566-1 Rating: important References: * bsc#1216207 * bsc#1216869 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-41914 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP4 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm_23_02 fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could have led to an attacker taking control of an arbitrary file, or removing entire directoy contents (bsc#1216207). Bug fixes: * Add missing dependencies to slurm-config to plugins package. These should help to tie down the slurm version and help to avoid a package mix (bsc#1216869). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2023-4566=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4566=1 * HPC Module 15-SP4 zypper in -t patch SUSE-SLE-Module-HPC-15-SP4-2023-4566=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4566=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4566=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-rest-23.02.6-150300.7.14.1 * slurm_23_02-cray-23.02.6-150300.7.14.1 * slurm_23_02-torque-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150300.7.14.1 * slurm_23_02-debugsource-23.02.6-150300.7.14.1 * slurm_23_02-rest-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-cray-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-hdf5-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-23.02.6-150300.7.14.1 * slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-devel-23.02.6-150300.7.14.1 * slurm_23_02-plugins-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-lua-23.02.6-150300.7.14.1 * slurm_23_02-torque-23.02.6-150300.7.14.1 * slurm_23_02-testsuite-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-debuginfo-23.02.6-150300.7.14.1 * libslurm39-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-lua-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-23.02.6-150300.7.14.1 * slurm_23_02-sview-23.02.6-150300.7.14.1 * slurm_23_02-sview-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-23.02.6-150300.7.14.1 * libslurm39-23.02.6-150300.7.14.1 * libpmi0_23_02-23.02.6-150300.7.14.1 * slurm_23_02-hdf5-23.02.6-150300.7.14.1 * slurm_23_02-node-23.02.6-150300.7.14.1 * slurm_23_02-sql-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-23.02.6-150300.7.14.1 * libpmi0_23_02-debuginfo-23.02.6-150300.7.14.1 *slurm_23_02-plugins-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * openSUSE Leap 15.3 (noarch) * slurm_23_02-config-23.02.6-150300.7.14.1 * slurm_23_02-doc-23.02.6-150300.7.14.1 * slurm_23_02-openlava-23.02.6-150300.7.14.1 * slurm_23_02-sjstat-23.02.6-150300.7.14.1 * slurm_23_02-seff-23.02.6-150300.7.14.1 * slurm_23_02-webdoc-23.02.6-150300.7.14.1 * slurm_23_02-config-man-23.02.6-150300.7.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-rest-23.02.6-150300.7.14.1 * slurm_23_02-cray-23.02.6-150300.7.14.1 * slurm_23_02-torque-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150300.7.14.1 * slurm_23_02-debugsource-23.02.6-150300.7.14.1 * slurm_23_02-rest-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-cray-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-23.02.6-150300.7.14.1 * slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-devel-23.02.6-150300.7.14.1 * slurm_23_02-plugins-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-lua-23.02.6-150300.7.14.1 * slurm_23_02-torque-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-debuginfo-23.02.6-150300.7.14.1 * libslurm39-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-lua-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-23.02.6-150300.7.14.1 * slurm_23_02-sview-23.02.6-150300.7.14.1 *slurm_23_02-sview-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-23.02.6-150300.7.14.1 * libslurm39-23.02.6-150300.7.14.1 * libpmi0_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-23.02.6-150300.7.14.1 * libpmi0_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugins-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-23.02.6-150300.7.14.1 * openSUSE Leap 15.4 (noarch) * slurm_23_02-config-23.02.6-150300.7.14.1 * slurm_23_02-webdoc-23.02.6-150300.7.14.1 * slurm_23_02-doc-23.02.6-150300.7.14.1 * slurm_23_02-config-man-23.02.6-150300.7.14.1 * HPC Module 15-SP4 (aarch64 x86_64) * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-rest-23.02.6-150300.7.14.1 * slurm_23_02-cray-23.02.6-150300.7.14.1 * slurm_23_02-torque-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150300.7.14.1 * slurm_23_02-debugsource-23.02.6-150300.7.14.1 * slurm_23_02-rest-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-cray-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-23.02.6-150300.7.14.1 * slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-devel-23.02.6-150300.7.14.1 * slurm_23_02-plugins-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-lua-23.02.6-150300.7.14.1 * slurm_23_02-torque-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-debuginfo-23.02.6-150300.7.14.1 *libslurm39-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-lua-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-23.02.6-150300.7.14.1 * slurm_23_02-sview-23.02.6-150300.7.14.1 * slurm_23_02-sview-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-23.02.6-150300.7.14.1 * libslurm39-23.02.6-150300.7.14.1 * libpmi0_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-23.02.6-150300.7.14.1 * libpmi0_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugins-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-23.02.6-150300.7.14.1 * HPC Module 15-SP4 (noarch) * slurm_23_02-config-23.02.6-150300.7.14.1 * slurm_23_02-webdoc-23.02.6-150300.7.14.1 * slurm_23_02-doc-23.02.6-150300.7.14.1 * slurm_23_02-config-man-23.02.6-150300.7.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-rest-23.02.6-150300.7.14.1 * slurm_23_02-cray-23.02.6-150300.7.14.1 * slurm_23_02-torque-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150300.7.14.1 * slurm_23_02-debugsource-23.02.6-150300.7.14.1 * slurm_23_02-rest-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-cray-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-23.02.6-150300.7.14.1 * slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-devel-23.02.6-150300.7.14.1 * slurm_23_02-plugins-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-lua-23.02.6-150300.7.14.1 * slurm_23_02-torque-23.02.6-150300.7.14.1 *slurm_23_02-slurmdbd-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-debuginfo-23.02.6-150300.7.14.1 * libslurm39-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-lua-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-23.02.6-150300.7.14.1 * slurm_23_02-sview-23.02.6-150300.7.14.1 * slurm_23_02-sview-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-23.02.6-150300.7.14.1 * libslurm39-23.02.6-150300.7.14.1 * libpmi0_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-23.02.6-150300.7.14.1 * libpmi0_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugins-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-23.02.6-150300.7.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * slurm_23_02-config-23.02.6-150300.7.14.1 * slurm_23_02-webdoc-23.02.6-150300.7.14.1 * slurm_23_02-doc-23.02.6-150300.7.14.1 * slurm_23_02-config-man-23.02.6-150300.7.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-rest-23.02.6-150300.7.14.1 * slurm_23_02-cray-23.02.6-150300.7.14.1 * slurm_23_02-torque-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.6-150300.7.14.1 * slurm_23_02-debugsource-23.02.6-150300.7.14.1 * slurm_23_02-rest-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-cray-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-23.02.6-150300.7.14.1 * slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-devel-23.02.6-150300.7.14.1 *slurm_23_02-plugins-23.02.6-150300.7.14.1 * libnss_slurm2_23_02-23.02.6-150300.7.14.1 * slurm_23_02-auth-none-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-lua-23.02.6-150300.7.14.1 * slurm_23_02-torque-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-debuginfo-23.02.6-150300.7.14.1 * perl-slurm_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-pam_slurm-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-debuginfo-23.02.6-150300.7.14.1 * libslurm39-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-lua-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-munge-23.02.6-150300.7.14.1 * slurm_23_02-sview-23.02.6-150300.7.14.1 * slurm_23_02-sview-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-23.02.6-150300.7.14.1 * libslurm39-23.02.6-150300.7.14.1 * libpmi0_23_02-23.02.6-150300.7.14.1 * slurm_23_02-sql-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-slurmdbd-23.02.6-150300.7.14.1 * libpmi0_23_02-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-plugins-debuginfo-23.02.6-150300.7.14.1 * slurm_23_02-node-23.02.6-150300.7.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_23_02-config-23.02.6-150300.7.14.1 * slurm_23_02-webdoc-23.02.6-150300.7.14.1 * slurm_23_02-doc-23.02.6-150300.7.14.1 * slurm_23_02-config-man-23.02.6-150300.7.14.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1216207 * https://bugzilla.suse.com/show_bug.cgi?id=1216869 . Latest SUSE security advisory for slurm_23_02, emphasizing critical vulnerabilities and essential updates. Protect your infrastructure!. SUSE Security Advisory, slurm update, filesystem issues, HPC Module, SUSE patch. . Severity: Important. LinuxSecurity.com Team

Nov 24, 2023 •Important SuSE

security advisoryimportantrace condition

openSUSE: 2023:4329-1 Important: Slurm Race Condition Denial of Service

This update for slurm fixes the following issues: CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207). # Security update for slurm Announcement ID: SUSE-SU-2023:4329-1 Rating: important References: * bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4329=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4329=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4329=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 * slurm_20_11-sql-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 *slurm_20_11-debugsource-20.11.9-150200.6.13.1 * slurm_20_11-rest-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-rest-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-seff-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sview-debuginfo-20.11.9-150200.6.13.1 * libpmi0_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-node-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-cray-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-openlava-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * perl-slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sjstat-20.11.9-150200.6.13.1 * slurm_20_11-cray-20.11.9-150200.6.13.1 * slurm_20_11-munge-debuginfo-20.11.9-150200.6.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 * slurm_20_11-sql-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 * slurm_20_11-debugsource-20.11.9-150200.6.13.1 * slurm_20_11-rest-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-rest-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-seff-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sview-debuginfo-20.11.9-150200.6.13.1 * libpmi0_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-node-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-cray-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-openlava-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * perl-slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sjstat-20.11.9-150200.6.13.1 * slurm_20_11-cray-20.11.9-150200.6.13.1 * slurm_20_11-munge-debuginfo-20.11.9-150200.6.13.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libslurm36-20.11.9-150200.6.13.1 * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 * slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 * slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libslurm36-debuginfo-20.11.9-150200.6.13.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1208810 * https://bugzilla.suse.com/show_bug.cgi?id=1216207 . A crucial patch for slurm resolves race conditions that could result in unauthorized file manipulation. Update applied.. Slurm, Race Condition Patch, openSUSE, Security Update, Filesystem Handling. . Severity: Important. LinuxSecurity.com Team

Nov 01, 2023 •Important OpenSUSE

security advisoryfilesystem issueimportant fix

openSUSE: 2023:4329-1 Important: Slurm Filesystem Race Condition

* bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 . # Security update for slurm Announcement ID: SUSE-SU-2023:4329-1 Rating: important References: * bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4329=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4329=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4329=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 * slurm_20_11-sql-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 * slurm_20_11-debugsource-20.11.9-150200.6.13.1 * slurm_20_11-rest-debuginfo-20.11.9-150200.6.13.1 *slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-rest-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-seff-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sview-debuginfo-20.11.9-150200.6.13.1 * libpmi0_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-node-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-cray-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-openlava-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * perl-slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sjstat-20.11.9-150200.6.13.1 * slurm_20_11-cray-20.11.9-150200.6.13.1 * slurm_20_11-munge-debuginfo-20.11.9-150200.6.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 * slurm_20_11-sql-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 * slurm_20_11-debugsource-20.11.9-150200.6.13.1 * slurm_20_11-rest-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-rest-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-torque-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-seff-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sview-debuginfo-20.11.9-150200.6.13.1 * libpmi0_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-lua-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-node-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-cray-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-openlava-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * perl-slurm_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.13.1 * slurm_20_11-sjstat-20.11.9-150200.6.13.1 * slurm_20_11-cray-20.11.9-150200.6.13.1 * slurm_20_11-munge-debuginfo-20.11.9-150200.6.13.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libslurm36-20.11.9-150200.6.13.1 * slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-plugins-20.11.9-150200.6.13.1 * libpmi0_20_11-20.11.9-150200.6.13.1 * slurm_20_11-slurmdbd-20.11.9-150200.6.13.1 *slurm_20_11-torque-20.11.9-150200.6.13.1 * slurm_20_11-devel-20.11.9-150200.6.13.1 * slurm_20_11-webdoc-20.11.9-150200.6.13.1 * slurm_20_11-lua-20.11.9-150200.6.13.1 * slurm_20_11-pam_slurm-20.11.9-150200.6.13.1 * libnss_slurm2_20_11-20.11.9-150200.6.13.1 * slurm_20_11-sview-20.11.9-150200.6.13.1 * slurm_20_11-munge-20.11.9-150200.6.13.1 * slurm_20_11-config-20.11.9-150200.6.13.1 * slurm_20_11-config-man-20.11.9-150200.6.13.1 * slurm_20_11-node-20.11.9-150200.6.13.1 * perl-slurm_20_11-20.11.9-150200.6.13.1 * slurm_20_11-sql-20.11.9-150200.6.13.1 * slurm_20_11-auth-none-20.11.9-150200.6.13.1 * slurm_20_11-doc-20.11.9-150200.6.13.1 * libslurm36-debuginfo-20.11.9-150200.6.13.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1208810 * https://bugzilla.suse.com/show_bug.cgi?id=1216207 . Crucial slurm security patch for SUSE users focusing on filesystem processing weaknesses to bolster overall system reliability.. SUSE Linux, Security Update, Slurm Patch, Important Fixes, Filesystem Issues. . Severity: Important. LinuxSecurity.com Team

Nov 01, 2023 •Important SuSE

security advisorycritical threatfilesystem issue

SUSE 2023:4117-1 Important: Slurm Filesystem Handling Risk

* bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 . # Security update for slurm Announcement ID: SUSE-SU-2023:4117-1 Rating: important References: * bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2023-4117=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * slurm_18_08-node-18.08.9-3.20.1 * slurm_18_08-sql-debuginfo-18.08.9-3.20.1 * slurm_18_08-torque-18.08.9-3.20.1 * slurm_18_08-lua-debuginfo-18.08.9-3.20.1 * slurm_18_08-torque-debuginfo-18.08.9-3.20.1 * perl-slurm_18_08-debuginfo-18.08.9-3.20.1 * slurm_18_08-config-18.08.9-3.20.1 * slurm_18_08-node-debuginfo-18.08.9-3.20.1 *slurm_18_08-sql-18.08.9-3.20.1 * libslurm33-18.08.9-3.20.1 * slurm_18_08-debugsource-18.08.9-3.20.1 * slurm_18_08-pam_slurm-debuginfo-18.08.9-3.20.1 * slurm_18_08-plugins-debuginfo-18.08.9-3.20.1 * slurm_18_08-slurmdbd-debuginfo-18.08.9-3.20.1 * slurm_18_08-slurmdbd-18.08.9-3.20.1 * slurm_18_08-munge-18.08.9-3.20.1 * slurm_18_08-auth-none-18.08.9-3.20.1 * libslurm33-debuginfo-18.08.9-3.20.1 * libpmi0_18_08-debuginfo-18.08.9-3.20.1 * slurm_18_08-debuginfo-18.08.9-3.20.1 * slurm_18_08-18.08.9-3.20.1 * slurm_18_08-doc-18.08.9-3.20.1 * slurm_18_08-auth-none-debuginfo-18.08.9-3.20.1 * slurm_18_08-lua-18.08.9-3.20.1 * perl-slurm_18_08-18.08.9-3.20.1 * slurm_18_08-plugins-18.08.9-3.20.1 * slurm_18_08-pam_slurm-18.08.9-3.20.1 * libpmi0_18_08-18.08.9-3.20.1 * slurm_18_08-devel-18.08.9-3.20.1 * slurm_18_08-munge-debuginfo-18.08.9-3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1208810 * https://bugzilla.suse.com/show_bug.cgi?id=1216207 . A significant enhancement for slurm in SUSE tackles a filesystem vulnerability, boasting a high CVSS rating, improving security and performance.. SUSE Linux, Slurm Update, Filesystem Handling, HPC Security. . Severity: Important. LinuxSecurity.com Team

Oct 18, 2023 •Important SuSE

security advisoryfilesystem issueSUSE

SUSE: 2023:4119-1 Important: Slurm Filesystem Control Issue

* bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 . # Security update for slurm Announcement ID: SUSE-SU-2023:4119-1 Rating: important References: * bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2023-4119=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * perl-slurm_20_02-debuginfo-20.02.7-3.17.1 * slurm_20_02-slurmdbd-debuginfo-20.02.7-3.17.1 * slurm_20_02-config-man-20.02.7-3.17.1 * slurm_20_02-lua-20.02.7-3.17.1 * slurm_20_02-20.02.7-3.17.1 * perl-slurm_20_02-20.02.7-3.17.1 * slurm_20_02-munge-debuginfo-20.02.7-3.17.1 * slurm_20_02-torque-debuginfo-20.02.7-3.17.1 *slurm_20_02-debugsource-20.02.7-3.17.1 * slurm_20_02-devel-20.02.7-3.17.1 * slurm_20_02-doc-20.02.7-3.17.1 * slurm_20_02-torque-20.02.7-3.17.1 * libslurm35-20.02.7-3.17.1 * slurm_20_02-auth-none-20.02.7-3.17.1 * slurm_20_02-plugins-20.02.7-3.17.1 * slurm_20_02-plugins-debuginfo-20.02.7-3.17.1 * libpmi0_20_02-debuginfo-20.02.7-3.17.1 * slurm_20_02-munge-20.02.7-3.17.1 * slurm_20_02-config-20.02.7-3.17.1 * slurm_20_02-sview-debuginfo-20.02.7-3.17.1 * libnss_slurm2_20_02-20.02.7-3.17.1 * libnss_slurm2_20_02-debuginfo-20.02.7-3.17.1 * slurm_20_02-lua-debuginfo-20.02.7-3.17.1 * slurm_20_02-slurmdbd-20.02.7-3.17.1 * slurm_20_02-node-debuginfo-20.02.7-3.17.1 * slurm_20_02-node-20.02.7-3.17.1 * slurm_20_02-pam_slurm-20.02.7-3.17.1 * libpmi0_20_02-20.02.7-3.17.1 * slurm_20_02-auth-none-debuginfo-20.02.7-3.17.1 * slurm_20_02-sql-20.02.7-3.17.1 * slurm_20_02-pam_slurm-debuginfo-20.02.7-3.17.1 * slurm_20_02-debuginfo-20.02.7-3.17.1 * slurm_20_02-sview-20.02.7-3.17.1 * slurm_20_02-sql-debuginfo-20.02.7-3.17.1 * libslurm35-debuginfo-20.02.7-3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1208810 * https://bugzilla.suse.com/show_bug.cgi?id=1216207 . Tackling the urgent storage bug in slurm via SUSE's recent security patch. Implement the solution immediately to protect your infrastructure.. SUSE Linux, Slurm update, filesystem fix, high performance computing. . Severity: Important. LinuxSecurity.com Team

Oct 18, 2023 •Important SuSE

security advisoryimportantfilesystem issue

SUSE 15 SP1: 2023:4114-1 Critical: Slurm Filesystem Vulnerability

* bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 . # Security update for slurm Announcement ID: SUSE-SU-2023:4113-1 Rating: important References: * bsc#1208810 * bsc#1216207 Cross-References: * CVE-2023-41914 CVSS scores: * CVE-2023-41914 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2023-41914: Fixed a filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file. (bsc#1216207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4113=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64) * slurm_20_11-config-man-20.11.9-150100.3.19.1 * slurm_20_11-devel-20.11.9-150100.3.19.1 * slurm_20_11-torque-20.11.9-150100.3.19.1 * libnss_slurm2_20_11-20.11.9-150100.3.19.1 * perl-slurm_20_11-20.11.9-150100.3.19.1 * slurm_20_11-doc-20.11.9-150100.3.19.1 * slurm_20_11-node-20.11.9-150100.3.19.1 * slurm_20_11-munge-20.11.9-150100.3.19.1 * slurm_20_11-slurmdbd-20.11.9-150100.3.19.1 * libslurm36-20.11.9-150100.3.19.1 * slurm_20_11-lua-20.11.9-150100.3.19.1 * slurm_20_11-20.11.9-150100.3.19.1 * slurm_20_11-plugins-20.11.9-150100.3.19.1 * slurm_20_11-sview-20.11.9-150100.3.19.1 * slurm_20_11-sql-20.11.9-150100.3.19.1 * slurm_20_11-webdoc-20.11.9-150100.3.19.1 *slurm_20_11-auth-none-20.11.9-150100.3.19.1 * slurm_20_11-pam_slurm-20.11.9-150100.3.19.1 * libpmi0_20_11-20.11.9-150100.3.19.1 * slurm_20_11-config-20.11.9-150100.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41914.html * https://bugzilla.suse.com/show_bug.cgi?id=1208810 * https://bugzilla.suse.com/show_bug.cgi?id=1216207 . An important patch for OpenSUSE regarding slurm addresses a storage concern, boosting safety within High-Performance Computing settings.. SUSE Linux, Slurm, Security Update, High Performance Computing, File Handling. . Severity: Critical. LinuxSecurity.com Team

Oct 18, 2023 •Critical SuSE

security advisorycriticalFedora

Fedora 37: php-twig3 2022-42aa6ee852 Critical Filesystem Issue

**Version 3.4.3** (2022-09-28) * Fix a security issue on filesystem loader (possibility to load a template outside a configured directory). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-42aa6ee852 2022-11-10 22:04:44.624918 --------------------------------------------------------------------------------Name : php-twig3 Product : Fedora 37 Version : 3.4.3 Release : 1.fc37 URL : https://twig.symfony.com Summary : The flexible, fast, and secure template engine for PHP Description : The flexible, fast, and secure template engine for PHP. * Fast: Twig compiles templates down to plain optimized PHP code. The overhead compared to regular PHP code was reduced to the very minimum. * Secure: Twig has a sandbox mode to evaluate untrusted template code. This allows Twig to be used as a template language for applications where users may modify the template design. * Flexible: Twig is powered by a flexible lexer and parser. This allows the developer to define its own custom tags and filters, and create its own DSL. Autoloader: /usr/share/php/Twig3/autoload.php --------------------------------------------------------------------------------Update Information: **Version 3.4.3** (2022-09-28) * Fix a security issue on filesystem loader (possibility to load a template outside a configured directory) --------------------------------------------------------------------------------ChangeLog: * Thu Sep 29 2022 Remi Collet - 3.4.3-1 - update to 3.4.3 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-42aa6ee852' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys usedby the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Enhance your filesystem's security with php-twig3 on Fedora 37 by checking versions, updating packages, and following best practices for template loading.. php-twig3 Update,Fedora 37 Security,Template Engine Fix. . Severity: Critical. LinuxSecurity.com Team

Nov 10, 2022 •Critical Fedora

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Debian 11 Ceph DLA-4460-1 Fix for CVE-2022-0670 Denial of Service

SUSE Linux 2023:4566-1 Important: slurm_23_02 Critical File Issue

openSUSE: 2023:4329-1 Important: Slurm Race Condition Denial of Service

openSUSE: 2023:4329-1 Important: Slurm Filesystem Race Condition

SUSE 2023:4117-1 Important: Slurm Filesystem Handling Risk

SUSE: 2023:4119-1 Important: Slurm Filesystem Control Issue

SUSE 15 SP1: 2023:4114-1 Critical: Slurm Filesystem Vulnerability

Fedora 37: php-twig3 2022-42aa6ee852 Critical Filesystem Issue

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!