Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramedium severity

Fedora 38 Slurm Update - FEDORA-2023-234df8a1d4 Medium Threat Fix

- Update to slurm 22.05.10 - Use mariadb-connector-c-devel not mariadb-devel - Closes CVE-2023-41914. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-234df8a1d4 2023-10-31 01:16:30.200904 -------------------------------------------------------------------------------- Name : slurm Product : Fedora 38 Version : 22.05.10 Release : 1.fc38 URL : https://slurm.schedmd.com/ Summary : Simple Linux Utility for Resource Management Description : Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules. -------------------------------------------------------------------------------- Update Information: - Update to slurm 22.05.10 - Use mariadb-connector-c-devel not mariadb-devel - Closes CVE-2023-41914 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 21 2023 Philip Kovacs - 22.05.10-1 - Update to 22.05.10 - Use mariadb-connector-c-devel not mariadb-devel for builds -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-234df8a1d4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Codeof Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest release of slurm on Fedora 38 brings critical enhancements and rectifies a significant security vulnerability. Ensure system integrity by updating!. Fedora Update, Slurm Resource Management, Linux Cluster Management. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Oct 31, 2023 Medium Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryarbitrary code executionimportant

SUSE: 2022:1726-1 Important: Slurm_20_11 Arbitrary Code Execution

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for slurm_20_11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1726-1 Rating: important References: #1199278 #1199279 Cross-References: CVE-2022-29500 CVE-2022-29501 CVSS scores: CVE-2022-29500 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29500 (SUSE): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2022-29501 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29501 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Module for HPC 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for slurm_20_11 fixes the following issues: - CVE-2022-29500: Fixed architectural flaw that could have been exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278). - CVE-2022-29501: Fixed a problem that an unprivileged user could have sent data to arbitrary unix socket as root (bsc#1199279). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 12: zypper in -t patch SUSE-SLE-Module-HPC-12-2022-1726=1 Package List: - SUSE Linux Enterprise Module for HPC 12 (aarch64 x86_64): libnss_slurm2_20_11-20.11.9-3.11.1 libnss_slurm2_20_11-debuginfo-20.11.9-3.11.1 libpmi0_20_11-20.11.9-3.11.1 libpmi0_20_11-debuginfo-20.11.9-3.11.1 libslurm36-20.11.9-3.11.1 libslurm36-debuginfo-20.11.9-3.11.1 perl-slurm_20_11-20.11.9-3.11.1 perl-slurm_20_11-debuginfo-20.11.9-3.11.1 slurm_20_11-20.11.9-3.11.1 slurm_20_11-auth-none-20.11.9-3.11.1 slurm_20_11-auth-none-debuginfo-20.11.9-3.11.1 slurm_20_11-config-20.11.9-3.11.1 slurm_20_11-config-man-20.11.9-3.11.1 slurm_20_11-debuginfo-20.11.9-3.11.1 slurm_20_11-debugsource-20.11.9-3.11.1 slurm_20_11-devel-20.11.9-3.11.1 slurm_20_11-doc-20.11.9-3.11.1 slurm_20_11-lua-20.11.9-3.11.1 slurm_20_11-lua-debuginfo-20.11.9-3.11.1 slurm_20_11-munge-20.11.9-3.11.1 slurm_20_11-munge-debuginfo-20.11.9-3.11.1 slurm_20_11-node-20.11.9-3.11.1 slurm_20_11-node-debuginfo-20.11.9-3.11.1 slurm_20_11-pam_slurm-20.11.9-3.11.1 slurm_20_11-pam_slurm-debuginfo-20.11.9-3.11.1 slurm_20_11-plugins-20.11.9-3.11.1 slurm_20_11-plugins-debuginfo-20.11.9-3.11.1 slurm_20_11-slurmdbd-20.11.9-3.11.1 slurm_20_11-slurmdbd-debuginfo-20.11.9-3.11.1 slurm_20_11-sql-20.11.9-3.11.1 slurm_20_11-sql-debuginfo-20.11.9-3.11.1 slurm_20_11-sview-20.11.9-3.11.1 slurm_20_11-sview-debuginfo-20.11.9-3.11.1 slurm_20_11-torque-20.11.9-3.11.1 slurm_20_11-torque-debuginfo-20.11.9-3.11.1 slurm_20_11-webdoc-20.11.9-3.11.1 References: https://www.suse.com/security/cve/CVE-2022-29500.html https://www.suse.com/security/cve/CVE-2022-29501.html https://bugzilla.suse.com/1199278 https://bugzilla.suse.com/1199279 . The latest patch addresses vital vulnerabilities in slurm_20_11, enhancing overall system robustness and safeguarding access permissions.. SUSE Security Update, slurm patch, security enhancements. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 18, 2022 Important SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryremote code executionimportant

SUSE Linux 15-SP2: SUSE-SU-2021:2295-1 Critical: Slurm Code Execution

An update that solves one vulnerability and has two fixes is now available. . SUSE Security Update: Security update for slurm_20_11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:2295-1 Rating: important References: #1180700 #1185603 #1186024 Cross-References: CVE-2021-31215 CVSS scores: CVE-2021-31215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31215 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: SUSE Linux Enterprise Module for HPC 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for slurm_20_11 fixes the following issues: Updated to 20.11.7 Summary of new features: * CVE-2021-31215: Fixed a remote code execution as SlurmUser (bsc#1186024). * slurmd - handle configless failures gracefully instead of hanging indefinitely. * select/cons_tres - fix Dragonfly topology not selecting nodes in the same leaf switch when it should as well as requests with *-switches option. * Fix issue where certain step requests wouldn't run if the first node in the job allocation was full and there were idle resources on other nodes in the job allocation. * Fix deadlock issue with Slurmctld. * torque/qstat - fix printf error message in output. * When adding associations or wckeys avoid checking multiple times a user or cluster name. * Fix wrong jobacctgather information on a step on multiple nodes due to timeouts sending its the information gathered on its node. * Fix missing xstrdup which could result in slurmctld segfault on array jobs. * Fix security issue in PrologSlurmctld and EpilogSlurmctld by always prepending SPANK_to all user-set environment variables. CVE-2021-31215. * Fix sacct assert with the --qos option. * Use pkg-config --atleast-version instead of --modversion for systemd. * common/fd - fix getsockopt() call in fd_get_socket_error(). * Properly handle the return from fd_get_socket_error() in _conn_readable(). * cons_res - Fix issue where running jobs were not taken into consideration when creating a reservation. * Avoid a deadlock between job_list for_each and assoc QOS_LOCK. * Fix TRESRunMins usage for partition qos on restart/reconfig. * Fix printing of number of tasks on a completed job that didn't request tasks. * Fix updating GrpTRESRunMins when decrementing job time is bigger than it. * Make it so we handle multithreaded allocations correctly when doing --exclusive or --core-spec allocations. * Fix incorrect round-up division in _pick_step_cores * Use appropriate math to adjust cpu counts when --ntasks-per-core=1. * cons_tres - Fix consideration of power downed nodes. * cons_tres - Fix DefCpuPerGPU, increase cpus-per-task to match with gpus-per-task * cpus-per-gpu. * Fix under-cpu memory auto-adjustment when MaxMemPerCPU is set. * Make it possible to override CR_CORE_DEFAULT_DIST_BLOCK. * Perl API - fix retrieving/storing of slurm_step_id_t in job_step_info_t. * Recover state of burst buffers when slurmctld is restarted to avoid skipping burst buffer stages. * Fix race condition in burst buffer plugin which caused a burst buffer in stage-in to not get state saved if slurmctld stopped. * auth/jwt - print an error if jwt_file= has not been set in slurmdbd. * Fix RESV_DEL_HOLD not being a valid state when using squeue --states. * Add missing squeue selectable states in valid states error message. * Fix scheduling last array task multiple times on error, causing segfault. * Fix issue where a step could be allocated more memory than the job when dealing with --mem-per-cpu and --threads-per-core. * Fixremoving qos from assoc with -= can lead to assoc with no qos * auth/jwt - fix segfault on invalid credential in slurmdbd due to missing validate_slurm_user() function in context. * Fix single Port= not being applied to range of nodes in slurm.conf * Fix Jobs not requesting a tres are not starting because of that tres limit. * acct_gather_energy/rapl - fix AveWatts calculation. * job_container/tmpfs - Fix issues with cleanup and slurmd restarting on running jobs. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 15-SP2: zypper in -t patch SUSE-SLE-Module-HPC-15-SP2-2021-2295=1 - SUSE Linux Enterprise High Performance Computing 15-SP2: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-2021-2295=1 Package List: - SUSE Linux Enterprise Module for HPC 15-SP2 (aarch64 x86_64): libnss_slurm2_20_11-20.11.7-6.5.1 libpmi0_20_11-20.11.7-6.5.1 libslurm36-20.11.7-6.5.1 perl-slurm_20_11-20.11.7-6.5.1 slurm_20_11-20.11.7-6.5.1 slurm_20_11-auth-none-20.11.7-6.5.1 slurm_20_11-config-20.11.7-6.5.1 slurm_20_11-config-man-20.11.7-6.5.1 slurm_20_11-devel-20.11.7-6.5.1 slurm_20_11-doc-20.11.7-6.5.1 slurm_20_11-lua-20.11.7-6.5.1 slurm_20_11-munge-20.11.7-6.5.1 slurm_20_11-node-20.11.7-6.5.1 slurm_20_11-pam_slurm-20.11.7-6.5.1 slurm_20_11-plugins-20.11.7-6.5.1 slurm_20_11-slurmdbd-20.11.7-6.5.1 slurm_20_11-sql-20.11.7-6.5.1 slurm_20_11-sview-20.11.7-6.5.1 slurm_20_11-torque-20.11.7-6.5.1 slurm_20_11-webdoc-20.11.7-6.5.1 - SUSE Linux Enterprise High Performance Computing 15-SP2 (aarch64 x86_64): libnss_slurm2_20_11-20.11.7-6.5.1 libpmi0_20_11-20.11.7-6.5.1 libslurm36-20.11.7-6.5.1 perl-slurm_20_11-20.11.7-6.5.1 slurm_20_11-20.11.7-6.5.1 slurm_20_11-auth-none-20.11.7-6.5.1 slurm_20_11-config-20.11.7-6.5.1 slurm_20_11-config-man-20.11.7-6.5.1 slurm_20_11-devel-20.11.7-6.5.1 slurm_20_11-doc-20.11.7-6.5.1 slurm_20_11-lua-20.11.7-6.5.1 slurm_20_11-munge-20.11.7-6.5.1 slurm_20_11-node-20.11.7-6.5.1 slurm_20_11-pam_slurm-20.11.7-6.5.1 slurm_20_11-plugins-20.11.7-6.5.1 slurm_20_11-slurmdbd-20.11.7-6.5.1 slurm_20_11-sql-20.11.7-6.5.1 slurm_20_11-sview-20.11.7-6.5.1 slurm_20_11-torque-20.11.7-6.5.1 slurm_20_11-webdoc-20.11.7-6.5.1 References: https://www.suse.com/security/cve/CVE-2021-31215.html https://bugzilla.suse.com/1180700 https://bugzilla.suse.com/1185603 https://bugzilla.suse.com/1186024 . SUSE has released a security update for slurm_20_11 that addresses a severe remote code execution vulnerability, along with various additional fixes.. SUSE Linux, Slurm Update, HPC Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 12, 2021 Critical SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryremote code executionSUSE Linux Enterprise

SUSE: 2021:1856-1 Important: Remote Code Execution in Slurm_18_08

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for slurm_18_08 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1856-1 Rating: important References: #1186024 Cross-References: CVE-2021-31215 CVSS scores: CVE-2021-31215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31215 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for slurm_18_08 fixes the following issues: - CVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-1856=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-1856=1 Package List: - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): libpmi0_18_08-18.08.9-1.14.1 libpmi0_18_08-debuginfo-18.08.9-1.14.1 libslurm33-18.08.9-1.14.1 libslurm33-debuginfo-18.08.9-1.14.1 perl-slurm_18_08-18.08.9-1.14.1 perl-slurm_18_08-debuginfo-18.08.9-1.14.1 slurm_18_08-18.08.9-1.14.1 slurm_18_08-auth-none-18.08.9-1.14.1 slurm_18_08-auth-none-debuginfo-18.08.9-1.14.1 slurm_18_08-config-18.08.9-1.14.1 slurm_18_08-debuginfo-18.08.9-1.14.1 slurm_18_08-debugsource-18.08.9-1.14.1 slurm_18_08-devel-18.08.9-1.14.1 slurm_18_08-doc-18.08.9-1.14.1 slurm_18_08-lua-18.08.9-1.14.1 slurm_18_08-lua-debuginfo-18.08.9-1.14.1 slurm_18_08-munge-18.08.9-1.14.1 slurm_18_08-munge-debuginfo-18.08.9-1.14.1 slurm_18_08-node-18.08.9-1.14.1 slurm_18_08-node-debuginfo-18.08.9-1.14.1 slurm_18_08-pam_slurm-18.08.9-1.14.1 slurm_18_08-pam_slurm-debuginfo-18.08.9-1.14.1 slurm_18_08-plugins-18.08.9-1.14.1 slurm_18_08-plugins-debuginfo-18.08.9-1.14.1 slurm_18_08-slurmdbd-18.08.9-1.14.1 slurm_18_08-slurmdbd-debuginfo-18.08.9-1.14.1 slurm_18_08-sql-18.08.9-1.14.1 slurm_18_08-sql-debuginfo-18.08.9-1.14.1 slurm_18_08-torque-18.08.9-1.14.1 slurm_18_08-torque-debuginfo-18.08.9-1.14.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): libpmi0_18_08-18.08.9-1.14.1 libpmi0_18_08-debuginfo-18.08.9-1.14.1 libslurm33-18.08.9-1.14.1 libslurm33-debuginfo-18.08.9-1.14.1 perl-slurm_18_08-18.08.9-1.14.1 perl-slurm_18_08-debuginfo-18.08.9-1.14.1 slurm_18_08-18.08.9-1.14.1 slurm_18_08-auth-none-18.08.9-1.14.1 slurm_18_08-auth-none-debuginfo-18.08.9-1.14.1 slurm_18_08-config-18.08.9-1.14.1 slurm_18_08-debuginfo-18.08.9-1.14.1 slurm_18_08-debugsource-18.08.9-1.14.1 slurm_18_08-devel-18.08.9-1.14.1 slurm_18_08-doc-18.08.9-1.14.1 slurm_18_08-lua-18.08.9-1.14.1 slurm_18_08-lua-debuginfo-18.08.9-1.14.1 slurm_18_08-munge-18.08.9-1.14.1 slurm_18_08-munge-debuginfo-18.08.9-1.14.1 slurm_18_08-node-18.08.9-1.14.1 slurm_18_08-node-debuginfo-18.08.9-1.14.1 slurm_18_08-pam_slurm-18.08.9-1.14.1 slurm_18_08-pam_slurm-debuginfo-18.08.9-1.14.1 slurm_18_08-plugins-18.08.9-1.14.1 slurm_18_08-plugins-debuginfo-18.08.9-1.14.1 slurm_18_08-slurmdbd-18.08.9-1.14.1 slurm_18_08-slurmdbd-debuginfo-18.08.9-1.14.1 slurm_18_08-sql-18.08.9-1.14.1 slurm_18_08-sql-debuginfo-18.08.9-1.14.1 slurm_18_08-torque-18.08.9-1.14.1 slurm_18_08-torque-debuginfo-18.08.9-1.14.1 References: https://www.suse.com/security/cve/CVE-2021-31215.html https://bugzilla.suse.com/1186024 . SUSE Security Advisory for slurm_18_08 resolves a severe remote execution vulnerability. Apply the update without delay.. SUSE High Performance Computing, Slurm Update, Remote Code Execution Risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 04, 2021 Important SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryremote code executionpatch

SUSE: 2021:1788-2 Critical: Vulnerability in Kernel Affecting Stability

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for slurm_18_08 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1788-1 Rating: important References: #1186024 Cross-References: CVE-2021-31215 CVSS scores: CVE-2021-31215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31215 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: SUSE Linux Enterprise Module for HPC 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for slurm_18_08 fixes the following issues: - CVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 12: zypper in -t patch SUSE-SLE-Module-HPC-12-2021-1788=1 Package List: - SUSE Linux Enterprise Module for HPC 12 (aarch64 x86_64): libpmi0_18_08-18.08.9-3.14.1 libpmi0_18_08-debuginfo-18.08.9-3.14.1 libslurm33-18.08.9-3.14.1 libslurm33-debuginfo-18.08.9-3.14.1 perl-slurm_18_08-18.08.9-3.14.1 perl-slurm_18_08-debuginfo-18.08.9-3.14.1 slurm_18_08-18.08.9-3.14.1 slurm_18_08-auth-none-18.08.9-3.14.1 slurm_18_08-auth-none-debuginfo-18.08.9-3.14.1 slurm_18_08-config-18.08.9-3.14.1 slurm_18_08-debuginfo-18.08.9-3.14.1 slurm_18_08-debugsource-18.08.9-3.14.1 slurm_18_08-devel-18.08.9-3.14.1 slurm_18_08-doc-18.08.9-3.14.1 slurm_18_08-lua-18.08.9-3.14.1 slurm_18_08-lua-debuginfo-18.08.9-3.14.1 slurm_18_08-munge-18.08.9-3.14.1 slurm_18_08-munge-debuginfo-18.08.9-3.14.1 slurm_18_08-node-18.08.9-3.14.1 slurm_18_08-node-debuginfo-18.08.9-3.14.1 slurm_18_08-pam_slurm-18.08.9-3.14.1 slurm_18_08-pam_slurm-debuginfo-18.08.9-3.14.1 slurm_18_08-plugins-18.08.9-3.14.1 slurm_18_08-plugins-debuginfo-18.08.9-3.14.1 slurm_18_08-slurmdbd-18.08.9-3.14.1 slurm_18_08-slurmdbd-debuginfo-18.08.9-3.14.1 slurm_18_08-sql-18.08.9-3.14.1 slurm_18_08-sql-debuginfo-18.08.9-3.14.1 slurm_18_08-torque-18.08.9-3.14.1 slurm_18_08-torque-debuginfo-18.08.9-3.14.1 References: https://www.suse.com/security/cve/CVE-2021-31215.html https://bugzilla.suse.com/1186024 . SUSE Security Patch for slurm_18_08 tackles critical remote code execution vulnerabilities within the application, rated as high priority.. SUSE Security Update, slurm Patch, Remote Code Execution, Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 27, 2021 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryremote code executionSUSE

SUSE 12: 2021:1791-1 Important: Remote Code Execution in Slurm

An update that solves one vulnerability and has two fixes is now available. . SUSE Security Update: Security update for slurm_20_11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1791-1 Rating: important References: #1180700 #1185603 #1186024 Cross-References: CVE-2021-31215 CVSS scores: CVE-2021-31215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31215 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: SUSE Linux Enterprise Module for HPC 12 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for slurm_20_11 fixes the following issues: - Udpate to 20.11.7: - CVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024) - Ship REST API version and auth plugins with slurmrestd. - Add YAML support for REST API to build (bsc#1185603). - Fix Provides:/Conflicts: for libnss_slurm (bsc#1180700). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 12: zypper in -t patch SUSE-SLE-Module-HPC-12-2021-1791=1 Package List: - SUSE Linux Enterprise Module for HPC 12 (aarch64 x86_64): libnss_slurm2_20_11-20.11.7-3.8.1 libnss_slurm2_20_11-debuginfo-20.11.7-3.8.1 libpmi0_20_11-20.11.7-3.8.1 libpmi0_20_11-debuginfo-20.11.7-3.8.1 libslurm36-20.11.7-3.8.1 libslurm36-debuginfo-20.11.7-3.8.1 perl-slurm_20_11-20.11.7-3.8.1 perl-slurm_20_11-debuginfo-20.11.7-3.8.1 slurm_20_11-20.11.7-3.8.1 slurm_20_11-auth-none-20.11.7-3.8.1 slurm_20_11-auth-none-debuginfo-20.11.7-3.8.1 slurm_20_11-config-20.11.7-3.8.1 slurm_20_11-config-man-20.11.7-3.8.1 slurm_20_11-debuginfo-20.11.7-3.8.1 slurm_20_11-debugsource-20.11.7-3.8.1 slurm_20_11-devel-20.11.7-3.8.1 slurm_20_11-doc-20.11.7-3.8.1 slurm_20_11-lua-20.11.7-3.8.1 slurm_20_11-lua-debuginfo-20.11.7-3.8.1 slurm_20_11-munge-20.11.7-3.8.1 slurm_20_11-munge-debuginfo-20.11.7-3.8.1 slurm_20_11-node-20.11.7-3.8.1 slurm_20_11-node-debuginfo-20.11.7-3.8.1 slurm_20_11-pam_slurm-20.11.7-3.8.1 slurm_20_11-pam_slurm-debuginfo-20.11.7-3.8.1 slurm_20_11-plugins-20.11.7-3.8.1 slurm_20_11-plugins-debuginfo-20.11.7-3.8.1 slurm_20_11-slurmdbd-20.11.7-3.8.1 slurm_20_11-slurmdbd-debuginfo-20.11.7-3.8.1 slurm_20_11-sql-20.11.7-3.8.1 slurm_20_11-sql-debuginfo-20.11.7-3.8.1 slurm_20_11-sview-20.11.7-3.8.1 slurm_20_11-sview-debuginfo-20.11.7-3.8.1 slurm_20_11-torque-20.11.7-3.8.1 slurm_20_11-torque-debuginfo-20.11.7-3.8.1 slurm_20_11-webdoc-20.11.7-3.8.1 References: https://www.suse.com/security/cve/CVE-2021-31215.html https://bugzilla.suse.com/1180700 https://bugzilla.suse.com/1185603 https://bugzilla.suse.com/1186024 . SUSE Security Patch for slurm_20_11 addresses a severe vulnerability linked to remote code execution, improving reliability.. SUSE Security, Slurm Update, Remote Code Fix, Important Patch, Linux Module. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 27, 2021 Important SuSE
Banner 4 1028x280 1708121825 1771600306
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatebuffer overflow

openSUSE Leap 15.2: 2021:0096-1 Important Buffer Overflow & Cookie Leak

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for slurm_18_08 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0096-1 Rating: important References: #1178890 #1178891 Cross-References: CVE-2020-27745 CVE-2020-27746 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for slurm_18_08 fixes the following issues: Security issues fixed: - CVE-2020-27745: Fixed a potential buffer overflow from use of unpackmem (bsc#1178890). - CVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-96=1 Package List: - openSUSE Leap 15.2 (x86_64): libpmi0-18.08.9-lp152.5.1 libpmi0-debuginfo-18.08.9-lp152.5.1 libslurm33-18.08.9-lp152.5.1 libslurm33-debuginfo-18.08.9-lp152.5.1 perl-slurm-18.08.9-lp152.5.1 perl-slurm-debuginfo-18.08.9-lp152.5.1 slurm-18.08.9-lp152.5.1 slurm-auth-none-18.08.9-lp152.5.1 slurm-auth-none-debuginfo-18.08.9-lp152.5.1 slurm-config-18.08.9-lp152.5.1 slurm-config-man-18.08.9-lp152.5.1 slurm-cray-18.08.9-lp152.5.1 slurm-cray-debuginfo-18.08.9-lp152.5.1 slurm-debuginfo-18.08.9-lp152.5.1 slurm-debugsource-18.08.9-lp152.5.1 slurm-devel-18.08.9-lp152.5.1 slurm-doc-18.08.9-lp152.5.1 slurm-hdf5-18.08.9-lp152.5.1 slurm-hdf5-debuginfo-18.08.9-lp152.5.1 slurm-lua-18.08.9-lp152.5.1 slurm-lua-debuginfo-18.08.9-lp152.5.1 slurm-munge-18.08.9-lp152.5.1 slurm-munge-debuginfo-18.08.9-lp152.5.1 slurm-node-18.08.9-lp152.5.1 slurm-node-debuginfo-18.08.9-lp152.5.1 slurm-openlava-18.08.9-lp152.5.1 slurm-pam_slurm-18.08.9-lp152.5.1 slurm-pam_slurm-debuginfo-18.08.9-lp152.5.1 slurm-plugins-18.08.9-lp152.5.1 slurm-plugins-debuginfo-18.08.9-lp152.5.1 slurm-seff-18.08.9-lp152.5.1 slurm-sjstat-18.08.9-lp152.5.1 slurm-slurmdbd-18.08.9-lp152.5.1 slurm-slurmdbd-debuginfo-18.08.9-lp152.5.1 slurm-sql-18.08.9-lp152.5.1 slurm-sql-debuginfo-18.08.9-lp152.5.1 slurm-sview-18.08.9-lp152.5.1 slurm-sview-debuginfo-18.08.9-lp152.5.1 slurm-torque-18.08.9-lp152.5.1 slurm-torque-debuginfo-18.08.9-lp152.5.1 slurm-webdoc-18.08.9-lp152.5.1 References: https://www.suse.com/security/cve/CVE-2020-27745.html https://www.suse.com/security/cve/CVE-2020-27746.html https://bugzilla.suse.com/1178890 https://bugzilla.suse.com/1178891 . The patch addresses vulnerabilities in slurm_18_08 for openSUSE Leap 15.2, particularly mitigating risks of buffer overflows and potential cookie data leaks.. openSUSE Update, slurm Security Fix, Threat Mitigation, Buffer Overflow Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 17, 2021 Important OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowcritical fix

SUSE: 2020:3878-1 Critical: Slurm Buffer Overflow and Cookie Leak

An update that solves two vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for slurm_17_11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3878-1 Rating: important References: #1153259 #1155784 #1178890 #1178891 Cross-References: CVE-2020-27745 CVE-2020-27746 Affected Products: SUSE Linux Enterprise Module for HPC 15-SP1 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for slurm_17_11 fixes the following issues: - CVE-2020-27745: Fixed potential buffer overflows from use of unpackmem() (bsc#1178890). - CVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891). - Fixed %posttrans macro _res_update to cope with added newline (bsc#1153259). - Fixed permissions of slurmdbd.conf (bsc#1155784). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 15-SP1: zypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2020-3878=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3878=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3878=1 Package List: - SUSE Linux Enterprise Module for HPC 15-SP1 (aarch64 x86_64): libslurm32-17.11.13-6.34.1 libslurm32-debuginfo-17.11.13-6.34.1 - SUSE Linux Enterprise High PerformanceComputing 15-LTSS (aarch64 x86_64): libpmi0-17.11.13-6.34.1 libpmi0-debuginfo-17.11.13-6.34.1 libslurm32-17.11.13-6.34.1 libslurm32-debuginfo-17.11.13-6.34.1 perl-slurm-17.11.13-6.34.1 perl-slurm-debuginfo-17.11.13-6.34.1 slurm-17.11.13-6.34.1 slurm-auth-none-17.11.13-6.34.1 slurm-auth-none-debuginfo-17.11.13-6.34.1 slurm-config-17.11.13-6.34.1 slurm-debuginfo-17.11.13-6.34.1 slurm-debugsource-17.11.13-6.34.1 slurm-devel-17.11.13-6.34.1 slurm-doc-17.11.13-6.34.1 slurm-lua-17.11.13-6.34.1 slurm-lua-debuginfo-17.11.13-6.34.1 slurm-munge-17.11.13-6.34.1 slurm-munge-debuginfo-17.11.13-6.34.1 slurm-node-17.11.13-6.34.1 slurm-node-debuginfo-17.11.13-6.34.1 slurm-pam_slurm-17.11.13-6.34.1 slurm-pam_slurm-debuginfo-17.11.13-6.34.1 slurm-plugins-17.11.13-6.34.1 slurm-plugins-debuginfo-17.11.13-6.34.1 slurm-slurmdbd-17.11.13-6.34.1 slurm-slurmdbd-debuginfo-17.11.13-6.34.1 slurm-sql-17.11.13-6.34.1 slurm-sql-debuginfo-17.11.13-6.34.1 slurm-torque-17.11.13-6.34.1 slurm-torque-debuginfo-17.11.13-6.34.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): libpmi0-17.11.13-6.34.1 libpmi0-debuginfo-17.11.13-6.34.1 libslurm32-17.11.13-6.34.1 libslurm32-debuginfo-17.11.13-6.34.1 perl-slurm-17.11.13-6.34.1 perl-slurm-debuginfo-17.11.13-6.34.1 slurm-17.11.13-6.34.1 slurm-auth-none-17.11.13-6.34.1 slurm-auth-none-debuginfo-17.11.13-6.34.1 slurm-config-17.11.13-6.34.1 slurm-debuginfo-17.11.13-6.34.1 slurm-debugsource-17.11.13-6.34.1 slurm-devel-17.11.13-6.34.1 slurm-doc-17.11.13-6.34.1 slurm-lua-17.11.13-6.34.1 slurm-lua-debuginfo-17.11.13-6.34.1 slurm-munge-17.11.13-6.34.1 slurm-munge-debuginfo-17.11.13-6.34.1 slurm-node-17.11.13-6.34.1 slurm-node-debuginfo-17.11.13-6.34.1 slurm-pam_slurm-17.11.13-6.34.1 slurm-pam_slurm-debuginfo-17.11.13-6.34.1 slurm-plugins-17.11.13-6.34.1 slurm-plugins-debuginfo-17.11.13-6.34.1 slurm-slurmdbd-17.11.13-6.34.1 slurm-slurmdbd-debuginfo-17.11.13-6.34.1 slurm-sql-17.11.13-6.34.1 slurm-sql-debuginfo-17.11.13-6.34.1 slurm-torque-17.11.13-6.34.1 slurm-torque-debuginfo-17.11.13-6.34.1 References: https://www.suse.com/security/cve/CVE-2020-27745.html https://www.suse.com/security/cve/CVE-2020-27746.html https://bugzilla.suse.com/1153259 https://bugzilla.suse.com/1155784 https://bugzilla.suse.com/1178890 https://bugzilla.suse.com/1178891 . This revision targets two essential concerns in slurm_17_12, improving overall security on SUSE environments.. SUSE Linux, slurm security, buffer overflows, security update, Linux HPC. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 18, 2020 Important SuSE
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here