Your message dated Sun, 13 Oct 2019 10:00:35 +0000
with message-id <e1ijafz-000i7l...@fasolo.debian.org>
and subject line Bug#931880: fixed in slurm-llnl 19.05.3.2-1
has caused the Debian Bug report #931880,
regarding slurm-llnl: CVE-2019-12838
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
931880: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931880
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: slurm-llnl
Version: 18.08.6.2-1
Severity: grave
Tags: security upstream
Control: found -1 18.08.5.2-1
Control: found -1 16.05.9-1+deb9u4
Control: found -1 16.05.9-1
Hi,
The following vulnerability was published for slurm-llnl. I'm filling
it with an RC severity to be on safe side, but if you have more
information available and think the RC severity is not warranted
please feel free to then downgrade.
CVE-2019-12838[0]:
| SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL
| Injection.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-12838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12838
[1] https://lists.schedmd.com/pipermail/slurm-announce/2019/000025.html
Please adjust the affected versions in the BTS as needed. [1] say that
whilest only 19.05 and 18.08 releases are patched previous releases
were affected as well.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: slurm-llnl
Source-Version: 19.05.3.2-1
We believe that the bug you reported is fixed in the latest version of
slurm-llnl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 931...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gennaro Oliva <oliv...@na.icar.cnr.it> (supplier of updated slurm-llnl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 08 Oct 2019 18:18:52 +0200
Source: slurm-llnl
Binary: libpam-slurm libpam-slurm-adopt libpmi0 libpmi0-dbgsym libpmi0-dev
libpmi2-0 libpmi2-0-dbgsym libpmi2-0-dev libslurm-dev libslurm-perl libslurm34
libslurm34-dbgsym libslurmdb-perl slurm-client slurm-client-dbgsym
slurm-client-emulator slurm-wlm slurm-wlm-basic-plugins
slurm-wlm-basic-plugins-dbgsym slurm-wlm-basic-plugins-dev slurm-wlm-doc
slurm-wlm-emulator slurm-wlm-torque slurmctld slurmctld-dbgsym slurmd
slurmd-dbgsym slurmdbd slurmdbd-dbgsym sview
Architecture: source amd64 all
Version: 19.05.3.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian HPC Team <debian-...@lists.debian.org>
Changed-By: Gennaro Oliva <oliv...@na.icar.cnr.it>
Description:
libpam-slurm - PAM module to authenticate using the SLURM resource manager
libpam-slurm-adopt - PAM module to authenticate users running a SLURM job and
track th
libpmi0 - SLURM PMI library implementation
libpmi0-dev - SLURM PMI library implementation development files
libpmi2-0 - SLURM PMI2 library implementation
libpmi2-0-dev - SLURM PMI2 library implementation development files
libslurm-dev - SLURM development files
libslurm-perl - Perl API for SLURM
libslurm34 - Runtime library files for SLURM
libslurmdb-perl - Perl API for the SLURM database
slurm-client - SLURM client side commands
slurm-client-emulator - SLURM client side commands for the emulator
slurm-wlm - Simple Linux Utility for Resource Management
slurm-wlm-basic-plugins - SLURM basic plugins
slurm-wlm-basic-plugins-dev - SLURM basic plugins development files
slurm-wlm-doc - SLURM documentation
slurm-wlm-emulator - SLURM emulator
slurm-wlm-torque - Torque compatibility wrappers for SLURM
slurmctld - SLURM central management daemon
slurmd - SLURM compute node daemon
slurmdbd - Secure enterprise-wide interface to a database for SLURM
sview - GUI to view and modify SLURM state
Closes: 931880
Changes:
slurm-llnl (19.05.3.2-1) unstable; urgency=medium
.
* New upstream release fixes CVE-2019-12838 (Closes: #931880)
* Remove libslurmdb packages as it was merged into libslurm
* Bump standard version to 4.4.1 (no changes)
* Update d/copyright
* Sync configurators with upstream
* Refresh patches
* Increase libslurm version to 34
* Update libslurm symbols file
Checksums-Sha1:
e0df708c2ed707e15fa6ed7653e15b07363253db 3671 slurm-llnl_19.05.3.2-1.dsc
ce3969d527e9167173973658f7fd6b0c73134d0d 8442455
slurm-llnl_19.05.3.2.orig.tar.gz
869c0cff25a7b0ed05f8d9df9a570475356d08c0 123676
slurm-llnl_19.05.3.2-1.debian.tar.xz
d83461103cc031c487d04b777967e894f3e9841f 30108
libpam-slurm-adopt_19.05.3.2-1_amd64.deb
4e41449d5101b57577139a5526b456225b0dda77 28180
libpam-slurm_19.05.3.2-1_amd64.deb
e22b8b6ab0539e5675fec947cd21ee276dc3fdac 26912
libpmi0-dbgsym_19.05.3.2-1_amd64.deb
687fa522ba0211ef3531671a8479785e05514254 36080
libpmi0-dev_19.05.3.2-1_amd64.deb
f74e27c2d1c777643871e4dee1c28b449fb0ea4b 32240 libpmi0_19.05.3.2-1_amd64.deb
831849958e4aee109ac785a0706e848811860366 39968
libpmi2-0-dbgsym_19.05.3.2-1_amd64.deb
659192ab52ccac28b9ccd3927a8c12b5cd464522 42000
libpmi2-0-dev_19.05.3.2-1_amd64.deb
6ef1f4e5aec5196d2fe32e23402fa65cc90092fa 34876 libpmi2-0_19.05.3.2-1_amd64.deb
cba6464d05763899f3fd2eb440ee10883eccf5dd 873192
libslurm-dev_19.05.3.2-1_amd64.deb
79153c12cebb63834ba4465d446e0d73afe4f740 165488
libslurm-perl_19.05.3.2-1_amd64.deb
af5fb88f9e762325067d5195e42df1c3845fd734 2570604
libslurm34-dbgsym_19.05.3.2-1_amd64.deb
2f1529d566c8ed405abaa510c5998bfd1518c24e 693692
libslurm34_19.05.3.2-1_amd64.deb
c9e6aba29725605d6d040885d938e40e3fe4273c 49792
libslurmdb-perl_19.05.3.2-1_amd64.deb
03263ea8d07bd07bd3c0a5d0653a9b60e9c99e84 1916620
slurm-client-dbgsym_19.05.3.2-1_amd64.deb
868a1b009f20e71f498d325c990e23149c0c19e2 392520
slurm-client-emulator_19.05.3.2-1_amd64.deb
d0e4649cacb816218d4ac363952aac50fdc38977 898104
slurm-client_19.05.3.2-1_amd64.deb
71a40fca17fcb159fc895665deadded56e0d118f 21775
slurm-llnl_19.05.3.2-1_amd64.buildinfo
ae24a6f82e5301160403b83592ee5126d261a0ce 6644988
slurm-wlm-basic-plugins-dbgsym_19.05.3.2-1_amd64.deb
e37ff51e410bb9a7862f234bf90be4f9ca17de5b 1368280
slurm-wlm-basic-plugins-dev_19.05.3.2-1_amd64.deb
c1c08e6d3f0eb3b8751871db5576dbc9346aaab6 1342108
slurm-wlm-basic-plugins_19.05.3.2-1_amd64.deb
21cd4069dda18cd785865c9357f347e7606f365c 1333760
slurm-wlm-doc_19.05.3.2-1_all.deb
3f98ebb5afd2bccb92d4627c20301a35b9faecbe 575924
slurm-wlm-emulator_19.05.3.2-1_amd64.deb
c57c32c1a92fc950a1df355a9852aa0dcb24cf61 63052
slurm-wlm-torque_19.05.3.2-1_all.deb
3beb877a9c6efe9ce2214ee776fa4c88713f9df4 22380 slurm-wlm_19.05.3.2-1_amd64.deb
2bfdff15b29edbc96d8ca1d7da677b5375f6b6ed 1333024
slurmctld-dbgsym_19.05.3.2-1_amd64.deb
3d8155c4355ce903cb6f15306fddecb2c05ca38d 643108 slurmctld_19.05.3.2-1_amd64.deb
acacb07d3c8e8cd2faaea2c3644512a99b01b586 731912
slurmd-dbgsym_19.05.3.2-1_amd64.deb
7bf521c0d1a1299c5e5986efc14e5cf6c2e8b5bf 389516 slurmd_19.05.3.2-1_amd64.deb
5c4d610b9156e923a5a7d0116c5439407ee34a76 138184
slurmdbd-dbgsym_19.05.3.2-1_amd64.deb
738c10ddc28d8cd05cea8020ab2953c0387f9cb6 69144 slurmdbd_19.05.3.2-1_amd64.deb
dd4f89cfc6e69453764bd7aea3c320ee3ce36e41 131884 sview_19.05.3.2-1_amd64.deb
Checksums-Sha256:
4ed90781b7b2df0bff175084bd1dc48bf1d1ffdeb7d63f779c92118a5742cd3a 3671
slurm-llnl_19.05.3.2-1.dsc
e02cf60dc2a10674137a1c86e5211753203df46ae15a1d07382351d05edb71b8 8442455
slurm-llnl_19.05.3.2.orig.tar.gz
7e6ef7b6896451ab147361e58225009df5f2cdf43ce7d2d8ef6ad4b2f91b4457 123676
slurm-llnl_19.05.3.2-1.debian.tar.xz
ff5b2ffb3f3b490634258e0796a82e85a169361924d76e3458feed671f2460e4 30108
libpam-slurm-adopt_19.05.3.2-1_amd64.deb
75d91392bb92bfb900117d453f19aaee59741edab9c8c0e996c3a4e76c318e5a 28180
libpam-slurm_19.05.3.2-1_amd64.deb
735b1438a0e136e931a84e946f950c6aed0511185507b9cac9ae69e22b1f8e4a 26912
libpmi0-dbgsym_19.05.3.2-1_amd64.deb
9ae4d7257ba01c2e46ae15f4c4a93271d00e4e8b2da9232cf08fd48fd09c575f 36080
libpmi0-dev_19.05.3.2-1_amd64.deb
f5d20351356d6ae39c4cf867792343ee9f1ed71de288d43839945d5d7bc6ef6e 32240
libpmi0_19.05.3.2-1_amd64.deb
68222822e8d71601e8ecebd635a1816645bfa8ff49e778865fb786af7b440aad 39968
libpmi2-0-dbgsym_19.05.3.2-1_amd64.deb
c8b9f7a8311aff7bf421a354265d4e2c0dc6a57518f9697cf88a2c8f352e4d6f 42000
libpmi2-0-dev_19.05.3.2-1_amd64.deb
4550c99d68eeb6c251e6c8316ed02a4892f2dc3bb69e818fd96b48d8fac8ce74 34876
libpmi2-0_19.05.3.2-1_amd64.deb
d2dd520d590103e90069a6ca59e1d4c6c736a847fd16a5d283bc315ffe5ee37d 873192
libslurm-dev_19.05.3.2-1_amd64.deb
24290dd7c7733c422108f2a8f6f22ff01f0ae7f191df275064bf9da21a33cce5 165488
libslurm-perl_19.05.3.2-1_amd64.deb
a206db9cfc75bd6d9556350150a805405b39aa6e9168096e9918c7b1c795a3fa 2570604
libslurm34-dbgsym_19.05.3.2-1_amd64.deb
4cb61fd5c8ae1f88b7140d6dc104985fa0f2660fd2d7d776eb82a260fa72597f 693692
libslurm34_19.05.3.2-1_amd64.deb
8cb901fd9a8cc93de24a89787a21298d999ba07942a7a4111424b2c659c701bf 49792
libslurmdb-perl_19.05.3.2-1_amd64.deb
69c8a4303570a38c0c3df43ffef93b52f2892ff4c0ea07e8100af141172b1868 1916620
slurm-client-dbgsym_19.05.3.2-1_amd64.deb
433044940ecadfc03fa53e115535963015477f1e45b9acb63e5f99195ebff25c 392520
slurm-client-emulator_19.05.3.2-1_amd64.deb
095ff1a3549b96f40e43d3783544eb3e34c80503774e6530bfa97775650ba01e 898104
slurm-client_19.05.3.2-1_amd64.deb
bab7a2b4e0f40a9cedd7113a9ae03d7de4b11bbeab09ff1f5060eb4179f82695 21775
slurm-llnl_19.05.3.2-1_amd64.buildinfo
eb54f6beee3c3d601a40c7b3e7a4f7258dc0be6d9a05ea7e28aa13c5390e4583 6644988
slurm-wlm-basic-plugins-dbgsym_19.05.3.2-1_amd64.deb
a3901a6aca7bffb3939e9d19299bf30b8300b735c5d6222ab6ee0ba17df5f248 1368280
slurm-wlm-basic-plugins-dev_19.05.3.2-1_amd64.deb
5825fb510155bd3131ed77b6f4b8643cf40b35cc2d53640d18384260206ee73a 1342108
slurm-wlm-basic-plugins_19.05.3.2-1_amd64.deb
f38fea60b55460c4834eb48b3708a681319aba690eee015943304a787b264e36 1333760
slurm-wlm-doc_19.05.3.2-1_all.deb
b2fe961e6b1218d7929f366961f9a7900a843d213c899a18bbb87ebcc60fdd60 575924
slurm-wlm-emulator_19.05.3.2-1_amd64.deb
375f4ec910473019a40d9b3501ec315a45732841b274d08fbc8d2dcaf7640517 63052
slurm-wlm-torque_19.05.3.2-1_all.deb
e12bafe7026d404077bcb1bbdb4759c690cf6fbf0fd60cf7aa4151684e76cfe9 22380
slurm-wlm_19.05.3.2-1_amd64.deb
f1e1f45192179af63792cc65f33b77be4edd87a6a93263e528413621c698d4b9 1333024
slurmctld-dbgsym_19.05.3.2-1_amd64.deb
13007c07def82431d9f4277464142da5ab95db49623d1c58f9db5a278c58bb21 643108
slurmctld_19.05.3.2-1_amd64.deb
b8dcd583133cf70389c6b314b5ab6de2c8e4506d26011789cd13310ad0551155 731912
slurmd-dbgsym_19.05.3.2-1_amd64.deb
7f69ef5c4f97d4ead4e5cb7fc3e03409d2a787bdc92ca63cb85a2eb772e26a5a 389516
slurmd_19.05.3.2-1_amd64.deb
6e7236b57cae6671c6ede8e1a53ffbe439db1d4b119f8956fb864092bf0cda6f 138184
slurmdbd-dbgsym_19.05.3.2-1_amd64.deb
15a11a26fd7b842b34d4eb5762273bf0f7fb78bd2df8b21dd9c839ca3fae37ec 69144
slurmdbd_19.05.3.2-1_amd64.deb
bf4dda9fef5b308937a77f8edfd2b073add4e1212d1f430eb3443f520d15a75d 131884
sview_19.05.3.2-1_amd64.deb
Files:
1d9d92752851d045f30d319f76cb8836 3671 admin optional slurm-llnl_19.05.3.2-1.dsc
906e4fde566d6084680697682277b9c6 8442455 admin optional
slurm-llnl_19.05.3.2.orig.tar.gz
88409e3add85929acd6ae8767647448f 123676 admin optional
slurm-llnl_19.05.3.2-1.debian.tar.xz
5b03bda03671c9ad8cf0d15977babf1a 30108 admin optional
libpam-slurm-adopt_19.05.3.2-1_amd64.deb
e90837c6d13283856ea7c9708829071f 28180 admin optional
libpam-slurm_19.05.3.2-1_amd64.deb
dd687fa4544da90729d48a65533b5045 26912 debug optional
libpmi0-dbgsym_19.05.3.2-1_amd64.deb
e8b7a3f6fdf84669fb2b246ca9812c25 36080 libdevel optional
libpmi0-dev_19.05.3.2-1_amd64.deb
8c7037d800f4257bee8386cdf8e3ad0b 32240 libs optional
libpmi0_19.05.3.2-1_amd64.deb
aadfbe63bc07413ef0a96a2e6033d729 39968 debug optional
libpmi2-0-dbgsym_19.05.3.2-1_amd64.deb
94971764640bcd0f359748593a3b70b9 42000 libdevel optional
libpmi2-0-dev_19.05.3.2-1_amd64.deb
9ee57f8457fa62c39a3d784e69aa2a59 34876 libs optional
libpmi2-0_19.05.3.2-1_amd64.deb
d26dade00e1d299a14ab82c99bd12473 873192 libdevel optional
libslurm-dev_19.05.3.2-1_amd64.deb
bd11a0a1fbfc330571d63172e025c599 165488 perl optional
libslurm-perl_19.05.3.2-1_amd64.deb
63f0d49cd078a84a4c6d591a95ea5ffa 2570604 debug optional
libslurm34-dbgsym_19.05.3.2-1_amd64.deb
90096287580be79eab711cc78a270444 693692 libs optional
libslurm34_19.05.3.2-1_amd64.deb
523a63b0fd9533616adb4b5d692eb473 49792 perl optional
libslurmdb-perl_19.05.3.2-1_amd64.deb
261f5c42cbd50e940b88548ff21fcc0f 1916620 debug optional
slurm-client-dbgsym_19.05.3.2-1_amd64.deb
2dcd517360730aaac9209d710b2067d8 392520 admin optional
slurm-client-emulator_19.05.3.2-1_amd64.deb
9618ff3b95f6191fb02791533f43a101 898104 admin optional
slurm-client_19.05.3.2-1_amd64.deb
a130d6e0d06e78b2d70bbfc65430b17b 21775 admin optional
slurm-llnl_19.05.3.2-1_amd64.buildinfo
ba55f8a787aa4e370f2930a7e651a4a2 6644988 debug optional
slurm-wlm-basic-plugins-dbgsym_19.05.3.2-1_amd64.deb
40de4240ec110934ed8e463e957887b7 1368280 devel optional
slurm-wlm-basic-plugins-dev_19.05.3.2-1_amd64.deb
e9cbb112a87cf5d451a744f5e39333c1 1342108 admin optional
slurm-wlm-basic-plugins_19.05.3.2-1_amd64.deb
5d1f514f96e82f7e86c90be936bd5c4a 1333760 doc optional
slurm-wlm-doc_19.05.3.2-1_all.deb
f5736efe93f3c2709939db0fa474f275 575924 admin optional
slurm-wlm-emulator_19.05.3.2-1_amd64.deb
bb3000ad470b6e7686643c35daf6d15b 63052 admin optional
slurm-wlm-torque_19.05.3.2-1_all.deb
feeb6db3510eb07cc9e58ca84e309d47 22380 admin optional
slurm-wlm_19.05.3.2-1_amd64.deb
851e62a0b5ca353cb51e8efc60d9baf6 1333024 debug optional
slurmctld-dbgsym_19.05.3.2-1_amd64.deb
330c6795045b504b1e8cc1fd12cf6e1e 643108 admin optional
slurmctld_19.05.3.2-1_amd64.deb
4d522be4f154f98028f5d65e9c707a45 731912 debug optional
slurmd-dbgsym_19.05.3.2-1_amd64.deb
e7050f5869530a0348bac51e7139d977 389516 admin optional
slurmd_19.05.3.2-1_amd64.deb
4dbc10872a37202d010288ba03a67ddd 138184 debug optional
slurmdbd-dbgsym_19.05.3.2-1_amd64.deb
a84f6e11ebe730817cc00633a45d6c94 69144 admin optional
slurmdbd_19.05.3.2-1_amd64.deb
b5fbda8b60a1d56e1c2412dc311e2c49 131884 admin optional
sview_19.05.3.2-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJLBAEBCgA1FiEE6zNF9WRBuLgad5h2ffpBrZYZhdcFAl2d70oXHG9saXZhLmdA
bmEuaWNhci5jbnIuaXQACgkQffpBrZYZhdffAw/+Km6evK2+5VLsBtdr1wOd4D0J
VoA7CcL9tSW3U3v7ySrxLZ1ZLnTQtvJztgKw4ESFK7ex6NffRY7rKinDYpwFRwro
VXiCbbUGjDk6CYu3jXd77HdlAPLlkUav6muhg3WVnpHzqwv+62wUnTRvr38G9sG1
U+g+UV/Z5dPanP8rA5OB4vKzXSBcGvRCizMv7vwQF2Dm9broml5qJLTVMwWESMbw
jssJYi8Rvi2T02bLRhPiTuavhdrGVvzStkqbbbVxCMj5FZBhhhE3B+8+B6xiAUZ+
YJhIoJgZnEaAAsqZrMMt7n0pQo4ZYXRmOY6v25HOrL5SCgRknU5m5RHs4OYTabUs
/fAVd1kIJLYhjhNeH5t3vpeeJle3Hwkx4mJ/CypXchBWd8mQc4llIcSuo2Z42+gs
JJG6AKmIawrEl3Pwey1YNIq0y9CuMAkRA7UfDQ9y6k2H7BYCeF8b8Fk8udhdLFsb
UJvzKOE64PthcGI/q7/y5Quy5gOgruLxq7GkAf1xGB2U9npAf1J731xMcO5DoAie
qIH/sVidJEssnTshNWGeo5ln3S2xW1tbzQLCYu0sX/ASnmLi8qrcUIwojuQCr3P/
Mq2ws59rGzBZBxqxhJeoKyhxLrWIirFiwpETjnWxVGKp+tn8OvhkBTh4inDjHaRI
5RddzPskwv+EYX1LK4Y=
=2Ydg
-----END PGP SIGNATURE-----
--- End Message ---