Control: tags -1 + confirmed On Fri, 2017-07-28 at 15:40 +0200, Gennaro Oliva wrote: > I'd like to update slurm-llnl in the next oldstable point release to > address a vulnerability in how the slurmd daemon informs users of > a Prolog failure on a compute node. That vulnerability could allow a > user to assume control of an arbitrary file on the system. Any > exploitation of this is dependent on the user being able to cause or > anticipate the failure (non-zero return code) of a Prolog script that > their job would run on (CVE-2016-10030).
+slurm-llnl (14.03.9-5+deb8u1) jessie-security; urgency=high The distribution there wants to be "jessie". With that change, please go ahead. Regards, Adam
