slurm-llnl (1.3.6-1lenny3build0.8.10.1) intrepid-security; urgency=low
* fake sync from Debian
slurm-llnl (1.3.6-1lenny3) stable-security; urgency=high
* Add missing include to prevent ia64 build problems.
slurm-llnl (1.3.6-1lenny2) stable-security; urgency=high
* Security patch to fix supplementary group flaw
slurm-llnl (1.3.6-1lenny1) testing-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix to crypto/openssl plugin that could result in job launch requests
being spoofed through the use of an improperly formed credential. This bug
could permit a user to launch tasks on compute nodes not allocated for
their use, but will NOT permit them to run tasks as another user.
This is related to CVE-2008-5077 and DSA 1701 (Closes: #511511)
-- Jamie Strandboge < [email protected]> Wed, 07 Oct 2009 06:51:11
-0500
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5077
** Changed in: slurm-llnl (Ubuntu Intrepid)
Status: Triaged => Fix Released
** Changed in: slurm-llnl (Ubuntu Intrepid)
Assignee: Artur Rona (ari-tczew) => (unassigned)
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0128
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2084
--
SLURM Security Flaw
https://bugs.launchpad.net/bugs/363904
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
