Package: slurm-llnl / 16.05.9-1+deb9u4

Metadata

Package Version Patches format
slurm-llnl 16.05.9-1+deb9u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
mail path | (download)

doc/man/man1/strigger.1 | 4 2 + 2 - 0 !
doc/man/man5/slurm.conf.5 | 2 1 + 1 - 0 !
src/common/read_config.h | 2 1 + 1 - 0 !
3 files changed, 4 insertions(+), 4 deletions(-)

 mail command absolute pathname                       
 This patch changes the default command to /usr/bin/mail in various
  configuration files and manual pages.                            
header | (download)

doc/html/header.txt | 9 0 + 9 - 0 !
1 file changed, 9 deletions(-)

 remove google custom engine queries script
 Remove javascript for the custom google engine queries, in the header
 of each html documentation page, to avoid potential privacy breach.
sacctmgr increase buffer | (download)

src/sacctmgr/sacctmgr.c | 2 0 + 2 - 0 !
src/sacctmgr/sacctmgr.h | 2 1 + 1 - 0 !
2 files changed, 1 insertion(+), 3 deletions(-)

 increase size of sacctmgr read buffer
 This patch significantly increases the size of the buffer for reading dumps
 with sacctmgr load. Without this patch, sacctmgr is not able to handle lines
 with more than 4096 which is too small in some cases. Also removed useless
 macro definition in other related file.
spelling | (download)

src/common/slurmdbd_defs.c | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 fix some spelling errors
 Fix spelling errors in slurmdbd_defs.c
CVE 2017 15566 | (download)

src/slurmd/slurmd/req.c | 6 2 + 4 - 0 !
1 file changed, 2 insertions(+), 4 deletions(-)

 fix cve-2017-15566
 Fix security issue caused by insecure SPANK environment variable
 handling, allowing privilege escalation to root during Prolog or Epilog
 execution
CVE 2018 10995 | (download)

slurm/slurm_errno.h | 2 2 + 0 - 0 !
src/api/step_launch.c | 17 0 + 17 - 0 !
src/common/slurm_errno.c | 2 2 + 0 - 0 !
src/slurmctld/job_mgr.c | 2 1 + 1 - 0 !
src/slurmctld/proc_req.c | 29 29 + 0 - 0 !
src/slurmd/slurmd/req.c | 96 37 + 59 - 0 !
src/slurmd/slurmstepd/slurmstepd_job.c | 14 0 + 14 - 0 !
7 files changed, 71 insertions(+), 91 deletions(-)

 fix cve-2018-10995
 Fix security issue caused by mishandling user names (aka user_name
 fields) and group ids (aka gid fields). This patch was adapted from the
 changes of the 17.02 upstream branch 
CVE 2018 7033 | (download)

src/common/pack.c | 75 75 + 0 - 0 !
src/common/pack.h | 11 9 + 2 - 0 !
src/common/slurm_xlator.h | 2 2 + 0 - 0 !
src/plugins/accounting_storage/mysql/as_mysql_cluster.c | 7 3 + 4 - 0 !
src/plugins/accounting_storage/mysql/as_mysql_job.c | 73 28 + 45 - 0 !
src/plugins/accounting_storage/mysql/as_mysql_resv.c | 6 2 + 4 - 0 !
6 files changed, 119 insertions(+), 55 deletions(-)

 fix cve-2018-7033
 Fix security issue that can cause SQL Injection attacks against SlurmDBD
 This patch was adapted from the changes of the 17.02 upstream branch 
CVE 2019 6438 | (download)

contribs/perlapi/libslurm/perl/slurm-perl.h | 2 1 + 1 - 0 !
src/common/xmalloc.c | 6 5 + 1 - 0 !
src/common/xmalloc.h | 10 6 + 4 - 0 !
3 files changed, 12 insertions(+), 6 deletions(-)

 add mitigation for a potential heap-overflow on 32-bit systems
 Force intermediate values to uint64_t to catch the potential overflow
 This patch was adapted from the changes of the 17.11 upstream branch