{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for slurm","title":"Title of the patch"},{"category":"description","text":"This update for slurm fixes the following issues:\n\nSlurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes\n(fate#323998 bsc#1067580).\n\nSecurity issue fixed:\n\n* CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK_ to\n  all user-set environment variables. (bsc#1065697)\n\nChanges in 17.02.9:\n\n   * When resuming powered down nodes, mark DOWN nodes right after\n     ResumeTimeout has been reached (previous logic would wait about one minute longer).\n   * Fix sreport not showing full column name for TRES Count.\n   * Fix slurmdb_reservations_get() giving wrong usage data when job's spanned\n     reservation that was modified.\n   * Fix sreport reservation utilization report showing bad data.\n   * Show all TRES' on a reservation in sreport reservation utilization report\n     by default.\n   * Fix sacctmgr show reservation handling 'end' parameter.\n   * Work around issue with sysmacros.h and gcc7 / glibc 2.25.\n   * Fix layouts code to only allow setting a boolean.\n   * Fix sbatch --wait to keep waiting even if a message timeout occurs.\n   * CRAY - If configured with NodeFeatures=knl_cray and there are non-KNL\n     nodes which include no features the slurmctld will abort without\n     this patch when attemping strtok_r(NULL).\n   * Fix regression in 17.02.7 which would run the spank_task_privileged as\n     part of the slurmstepd instead of it's child process.\n\nChanges in 17.02.8:\n\n   * Add 'slurmdbd:' to the accounting plugin to notify message is from dbd\n    instead of local.\n   * mpi/mvapich - Buffer being only partially cleared. No failures observed.\n   * Fix for job  --switch option on dragonfly network.\n   * In salloc with  --uid option, drop supplementary groups before changing UID.\n   * jobcomp/elasticsearch - strip any trailing slashes from JobCompLoc.\n   * jobcomp/elasticsearch - fix memory leak when transferring generated buffer.\n   * Prevent slurmstepd ABRT when parsing gres.conf CPUs.\n   * Fix sbatch --signal to signal all MPI ranks in a step instead of just those\n     on node 0.\n   * Check multiple partition limits when scheduling a job that were previously\n     only checked on submit.\n   * Cray: Avoid running application/step Node Health Check on the external\n     job step.\n   * Optimization enhancements for partition based job preemption.\n   * Address some build warnings from GCC 7.1, and one possible memory leak if\n     /proc is inaccessible.\n   * If creating/altering a core based reservation with scontrol/sview on a\n     remote cluster correctly determine the select type.\n   * Fix autoconf test for libcurl when clang is used.\n   * Fix default location for cgroup_allowed_devices_file.conf to use correct\n     default path.\n   * Document NewName option to sacctmgr.\n   * Reject a second PMI2_Init call within a single step to prevent slurmstepd\n     from hanging.\n   * Handle old 32bit values stored in the database for requested memory\n     correctly in sacct.\n   * Fix memory leaks in the task/cgroup plugin when constraining devices.\n   * Make extremely verbose info messages debug2 messages in the task/cgroup\n     plugin when constraining devices.\n   * Fix issue that would deny the stepd access to /dev/null where GRES has a\n    'type' but no file defined.\n   * Fix issue where the slurmstepd would fatal on job launch if you have no\n     gres listed in your slurm.conf but some in gres.conf.\n   * Fix validating time spec to correctly validate various time formats.\n   * Make scontrol work correctly with job update timelimit [+|-]=.\n   * Reduce the visibily of a number of warnings in _part_access_check.\n   * Prevent segfault in sacctmgr if no association name is specified for\n     an update command.\n   * burst_buffer/cray plugin modified to work with changes in Cray UP05\n     software release.\n   * Fix job reasons for jobs that are violating assoc MaxTRESPerNode limits.\n   * Fix segfault when unpacking a 16.05 slurm_cred in a 17.02 daemon.\n   * Fix setting TRES limits with case insensitive TRES names.\n   * Add alias for xstrncmp() -- slurm_xstrncmp().\n   * Fix sorting of case insensitive strings when using xstrcasecmp().\n   * Gracefully handle race condition when reading /proc as process exits.\n   * Avoid error on Cray duplicate setup of core specialization.\n   * Skip over undefined (hidden in Slurm) nodes in pbsnodes.\n   * Add empty hashes in perl api's slurm_load_node() for hidden nodes.\n   * CRAY - Add rpath logic to work for the alpscomm libs.\n   * Fixes for administrator extended TimeLimit (job reason & time limit reset).\n   * Fix gres selection on systems running select/linear.\n   * sview: Added window decorator for maximize,minimize,close buttons for all\n     systems.\n   * squeue: interpret negative length format specifiers as a request to\n     delimit values with spaces.\n   * Fix the torque pbsnodes wrapper script to parse a gres field with a type\n     set correctly.\n\nThis update also contains pdsh rebuilt against the new libslurm version.\n\n","title":"Description of the patch"},{"category":"details","text":"SUSE-SLE-Module-HPC-12-2017-2072","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3311-1.json"},{"category":"self","summary":"URL for SUSE-SU-2017:3311-1","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20173311-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2017:3311-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2017-December/003519.html"},{"category":"self","summary":"SUSE Bug 1007053","url":"https://bugzilla.suse.com/1007053"},{"category":"self","summary":"SUSE Bug 1031872","url":"https://bugzilla.suse.com/1031872"},{"category":"self","summary":"SUSE Bug 1041706","url":"https://bugzilla.suse.com/1041706"},{"category":"self","summary":"SUSE Bug 1065697","url":"https://bugzilla.suse.com/1065697"},{"category":"self","summary":"SUSE Bug 1067580","url":"https://bugzilla.suse.com/1067580"},{"category":"self","summary":"SUSE CVE CVE-2017-15566 page","url":"https://www.suse.com/security/cve/CVE-2017-15566/"}],"title":"Security update for slurm","tracking":{"current_release_date":"2017-12-14T14:51:03Z","generator":{"date":"2017-12-14T14:51:03Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2017:3311-1","initial_release_date":"2017-12-14T14:51:03Z","revision_history":[{"date":"2017-12-14T14:51:03Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"libpmi0-17.02.9-6.10.1.aarch64","product":{"name":"libpmi0-17.02.9-6.10.1.aarch64","product_id":"libpmi0-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"libslurm29-16.05.8.1-6.1.aarch64","product":{"name":"libslurm29-16.05.8.1-6.1.aarch64","product_id":"libslurm29-16.05.8.1-6.1.aarch64"}},{"category":"product_version","name":"libslurm31-17.02.9-6.10.1.aarch64","product":{"name":"libslurm31-17.02.9-6.10.1.aarch64","product_id":"libslurm31-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"pdsh-2.33-7.5.17.aarch64","product":{"name":"pdsh-2.33-7.5.17.aarch64","product_id":"pdsh-2.33-7.5.17.aarch64"}},{"category":"product_version","name":"perl-slurm-17.02.9-6.10.1.aarch64","product":{"name":"perl-slurm-17.02.9-6.10.1.aarch64","product_id":"perl-slurm-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-17.02.9-6.10.1.aarch64","product":{"name":"slurm-17.02.9-6.10.1.aarch64","product_id":"slurm-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-auth-none-17.02.9-6.10.1.aarch64","product":{"name":"slurm-auth-none-17.02.9-6.10.1.aarch64","product_id":"slurm-auth-none-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-devel-17.02.9-6.10.1.aarch64","product":{"name":"slurm-devel-17.02.9-6.10.1.aarch64","product_id":"slurm-devel-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-doc-17.02.9-6.10.1.aarch64","product":{"name":"slurm-doc-17.02.9-6.10.1.aarch64","product_id":"slurm-doc-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-lua-17.02.9-6.10.1.aarch64","product":{"name":"slurm-lua-17.02.9-6.10.1.aarch64","product_id":"slurm-lua-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-munge-17.02.9-6.10.1.aarch64","product":{"name":"slurm-munge-17.02.9-6.10.1.aarch64","product_id":"slurm-munge-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-pam_slurm-17.02.9-6.10.1.aarch64","product":{"name":"slurm-pam_slurm-17.02.9-6.10.1.aarch64","product_id":"slurm-pam_slurm-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-plugins-17.02.9-6.10.1.aarch64","product":{"name":"slurm-plugins-17.02.9-6.10.1.aarch64","product_id":"slurm-plugins-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-sched-wiki-17.02.9-6.10.1.aarch64","product":{"name":"slurm-sched-wiki-17.02.9-6.10.1.aarch64","product_id":"slurm-sched-wiki-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","product":{"name":"slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","product_id":"slurm-slurmdb-direct-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-slurmdbd-17.02.9-6.10.1.aarch64","product":{"name":"slurm-slurmdbd-17.02.9-6.10.1.aarch64","product_id":"slurm-slurmdbd-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-sql-17.02.9-6.10.1.aarch64","product":{"name":"slurm-sql-17.02.9-6.10.1.aarch64","product_id":"slurm-sql-17.02.9-6.10.1.aarch64"}},{"category":"product_version","name":"slurm-torque-17.02.9-6.10.1.aarch64","product":{"name":"slurm-torque-17.02.9-6.10.1.aarch64","product_id":"slurm-torque-17.02.9-6.10.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"libpmi0-17.02.9-6.10.1.x86_64","product":{"name":"libpmi0-17.02.9-6.10.1.x86_64","product_id":"libpmi0-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"libslurm29-16.05.8.1-6.1.x86_64","product":{"name":"libslurm29-16.05.8.1-6.1.x86_64","product_id":"libslurm29-16.05.8.1-6.1.x86_64"}},{"category":"product_version","name":"libslurm31-17.02.9-6.10.1.x86_64","product":{"name":"libslurm31-17.02.9-6.10.1.x86_64","product_id":"libslurm31-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"pdsh-2.33-7.5.17.x86_64","product":{"name":"pdsh-2.33-7.5.17.x86_64","product_id":"pdsh-2.33-7.5.17.x86_64"}},{"category":"product_version","name":"perl-slurm-17.02.9-6.10.1.x86_64","product":{"name":"perl-slurm-17.02.9-6.10.1.x86_64","product_id":"perl-slurm-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-17.02.9-6.10.1.x86_64","product":{"name":"slurm-17.02.9-6.10.1.x86_64","product_id":"slurm-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-auth-none-17.02.9-6.10.1.x86_64","product":{"name":"slurm-auth-none-17.02.9-6.10.1.x86_64","product_id":"slurm-auth-none-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-devel-17.02.9-6.10.1.x86_64","product":{"name":"slurm-devel-17.02.9-6.10.1.x86_64","product_id":"slurm-devel-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-doc-17.02.9-6.10.1.x86_64","product":{"name":"slurm-doc-17.02.9-6.10.1.x86_64","product_id":"slurm-doc-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-lua-17.02.9-6.10.1.x86_64","product":{"name":"slurm-lua-17.02.9-6.10.1.x86_64","product_id":"slurm-lua-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-munge-17.02.9-6.10.1.x86_64","product":{"name":"slurm-munge-17.02.9-6.10.1.x86_64","product_id":"slurm-munge-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-pam_slurm-17.02.9-6.10.1.x86_64","product":{"name":"slurm-pam_slurm-17.02.9-6.10.1.x86_64","product_id":"slurm-pam_slurm-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-plugins-17.02.9-6.10.1.x86_64","product":{"name":"slurm-plugins-17.02.9-6.10.1.x86_64","product_id":"slurm-plugins-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-sched-wiki-17.02.9-6.10.1.x86_64","product":{"name":"slurm-sched-wiki-17.02.9-6.10.1.x86_64","product_id":"slurm-sched-wiki-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","product":{"name":"slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","product_id":"slurm-slurmdb-direct-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-slurmdbd-17.02.9-6.10.1.x86_64","product":{"name":"slurm-slurmdbd-17.02.9-6.10.1.x86_64","product_id":"slurm-slurmdbd-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-sql-17.02.9-6.10.1.x86_64","product":{"name":"slurm-sql-17.02.9-6.10.1.x86_64","product_id":"slurm-sql-17.02.9-6.10.1.x86_64"}},{"category":"product_version","name":"slurm-torque-17.02.9-6.10.1.x86_64","product":{"name":"slurm-torque-17.02.9-6.10.1.x86_64","product_id":"slurm-torque-17.02.9-6.10.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Module for HPC 12","product":{"name":"SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-hpc:12"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libpmi0-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.aarch64"},"product_reference":"libpmi0-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"libpmi0-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.x86_64"},"product_reference":"libpmi0-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"libslurm29-16.05.8.1-6.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.aarch64"},"product_reference":"libslurm29-16.05.8.1-6.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"libslurm29-16.05.8.1-6.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.x86_64"},"product_reference":"libslurm29-16.05.8.1-6.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"libslurm31-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.aarch64"},"product_reference":"libslurm31-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"libslurm31-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.x86_64"},"product_reference":"libslurm31-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"pdsh-2.33-7.5.17.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.aarch64"},"product_reference":"pdsh-2.33-7.5.17.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"pdsh-2.33-7.5.17.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.x86_64"},"product_reference":"pdsh-2.33-7.5.17.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"perl-slurm-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.aarch64"},"product_reference":"perl-slurm-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"perl-slurm-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.x86_64"},"product_reference":"perl-slurm-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-auth-none-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-auth-none-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-auth-none-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-auth-none-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-devel-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-devel-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-devel-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-devel-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-doc-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-doc-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-doc-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-doc-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-lua-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-lua-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-lua-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-lua-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-munge-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-munge-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-munge-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-munge-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-pam_slurm-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-pam_slurm-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-pam_slurm-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-pam_slurm-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-plugins-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-plugins-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-plugins-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-plugins-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-sched-wiki-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-sched-wiki-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-sched-wiki-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-sched-wiki-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-slurmdb-direct-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-slurmdb-direct-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-slurmdbd-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-slurmdbd-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-slurmdbd-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-slurmdbd-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-sql-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-sql-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-sql-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-sql-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-torque-17.02.9-6.10.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.aarch64"},"product_reference":"slurm-torque-17.02.9-6.10.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"},{"category":"default_component_of","full_product_name":{"name":"slurm-torque-17.02.9-6.10.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 12","product_id":"SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.x86_64"},"product_reference":"slurm-torque-17.02.9-6.10.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for HPC 12"}]},"vulnerabilities":[{"cve":"CVE-2017-15566","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-15566"}],"notes":[{"category":"general","text":"Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.aarch64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.x86_64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-15566","url":"https://www.suse.com/security/cve/CVE-2017-15566"},{"category":"external","summary":"SUSE Bug 1065697 for CVE-2017-15566","url":"https://bugzilla.suse.com/1065697"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.aarch64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.x86_64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libpmi0-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm29-16.05.8.1-6.1.x86_64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:libslurm31-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.aarch64","SUSE Linux Enterprise Module for HPC 12:pdsh-2.33-7.5.17.x86_64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:perl-slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-auth-none-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-devel-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-doc-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-lua-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-munge-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-pam_slurm-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-plugins-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sched-wiki-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdb-direct-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-slurmdbd-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-sql-17.02.9-6.10.1.x86_64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.aarch64","SUSE Linux Enterprise Module for HPC 12:slurm-torque-17.02.9-6.10.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-14T14:51:03Z","details":"important"}],"title":"CVE-2017-15566"}]}