Mehrere Probleme in pdsh und slurm_20_02
ID: | SUSE-SU-2020:2607-1 |
Distribution: | SUSE |
Plattformen: | SUSE Linux Enterprise Module for HPC 12 |
Datum: | Fr, 11. September 2020, 13:55 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19728
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12838 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6438 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19727 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12693 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10030 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7033 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15566 |
Applikationen: | pdsh, slurm |
Originalnachricht |
|
SUSE Security Update: Security update for pdsh, slurm_20_02 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2607-1 Rating: moderate References: #1007053 #1018371 #1031872 #1041706 #1065697 #1084125 #1084917 #1085240 #1085606 #1086859 #1088693 #1090292 #1095508 #1100850 #1103561 #1108671 #1109373 #1116758 #1123304 #1140709 #1153095 #1153259 #1155784 #1158696 #1159692 #1161716 #1162377 #1164326 #1164386 #1172004 #1173805 SLE-10800 SLE-7341 SLE-7342 SLE-8491 Cross-References: CVE-2016-10030 CVE-2017-15566 CVE-2018-10995 CVE-2018-7033 CVE-2019-12838 CVE-2019-19727 CVE-2019-19728 CVE-2019-6438 CVE-2020-12693 Affected Products: SUSE Linux Enterprise Module for HPC 12 ______________________________________________________________________________ An update that solves 9 vulnerabilities, contains four features and has 22 fixes is now available. Description: This update for pdsh, slurm_20_02 fixes the following issues: Changes in slurm_20_02: - Add support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805). - Do not run %check on SLE-12-SP2: Some incompatibility in tcl makes this fail. - Remove unneeded build dependency to postgresql-devel. - Disable build on s390 (requires 64bit). - Bring QA to the package build: add %%check stage. - Remove cruft that isn't needed any longer. - Add 'ghosted' run-file. - Add rpmlint filter to handle issues with library packages for Leap and enterprise upgrade versions. - Updated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004). - Other changes are: * Factor in ntasks-per-core=1 with cons_tres. * Fix formatting in error message in cons_tres. * Fix calling stat on a NULL variable. * Fix minor memory leak when using reservations with flags=first_cores. * Fix gpu bind issue when CPUs=Cores and ThreadsPerCore > 1 on a node. * Fix --mem-per-gpu for heterogenous --gres requests. * Fix slurmctld load order in load_all_part_state(). * Fix race condition not finding jobacct gather task cgroup entry. * Suppress error message when selecting nodes on disjoint topologies. * Improve performance of _pack_default_job_details() with large number of job * arguments. * Fix archive loading previous to 17.11 jobs per-node req_mem. * Fix regresion validating that --gpus-per-socket requires --sockets-per-node * for steps. Should only validate allocation requests. * error() instead of fatal() when parsing an invalid hostlist. * nss_slurm - fix potential deadlock in slurmstepd on overloaded systems. * cons_tres - fix --gres-flags=enforce-binding and related --cpus-per-gres. * cons_tres - Allocate lowest numbered cores when filtering cores with gres. * Fix getting system counts for named GRES/TRES. * MySQL - Fix for handing typed GRES for association rollups. * Fix step allocations when tasks_per_core > 1. * Fix allocating more GRES than requested when asking for multiple GRES types. - Treat libnss_slurm like any other package: add version string to upgrade package. - Updated to 20.02.1 with following changes" * Improve job state reason for jobs hitting partition_job_depth. * Speed up testing of singleton dependencies. * Fix negative loop bound in cons_tres. * srun - capture the MPI plugin return code from mpi_hook_client_fini() and use as final return code for step failure. * Fix segfault in cli_filter/lua. * Fix --gpu-bind=map_gpu reusability if tasks > elements. * Make sure config_flags on a gres are sent to the slurmctld on node registration. * Prolog/Epilog - Fix missing GPU information. * Fix segfault when using config parser for expanded lines. * Fix bit overlap test function. * Don't accrue time if job begin time is in the future. * Remove accrue time when updating a job start/eligible time to the future. * Fix regression in 20.02.0 that broke --depend=expand. * Reset begin time on job release if it's not in the future. * Fix for recovering burst buffers when using high-availability. * Fix invalid read due to freeing an incorrectly allocated env array. * Update slurmctld -i message to warn about losing data. * Fix scontrol cancel_reboot so it clears the DRAIN flag and node reason for a pending ASAP reboot. Changes in pdsh: - Bring QA to the package build: add %%check stage - Since the build for the SLE-12 HPC Module got fixed, simplify spec file and remove legacy workarounds. - Remove _multibuild file where not needed. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 12: zypper in -t patch SUSE-SLE-Module-HPC-12-2020-2607=1 Package List: - SUSE Linux Enterprise Module for HPC 12 (aarch64 x86_64): libnss_slurm2_20_02-20.02.3-3.5.1 libnss_slurm2_20_02-debuginfo-20.02.3-3.5.1 libpmi0_20_02-20.02.3-3.5.1 libpmi0_20_02-debuginfo-20.02.3-3.5.1 libslurm35-20.02.3-3.5.1 libslurm35-debuginfo-20.02.3-3.5.1 pdsh-slurm_18_08-2.34-7.26.2 pdsh-slurm_18_08-debuginfo-2.34-7.26.2 pdsh-slurm_20_02-2.34-7.26.2 pdsh-slurm_20_02-debuginfo-2.34-7.26.2 perl-slurm_20_02-20.02.3-3.5.1 perl-slurm_20_02-debuginfo-20.02.3-3.5.1 slurm_20_02-20.02.3-3.5.1 slurm_20_02-auth-none-20.02.3-3.5.1 slurm_20_02-auth-none-debuginfo-20.02.3-3.5.1 slurm_20_02-config-20.02.3-3.5.1 slurm_20_02-config-man-20.02.3-3.5.1 slurm_20_02-debuginfo-20.02.3-3.5.1 slurm_20_02-debugsource-20.02.3-3.5.1 slurm_20_02-devel-20.02.3-3.5.1 slurm_20_02-doc-20.02.3-3.5.1 slurm_20_02-lua-20.02.3-3.5.1 slurm_20_02-lua-debuginfo-20.02.3-3.5.1 slurm_20_02-munge-20.02.3-3.5.1 slurm_20_02-munge-debuginfo-20.02.3-3.5.1 slurm_20_02-node-20.02.3-3.5.1 slurm_20_02-node-debuginfo-20.02.3-3.5.1 slurm_20_02-pam_slurm-20.02.3-3.5.1 slurm_20_02-pam_slurm-debuginfo-20.02.3-3.5.1 slurm_20_02-plugins-20.02.3-3.5.1 slurm_20_02-plugins-debuginfo-20.02.3-3.5.1 slurm_20_02-slurmdbd-20.02.3-3.5.1 slurm_20_02-slurmdbd-debuginfo-20.02.3-3.5.1 slurm_20_02-sql-20.02.3-3.5.1 slurm_20_02-sql-debuginfo-20.02.3-3.5.1 slurm_20_02-sview-20.02.3-3.5.1 slurm_20_02-sview-debuginfo-20.02.3-3.5.1 slurm_20_02-torque-20.02.3-3.5.1 slurm_20_02-torque-debuginfo-20.02.3-3.5.1 References: https://www.suse.com/security/cve/CVE-2016-10030.html https://www.suse.com/security/cve/CVE-2017-15566.html https://www.suse.com/security/cve/CVE-2018-10995.html https://www.suse.com/security/cve/CVE-2018-7033.html https://www.suse.com/security/cve/CVE-2019-12838.html https://www.suse.com/security/cve/CVE-2019-19727.html https://www.suse.com/security/cve/CVE-2019-19728.html https://www.suse.com/security/cve/CVE-2019-6438.html https://www.suse.com/security/cve/CVE-2020-12693.html https://bugzilla.suse.com/1007053 https://bugzilla.suse.com/1018371 https://bugzilla.suse.com/1031872 https://bugzilla.suse.com/1041706 https://bugzilla.suse.com/1065697 https://bugzilla.suse.com/1084125 https://bugzilla.suse.com/1084917 https://bugzilla.suse.com/1085240 https://bugzilla.suse.com/1085606 https://bugzilla.suse.com/1086859 https://bugzilla.suse.com/1088693 https://bugzilla.suse.com/1090292 https://bugzilla.suse.com/1095508 https://bugzilla.suse.com/1100850 https://bugzilla.suse.com/1103561 https://bugzilla.suse.com/1108671 https://bugzilla.suse.com/1109373 https://bugzilla.suse.com/1116758 https://bugzilla.suse.com/1123304 https://bugzilla.suse.com/1140709 https://bugzilla.suse.com/1153095 https://bugzilla.suse.com/1153259 https://bugzilla.suse.com/1155784 https://bugzilla.suse.com/1158696 https://bugzilla.suse.com/1159692 https://bugzilla.suse.com/1161716 https://bugzilla.suse.com/1162377 https://bugzilla.suse.com/1164326 https://bugzilla.suse.com/1164386 https://bugzilla.suse.com/1172004 https://bugzilla.suse.com/1173805 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates |