Your message dated Tue, 20 May 2025 21:34:28 +0000
with message-id <e1uhubu-00cbwi...@fasolo.debian.org>
and subject line Bug#1104929: fixed in slurm-wlm 24.11.5-1
has caused the Debian Bug report #1104929,
regarding slurm-wlm: CVE-2025-4390
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1104929: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104929
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: slurm-wlm
Version: 24.11.3-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for slurm-wlm.
CVE-2025-4390[0]:
| A mistake with permission handling for Coordinators within Slurm's
| accounting system can allow a Coordinator to promote a user to
| Administrator.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-4390
https://www.cve.org/CVERecord?id=CVE-2025-4390
[1]
https://lists.schedmd.com/mailman3/hyperkitty/list/slurm-annou...@lists.schedmd.com/message/B73QHKW6TKE2T5KDWVPIWNE5H4KWX667/
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: slurm-wlm
Source-Version: 24.11.5-1
Done: Gennaro Oliva <ol...@debian.org>
We believe that the bug you reported is fixed in the latest version of
slurm-wlm, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1104...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gennaro Oliva <ol...@debian.org> (supplier of updated slurm-wlm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 20 May 2025 10:30:14 +0200
Source: slurm-wlm
Architecture: source
Version: 24.11.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian HPC Team <debian-...@lists.debian.org>
Changed-By: Gennaro Oliva <ol...@debian.org>
Closes: 1104929
Changes:
slurm-wlm (24.11.5-1) unstable; urgency=medium
.
* New upstream release fix CVE-2025-4390 (Closes: #1104929)
Checksums-Sha1:
d903f6b18fac14b0a1de05f10bf081092046360b 5413 slurm-wlm_24.11.5-1.dsc
ee73999cd33002a5275ceb56c90874abc281a327 9907599 slurm-wlm_24.11.5.orig.tar.gz
3f5a5aa33077413e158d564ad6eea3a9dc8d85ac 137756
slurm-wlm_24.11.5-1.debian.tar.xz
e55a1563ab7ecd63d2354eede31442dc419010b1 33849
slurm-wlm_24.11.5-1_amd64.buildinfo
Checksums-Sha256:
4339173e06ea6fc7bcb5855d09109bd798f3077964208e15932739ebc944f90a 5413
slurm-wlm_24.11.5-1.dsc
e1a5547edd212c38b5e3230a284133f777b32746551f094aaa81cc4af375e332 9907599
slurm-wlm_24.11.5.orig.tar.gz
c9145b99c3a613eca6014f1c6fc7c24da136ce9e0e980649aac41f986892f939 137756
slurm-wlm_24.11.5-1.debian.tar.xz
40a9fd9b347d720c6edd579d788fcbc1e9d52ff350c636440033746ea5a67e90 33849
slurm-wlm_24.11.5-1_amd64.buildinfo
Files:
fdafcd2d5a89b3d45c0c4a3c151d86fb 5413 admin optional slurm-wlm_24.11.5-1.dsc
4059b2f58afe4b9494be08b1f1195e4c 9907599 admin optional
slurm-wlm_24.11.5.orig.tar.gz
96b3b249fb5be8a2f7475f1827bb893a 137756 admin optional
slurm-wlm_24.11.5-1.debian.tar.xz
85d2560e342794ac861ed923be979b5f 33849 admin optional
slurm-wlm_24.11.5-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEE6zNF9WRBuLgad5h2ffpBrZYZhdcFAmgs6McRHG9saXZhQGRl
Ymlhbi5vcmcACgkQffpBrZYZhdce1xAAgjskyKLwdWbJo2jKgNP4d3+gqEOKmOo+
Cf7vCTM925Tm5BtZtEDixz+lsXS0VPsxu/HrNJYd4CJpOvLHPidF8Ji2LqgibfQZ
8JYhKGHv/Kf3DgnwPz/Wl/ZMjSCMJChIE6x2swfXeSUsLWgSj8QsR1qCu5NK1yqk
Fb1oDSW6AHBkig7mwK+1m6MZXS0SO0bmDwsCOfaaGtZG3YZQpCw7aflucTW5Qrtq
kxSMMJYTL2q3OElbEH7Og+pyob8gRlNFF+YDtYY2gNejbw9bq1EK4sAQI2coVtnM
VJP7263SJ2axbaDHASJGRrXxaRGfJRty9kAWwc2kjxPiA1SA4WK1XDW0gNnValUl
PD37XCFNnTyk2DnG5NS1vfjLZU6yY7160sRE+tnSew68y3VAQ7mdIr5ty0f7Uka0
WmwZgx72lMHXpIyM1g29a2c7h4WwKequT/a4KXcjj0h5WF/lI9zFMEga1NBZTwmW
xwwpUEamkVDNBPTcutvLpaWZIIrCNE0E9YJO67dBDIjAPu+40EBqr+R1ep2J/Pxj
yQ781nAHDxw2/E0ywRsCAaEDu3IlyMCxq6CFg5TMF+oOS0skZZigJRa38FJ5uN0n
i1ly3hdltbuDeCtCsn6UraBKepqgmPSZigzy3ow5PHOODE7YY72nMaIATvmOQyhs
5mTpPTbh0Yw=
=Y2A8
-----END PGP SIGNATURE-----
pgp6rVy4v7joX.pgp
Description: PGP signature
--- End Message ---
