On 26/04/18 09:58, Christopher Samuel wrote:
Most importantly you will want to be sure that they have backported the
patch to close CVE-2018-7033 (fixed in 17.11.5).
Went and found their sources, there is no mention of this being fixed
in the proposed version, so it seems that bionic will ship Slurm with
this CVE unpatched. :-(
According to:
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7033.html
it is listed as still "needs triage".
Also unfixed in any Debian release too.
https://security-tracker.debian.org/tracker/CVE-2018-7033
cheers,
Chris
--
Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
