Hi Chris, Thank you for the update(s). It is what it is - right ?
_____________________________________________________________________________________________________ Eric F. Alemany System Administrator for Research Division of Radiation & Cancer Biology Department of Radiation Oncology Stanford University School of Medicine Stanford, California 94305 Tel:1-650-498-7969<tel:1-650-498-7969> No Texting Fax:1-650-723-7382<tel:1-650-723-7382> On Apr 25, 2018, at 5:03 PM, Christopher Samuel <ch...@csamuel.org<mailto:ch...@csamuel.org>> wrote: On 26/04/18 09:58, Christopher Samuel wrote: Most importantly you will want to be sure that they have backported the patch to close CVE-2018-7033 (fixed in 17.11.5). Went and found their sources, there is no mention of this being fixed in the proposed version, so it seems that bionic will ship Slurm with this CVE unpatched. :-( According to: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7033.html it is listed as still "needs triage". Also unfixed in any Debian release too. https://security-tracker.debian.org/tracker/CVE-2018-7033 cheers, Chris -- Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
