2019-09-24 08:32:33 |
Paride Legovini |
bug |
|
|
added bug |
2019-09-24 08:33:00 |
Paride Legovini |
cve linked |
|
2019-12838 |
|
2019-09-24 08:45:20 |
Paride Legovini |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931880 |
|
2019-09-24 08:45:20 |
Paride Legovini |
bug task added |
|
slurm-llnl (Debian) |
|
2019-09-24 08:50:27 |
Paride Legovini |
description |
An unescaped string makes an SQL injection possible in slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0. See the links in the CVE page for more details.
Upstream fix: https://github.com/SchedMD/slurm/commit/afa7d743f407c60a7c8a4bd98a10be32c82988b5 |
An unescaped string makes an SQL injection possible in slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0. See the links in the CVE page for more details.
The Debian bug is severity: grave and caused the package removal from Debian testing and Ubuntu Eoan.
Upstream fix: https://github.com/SchedMD/slurm/commit/afa7d743f407c60a7c8a4bd98a10be32c82988b5 |
|
2019-09-24 09:59:56 |
Bug Watch Updater |
slurm-llnl (Debian): status |
Unknown |
Confirmed |
|
2019-10-18 11:29:52 |
Bug Watch Updater |
slurm-llnl (Debian): status |
Confirmed |
Fix Released |
|
2019-10-18 11:53:45 |
Marc Deslauriers |
tags |
|
community-security |
|
2019-11-15 18:01:57 |
dann frazier |
nominated for series |
|
Ubuntu Disco |
|
2019-11-15 18:01:57 |
dann frazier |
bug task added |
|
slurm-llnl (Ubuntu Disco) |
|
2019-11-15 18:01:57 |
dann frazier |
nominated for series |
|
Ubuntu Bionic |
|
2019-11-15 18:01:57 |
dann frazier |
bug task added |
|
slurm-llnl (Ubuntu Bionic) |
|
2019-11-15 18:02:06 |
dann frazier |
slurm-llnl (Ubuntu): status |
New |
Fix Released |
|
2019-11-15 18:02:13 |
dann frazier |
nominated for series |
|
Ubuntu Focal |
|
2019-11-15 18:02:13 |
dann frazier |
bug task added |
|
slurm-llnl (Ubuntu Focal) |
|
2020-07-02 19:58:05 |
Steve Langasek |
slurm-llnl (Ubuntu Disco): status |
New |
Won't Fix |
|