Slurm versions 17.11.13 and 18.08.5 are now available, and include a
series of recent bug fixes, as well as a fix for a security
vulnerability (CVE-2019-6438) on 32-bit systems. We believe that 64-bit
builds - the overwhelming majority of installations - of Slurm are not
affected by this issue.
Downloads are available at https://www.schedmd.com/downloads.php .
While fixes are only available for the supported 17.11 and 18.08
releases, similar vulnerabilities affect 32-bit builds on past versions
as well. The only resolution is to upgrade Slurm to a fixed release.
SchedMD customers were informed on January 16th and provided a patch on
request; this process is documented in our security policy [1].
Release notes follow below.
- Tim
[1] https://www.schedmd.com/security.php
--
Tim Wickberg
Chief Technology Officer, SchedMD LLC
Commercial Slurm Development and Support
