*** This bug is a security vulnerability *** Public security bug reported:
An unescaped string makes an SQL injection possible in slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0. See the links in the CVE page for more details. Upstream fix: https://github.com/SchedMD/slurm/commit/afa7d743f407c60a7c8a4bd98a10be32c82988b5 ** Affects: slurm-llnl (Ubuntu) Importance: High Status: New ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12838 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1845158 Title: Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/slurm-llnl/+bug/1845158/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
