** Description changed: An unescaped string makes an SQL injection possible in slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0. See the links in the CVE page for more details. + The Debian bug is severity: grave and caused the package removal from + Debian testing and Ubuntu Eoan. + Upstream fix: https://github.com/SchedMD/slurm/commit/afa7d743f407c60a7c8a4bd98a10be32c82988b5
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1845158 Title: Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/slurm-llnl/+bug/1845158/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
