Accepting request 976280 from network:cluster

- Add a comment about the CommunicationParameters=block_null_hash option warning users who migrate - just in case. - Update to 21.08.8 which fixes CVE-2022-29500 (bsc#1199278), CVE-2022-29501 (bsc#1199279), and CVE-2022-29502 (bsc#1199281). OBS-URL: https://build.opensuse.org/request/show/976280 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/slurm?expand=0&rev=72
2022-05-12 20:59:35 +00:00 · 2022-05-12 20:59:35 +00:00 · 737b47d2be
commit 737b47d2be
parent 62db1261ed a07f819c2f
2 changed files with 10 additions and 2 deletions
--- a/slurm.changes
+++ b/slurm.changes
@ -1,8 +1,14 @@
+-------------------------------------------------------------------
+Tue May 10 10:26:02 UTC 2022 - Egbert Eich <eich@suse.com>
+
+- Add a comment about the CommunicationParameters=block_null_hash
+  option warning users who migrate - just in case.
+
 -------------------------------------------------------------------
 Fri May  6 09:33:34 UTC 2022 - Christian Goll <cgoll@suse.com>

- Update to 21.08.8 which fixes CVE-2022-29500, CVE-2022-29501
-  and CVE-2022-29502
+- Update to 21.08.8 which fixes CVE-2022-29500 (bsc#1199278),
+  CVE-2022-29501 (bsc#1199279), and CVE-2022-29502 (bsc#1199281).
 - Added 'CommunicationParameters=block_null_hash' to slurm.conf, please
  add this parameter to existing configurations.

--- a/slurm.spec
+++ b/slurm.spec
@ -651,6 +651,8 @@ sed -i -e '/^ControlMachine=/i# Ordered List of Control Nodes' \
    -e '/.*BackupAddr=.*/d'  %{buildroot}/%{_sysconfdir}/%{pname}/slurm.conf
 cat >>%{buildroot}/%{_sysconfdir}/%{pname}/slurm.conf <<EOF
 # Potential exploit mitigation CVE-2022-29500
+# When upgrading from a version without this fix
+# enable only after all daemons have been upgraded
 CommunicationParameters=block_null_hash
 # SUSE default configuration
 PropagateResourceLimitsExcept=MEMLOCK