forked from pool/slurm
Accepting request 1137045 from network:cluster
- Update to 23.02.6 to fix (CVE-2023-49933 - bsc#1218046, CVE-2023-49935 -
bsc#1218049, CVE-2023-49936 - bsc#1218050, CVE-2023-49937 - bsc#1218051,
CVE-2023-49938 - bsc#1218053)
* Security Fixes:
+ Add `JobAcctGatherParams=DisableGPUAcct` to disable gpu accounting.
+ `acct_gather_energy/ipmi` - Improve logging of DCMI issues.
+ `gpu/oneapi` - Add support for new env vars `ZE_FLAT_DEVICE_HIERARCHY`
and `ZE_ENABLE_PCI_ID_DEVICE_ORDER`.
+ `data_parser/v0.0.39` - skip empty string when parsing QOS ids.
+ Remove error message from `assoc_mgr_update_assocs` when purposefully
resetting the default QOS.
* Bug Fixes:
+ `libslurm_nss` - Avoid causing glibc to assert due to an unexpected
return from slurm_nss due to an error during lookup.
+ Fix job requests with `--tres-per-task` sometimes resulting in bad
allocations that cannot run subsequent job steps.
+ Fix issue with `slurmd` where `srun` fails to be warned when a node
prolog script runs beyond `MsgTimeout` set in `slurm.conf`.
+ `gres/shard` - Fix plugin functions to have matching parameter orders.
+ `gpu/nvml` - Fix issue that resulted in the wrong MIG devices being
constrained to a job
+ `gpu/nvml` - Fix linking issue with MIGs that prevented multiple MIGs
being used in a single job for certain MIG configurations
+ Fix file descriptor leak in slurmd when using `acct_gather_energy/ipmi`
with DCMI devices.
+ `sview` - avoid crash when job has a node list string > 49 characters.
+ Prevent `slurmctld` crash during reconfigure when packing job start
messages.
+ Preserve reason uid on reconfig.
+ Update node reason with updated `INVAL` state reason if different from (forwarded request 1136624 from eeich)
OBS-URL: https://build.opensuse.org/request/show/1137045
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/slurm?expand=0&rev=102
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
1f813cb386
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4a5cbc19228c324aea267266e49b034a12529f20052edb5cbd63599a431e3f23
|
||||
size 7444926
|
||||
3
slurm-23.02.7.tar.bz2
Normal file
3
slurm-23.02.7.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:eba6db8990abf40402d8e30d8706a7ddd0560e0e307c567f0fb72f1c8a522078
|
||||
size 7447239
|
||||
@ -1,3 +1,72 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 3 10:45:48 UTC 2024 - Egbert Eich <eich@suse.com>
|
||||
|
||||
- Update to 23.02.6 to fix (CVE-2023-49933 - bsc#1218046, CVE-2023-49935 -
|
||||
bsc#1218049, CVE-2023-49936 - bsc#1218050, CVE-2023-49937 - bsc#1218051,
|
||||
CVE-2023-49938 - bsc#1218053)
|
||||
* Security Fixes:
|
||||
+ Add `JobAcctGatherParams=DisableGPUAcct` to disable gpu accounting.
|
||||
+ `acct_gather_energy/ipmi` - Improve logging of DCMI issues.
|
||||
+ `gpu/oneapi` - Add support for new env vars `ZE_FLAT_DEVICE_HIERARCHY`
|
||||
and `ZE_ENABLE_PCI_ID_DEVICE_ORDER`.
|
||||
+ `data_parser/v0.0.39` - skip empty string when parsing QOS ids.
|
||||
+ Remove error message from `assoc_mgr_update_assocs` when purposefully
|
||||
resetting the default QOS.
|
||||
* Bug Fixes:
|
||||
+ `libslurm_nss` - Avoid causing glibc to assert due to an unexpected
|
||||
return from slurm_nss due to an error during lookup.
|
||||
+ Fix job requests with `--tres-per-task` sometimes resulting in bad
|
||||
allocations that cannot run subsequent job steps.
|
||||
+ Fix issue with `slurmd` where `srun` fails to be warned when a node
|
||||
prolog script runs beyond `MsgTimeout` set in `slurm.conf`.
|
||||
+ `gres/shard` - Fix plugin functions to have matching parameter orders.
|
||||
+ `gpu/nvml` - Fix issue that resulted in the wrong MIG devices being
|
||||
constrained to a job
|
||||
+ `gpu/nvml` - Fix linking issue with MIGs that prevented multiple MIGs
|
||||
being used in a single job for certain MIG configurations
|
||||
+ Fix file descriptor leak in slurmd when using `acct_gather_energy/ipmi`
|
||||
with DCMI devices.
|
||||
+ `sview` - avoid crash when job has a node list string > 49 characters.
|
||||
+ Prevent `slurmctld` crash during reconfigure when packing job start
|
||||
messages.
|
||||
+ Preserve reason uid on reconfig.
|
||||
+ Update node reason with updated `INVAL` state reason if different from
|
||||
last registration.
|
||||
+ `conmgr` - Avoid NULL dereference when using `auth/none`.
|
||||
+ `data_parser/v0.0.39` - Fixed how deleted QOS and associations for jobs
|
||||
are dumped.
|
||||
+ `burst_buffer/lua` - fix stage in counter not decrementing when a job is
|
||||
cancelled during stage in. This counter is used to enforce the limit of
|
||||
128 scripts per stage.
|
||||
+ `data_parser/v0.0.39` - Fix how the `INVALID` nodes state is dumped.
|
||||
+ `data_parser/v0.0.39` - Fix parsing of flag arrays to allow muliple
|
||||
flags to be set.
|
||||
+ Avoid leaking sockets when an x11 application is closed in an allocation.
|
||||
+ Fix missing mutex unlock in group cache code which could cause slurmctld
|
||||
to freeze.
|
||||
+ Fix scrontab monthly jobs possibly skipping a month if added near the
|
||||
end of the month.
|
||||
+ Fix loading of the gpu account gather energy plugin.
|
||||
+ Fix `slurmctld` segfault when reconfiguring after a job resize.
|
||||
+ Fix crash in slurmstepd that can occur when launching tasks via mpi using
|
||||
the `pmi2` plugin and using the `route/topology` plugin.
|
||||
+ Fix `qos <id> doesn't exist` error message in `assoc_mgr_update_assocs`
|
||||
to print the attempted new default qos, rather than the current default
|
||||
qos.
|
||||
+ `data_parser/v0.0.39` - Fix segfault when POSTing data with association
|
||||
usage.
|
||||
* Other Changes and Improvements:
|
||||
+ Prevent message extension attacks that could bypass the message hash.
|
||||
CVE-2023-49933.
|
||||
+ Prevent message hash bypass in slurmd which can allow an attacker to
|
||||
reuse root-level MUNGE tokens and escalate permissions. CVE-2023-49935.
|
||||
+ Prevent NULL pointer dereference on `size_valp` overflow. CVE-2023-49936.
|
||||
+ Prevent double-xfree() on error in `_unpack_node_reg_resp()`.
|
||||
CVE-2023-49937.
|
||||
+ Prevent modified `sbcast` RPCs from opening a file with the wrong group
|
||||
permissions. CVE-2023-49938.
|
||||
- Fix %do_obsoletes macro expansion to work with SLE-12.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 30 18:52:44 UTC 2023 - Egbert Eich <eich@suse.com>
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -19,7 +19,7 @@
|
||||
# Check file META in sources: update so_version to (API_CURRENT - API_AGE)
|
||||
%define so_version 39
|
||||
# Make sure to update `upgrades` as well!
|
||||
%define ver 23.02.6
|
||||
%define ver 23.02.7
|
||||
%define _ver _23_02
|
||||
#%%define rc_v 0rc1
|
||||
%define dl_ver %{ver}
|
||||
@ -92,7 +92,7 @@ Conflicts: %{*} >= %{ver_m}.99 }
|
||||
|
||||
%define upgrade_dep() %{?upgrade: #
|
||||
Provides: %{*} = %{version}
|
||||
%{do_obsoletes %{*}}
|
||||
%{expand:%%do_obsoletes %{*}}
|
||||
Conflicts: %{*} }
|
||||
|
||||
%if 0%{?suse_version} >= 1500
|
||||
@ -405,8 +405,6 @@ Requires: libpmix%{pmix_so}
|
||||
Requires: pmix
|
||||
%endif
|
||||
Requires: %{name}-config = %{version}
|
||||
# This may be removed once older versions have all been fixed.
|
||||
%{base_conflicts %{pname}-sview}
|
||||
|
||||
%description plugins
|
||||
This package contains the SLURM plugins (loadable shared objects)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user