Test ID:	1.3.6.1.4.1.25623.1.0.852068
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for slurm (openSUSE-SU-2018:1955-1)
Summary:	The remote host is missing an update for the 'slurm'; package(s) announced via the openSUSE-SU-2018:1955-1 advisory.
Description:	Summary: The remote host is missing an update for the 'slurm' package(s) announced via the openSUSE-SU-2018:1955-1 advisory. Vulnerability Insight: This update for slurm to version 17.11.7 fixes the following issues: This security issue was fixed: - CVE-2018-10995: Ensure correct handling of user names and group ids (bsc#1095508). These non-security issues were fixed: - CRAY - Add slurmsmwd to the contribs/cray dir - PMIX - Added the direct connect authentication. - Prevent the backup slurmctld from losing the active/available node features list on takeover. - Be able to force power_down of cloud node even if in power_save state. - Allow cloud nodes to be recognized in Slurm when booted out of band. - Notify srun and ctld when unkillable stepd exits. - Fixes daemoniziation in newly introduced slurmsmwd daemon. The following tracked packaging changes are included: - avoid postun error in libpmi0 (bsc#1100850) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-729=1 Affected Software/OS: slurm on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10995
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.