[QSA-0917193] slurmdbd vulnerability
Qlustar Security Advisory 0917193
Sept 17th, 2019
slurmdbd is vulnerable to SQL injection..
Package(s) : slurmdbd Qlustar releases : 11.0 Affected versions: All versions prior to this update Vulnerability : data integrity Problem type : network Qlustar-specific : no CVE Id(s) : CVE-2019-12838
Relevant to Qlustar 11.0
This update fixes a SQL injection in slurmdbd.
The problem can be corrected by updating your system to the following Qlustar package versions (follow the Qlustar Update Instructions):
Note that the new package needs to be installed only on the head-node(s). After installing the new package, restart slurmdbd as follows:
$ service slurmdbd restart