[slurm-announce] Slurm versions 17.11.13 and 18.08.5 are now available (CVE-2019-6438)

Tim Wickberg tim at schedmd.com
Wed Jan 30 19:11:27 UTC 2019

Slurm versions 17.11.13 and 18.08.5 are now available, and include a 
series of recent bug fixes, as well as a fix for a security 
vulnerability (CVE-2019-6438) on 32-bit systems. We believe that 64-bit 
builds - the overwhelming majority of installations - of Slurm are not 
affected by this issue.

Downloads are available at https://www.schedmd.com/downloads.php .

While fixes are only available for the supported 17.11 and 18.08 
releases, similar vulnerabilities affect 32-bit builds on past versions 
as well. The only resolution is to upgrade Slurm to a fixed release.

SchedMD customers were informed on January 16th and provided a patch on 
request; this process is documented in our security policy [1].

Release notes follow below.

- Tim

[1] https://www.schedmd.com/security.php

Tim Wickberg
Chief Technology Officer, SchedMD LLC
Commercial Slurm Development and Support

More information about the slurm-announce mailing list