[slurm-announce] Slurm versions 17.11.13 and 18.08.5 are now available (CVE-2019-6438)

Tim Wickberg tim at schedmd.com
Wed Jan 30 19:16:41 UTC 2019

Forgot to attach the release notes, they are included below for reference:

> * Changes in Slurm 18.08.5
> ==========================
>  -- Backfill - If a job has a time_limit guess the end time of a job better
>     if OverTimeLimit is Unlimited.
>  -- Fix "sacctmgr show events event=cluster"
>  -- Fix sacctmgr show runawayjobs from sibling cluster
>  -- Avoid bit offset of -1 in call to bit_nclear().
>  -- Insure that "hbm" is a configured GresType on knl systems.
>  -- Fix NodeFeaturesPlugins=node_features/knl_generic to allow other gres
>     other than knl.
>  -- cons_res: Prevent overflow on multiply.
>  -- Better debug for bad values in gres.conf.
>  -- Fix double accounting of energy at end of job.
>  -- Read gres.conf for cloud nodes on slurmctld.
>  -- Don't assume the first node of a job is the batch host when purging jobs
>     from a node.
>  -- Better debugging when a job doesn't have a job_resrcs ptr.
>  -- Store ave watts in energy plugins.
>  -- Add XCC plugin for reading Lenovo Power.
>  -- Fix minor memory leak when scheduling rebootable nodes.
>  -- Fix debug2 prefix for sched log.
>  -- Fix printing correct SLURM_JOB_ACCOUNT_PACK_GROUP_* in env for a Het Job.
>  -- sbatch - search current working directory first for job script.
>  -- Make it so held jobs reset the AccrueTime and do not count against any
>     AccrueTime limits.
>  -- Add SchedulerParameters option of bf_hetjob_prio=[min|avg|max] to alter the
>     job sorting algorithm for scheduling heterogeneous jobs.
>  -- Fix initialization of assoc_mgr_locks and slurmctld_locks lock structures.
>  -- Fix segfault with job arrays using X11 forwarding.
>  -- Revert regression caused by e0ee1c7054 which caused negative values and
>     values starting with a decimal to be invalid for PriorityWeightTRES and
>     TRESBillingWeight.
>  -- Fix possibility to update a job's reservation to none.
>  -- Suppress connection errors to primary slurmdbd when backup dbd is active.
>  -- Suppress connection errors to primary db when backup db kicks in
>  -- Add missing fields for sacct --completion when using jobcomp/filetxt.
>  -- Fix incorrect values set for UserCPU, SystemCPU, and TotalCPU sacct fields
>     when JobAcctGatherType=jobacct_gather/cgroup.
>  -- Fixed srun from double printing invalid option msg twice.
>  -- Remove unused -b flag from getopt call in sbatch.
>  -- Disable reporting of node TRES in sreport.
>  -- Re-enabling features combined by OR within parenthesis for non-knl setups.
>  -- Prevent sending duplicate requests to reboot a node before ResumeTimeout.
>  -- Down nodes that don't reboot by ResumeTimeout.
>  -- Update seff to reflect API change from rss_max to tres_usage_in_max.
>  -- Add missing TRES constants from perl API.
>  -- Fix issue where sacct would return incorrect array tasks when querying
>     specific tasks.
>  -- Add missing variables to slurmdb_stats_t in the perlapi.
>  -- Fix nodes not getting reboot RPC when job requires reboot of nodes.
>  -- Fix failing update the partition list of a job.
>  -- Use slurm.conf gres ids instead of gres.conf names to get a gres type name.
>  -- Add mitigation for a potential heap overflow on 32-bit systems in xmalloc.
>     CVE-2019-6438.

> * Changes in Slurm 17.11.13
> ===========================
>  -- Add mitigation for a potential heap overflow on 32-bit systems in xmalloc.
>     CVE-2019-6438.

More information about the slurm-announce mailing list