[slurm-announce] Slurm versions 21.08.8 and 20.11.9 are now available (CVE-2022-29500, 29501, 29502)

Tim Wickberg tim at schedmd.com
Thu May 5 17:43:41 UTC 2022


I wanted to provide some elaboration on the new 
CommunicationParameters=block_null_hash option based on initial feedback.

The original email said it was safe to enable after all daemons had been 
restarted. Unfortunately that statement was incomplete - the flag can 
only be safely enabled after all daemons have been restarted *and* all 
currently running jobs have completed.

The new maintenance releases - with or without this new option enabled - 
do fix the reported issues. The option is not required to secure your 
system.

This option provides an additional - redundant - layer of security 
within the cluster, and we do encourage sites to enable it at their 
earliest convenience, but only after currently running jobs (with an 
associated unpatched slurmstepd process) have all completed.

- Tim



More information about the slurm-announce mailing list