[slurm-announce] Slurm versions 21.08.8 and 20.11.9 are now available (CVE-2022-29500, 29501, 29502)
Tim Wickberg
tim at schedmd.com
Thu May 5 17:43:41 UTC 2022
I wanted to provide some elaboration on the new
CommunicationParameters=block_null_hash option based on initial feedback.
The original email said it was safe to enable after all daemons had been
restarted. Unfortunately that statement was incomplete - the flag can
only be safely enabled after all daemons have been restarted *and* all
currently running jobs have completed.
The new maintenance releases - with or without this new option enabled -
do fix the reported issues. The option is not required to secure your
system.
This option provides an additional - redundant - layer of security
within the cluster, and we do encourage sites to enable it at their
earliest convenience, but only after currently running jobs (with an
associated unpatched slurmstepd process) have all completed.
- Tim
More information about the slurm-announce
mailing list