[Git][security-tracker-team/security-tracker][master] CVE-2020-27746/slurm-llnl: stretch not-affected

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f5e350d by Sylvain Beucler at 2022-01-12T17:14:17+01:00
CVE-2020-27746/slurm-llnl: stretch not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84132,11 +84132,12 @@ CVE-2020-27746 (Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive I
 	{DSA-4841-1}
 	- slurm-wlm <not-affected> (Fixed with first upload to Debian with renamed source package)
 	- slurm-llnl <removed> (bug #974722)
-	[stretch] - slurm-llnl <no-dsa> (Minor issue)
+	[stretch] - slurm-llnl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.schedmd.com/news.php?id=240
 	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html
 	NOTE: https://github.com/SchedMD/slurm/commit/07309deb45c33e735e191faf9dd31cca1054a15c
 	NOTE: slurm-wlm/20.02.6-1 changed the source package name and included the fix
+	NOTE: Introduced by: https://github.com/SchedMD/slurm/commit/e3140b7f8d96ced9dc85089caa65dd7c6be396fd (slurm-17-11-0-0rc1)
 CVE-2020-27745 (Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflo ...)
 	{DSA-4841-1}
 	- slurm-wlm <not-affected> (Fixed with first upload to Debian with renamed source package)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f5e350d919f789454ab7825b0a28347b8d62a31

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f5e350d919f789454ab7825b0a28347b8d62a31
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220112/94d3c488/attachment.htm>