[Git][security-tracker-team/security-tracker][master] Mark for now slurm-wlm in bullseye as postponed

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f5b70b4 by Salvatore Bonaccorso at 2023-10-19T15:41:08+02:00
Mark for now slurm-wlm in bullseye as postponed

The patch is quite intrusive, it was more important to address
CVE-2023-41914 for bookworm. Upstream does not provide support for older
versions of Slurm. Mark it for now as postponed, a DSA might be
warranted but need to do some substantial work.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -711,6 +711,7 @@ CVE-2023-35024 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19
 CVE-2023-41914
 	{DSA-5529-1}
 	- slurm-wlm 23.02.6-1
+	[bullseye] - slurm-wlm <postponed> (Very intrusive patch and upstream does not release patches for unsupported versions)
 	- slurm-llnl <removed>
 	NOTE: https://groups.google.com/g/slurm-users/c/N9WHFVefSHA
 	NOTE: slurm-wlm-contrib also changed, but actual security issue is in slurm-wlm



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f5b70b4864a16ebe4f98be96313ac8fd1cf21f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f5b70b4864a16ebe4f98be96313ac8fd1cf21f1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231019/6b209953/attachment-0001.htm>