Mageia alert MGASA-2012-0254 (torque) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0254: torque-2.5.12-1.mga2 (2/core) 
Date:
    	       Tue, 4 Sep 2012 20:33:17 +0200
Message-ID:
    	       <20120904183316.GA28137@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2012-0254
Date: 	September 4th, 2012
Affected releases: 	2


Description:
Updated torque packages fix security vulnerability:

Bartlomiej Balcerek discovered several buffer overflows in TORQUE
server, a PBS-derived batch processing server. This allows an attacker
to crash the service or execute arbitrary code with privileges of the
server via crafted job or host names (CVE-2011-2193).

Additionally, permissions problems that caused pbs_server, pbs_sched,
and pbs_mom to fail to load have been corrected.


Updated Packages:
torque-2.5.12-1.mga2
torque-client-2.5.12-1.mga2
torque-gui-2.5.12-1.mga2
torque-mom-2.5.12-1.mga2
torque-sched-2.5.12-1.mga2
torque-server-2.5.12-1.mga2
lib(64)torque2-2.5.12-1.mga2
lib(64)torque-devel-2.5.12-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2193
http://www.debian.org/security/2011/dsa-2329
https://bugs.mageia.org/show_bug.cgi?id=6082
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)