User: Password:
|
|
Subscribe / Log in / New account

Mageia alert MGASA-2013-0327 (torque)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2013-0327: Updated torque packages fix CVE-2013-4495
Date:  Mon, 18 Nov 2013 15:41:50 +0100
Message-ID:  <20131118144150.A0CE648C04@valstar.mageia.org>
Archive-link:  Article, Thread

MGASA-2013-0327 - Updated torque packages fix CVE-2013-4495 Publication date: 18 Nov 2013 URL: http://advisories.mageia.org/MGASA-2013-0327.html Type: security Affected Mageia releases: 2, 3 CVE: CVE-2013-4495 Description: Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbs_server (CVE-2013-4495). References: - http://www.supercluster.org/pipermail/torqueusers/2013-No... - http://www.debian.org/security/2013/dsa-2796 - https://bugs.mageia.org/show_bug.cgi?id=11670 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4495 SRPMS: - 3/core/torque-4.1.5.1-1.2.mga3 - 2/core/torque-2.5.12-1.2.mga2


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds