FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

slurm -- insecure handling of user_name and gid fields

Affected packages
slurm-wlm < 17.02.11


VuXML ID 3a66cb69-716f-11e8-be54-3085a9a47796
Discovery 2018-05-30
Entry 2018-06-16

SchedMD reports:

Insecure handling of user_name and gid fields (CVE-2018-10995)

While fixes are only available for the supported 17.02 and 17.11 releases, it is believed that similar vulnerabilities do affect past versions as well. The only resolution is to upgrade Slurm to a fixed release.