[ubuntu/vivid-proposed] torque 2.4.16+dfsg-1.5 (Accepted)
Logan Rosen
loganrosen at gmail.com
Mon Nov 17 04:47:45 UTC 2014
torque (2.4.16+dfsg-1.5) unstable; urgency=high
* Non-maintainer upload.
* Add CVE-2014-3684.patch patch.
CVE-2014-3684: Within a TORQUE Resource Manager job, the tm_adopt()
TORQUE library call enables a user-built executable calling tm_adopt()
to adopt any session id (and its child processes) regardless of the
session id owner on any node within a job. When a job that includes the
executable calling tm_adopt() exits, the adopted processes are killed
along with the job processes during normal job cleanup. This can enable
a non-root user to kill processes he doesn't own including root-owned
ones on any node in a job. (Closes: #763922)
Date: 2014-10-26 16:23:52.577797+00:00
Signed-By: Logan Rosen <loganrosen at gmail.com>
https://launchpad.net/ubuntu/+source/torque/2.4.16+dfsg-1.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list