Fedora EPEL 4 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sun Dec 4 20:01:20 UTC 2011 

The following Fedora EPEL 4 Security updates need testing:



The following builds have been pushed to Fedora EPEL 4 updates-testing

    torque-2.5.7-7.el4

Details about builds:


================================================================================
 torque-2.5.7-7.el4 (FEDORA-EPEL-2011-5160)
 Tera-scale Open-source Resource and QUEue manager
--------------------------------------------------------------------------------
Update Information:

Fixes a potential segfault in pbs_server.

This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.

In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.

This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.

In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.

This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.

In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.

--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec  3 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-7
- Add torque-2.5.7-rhbz#759141-r5167-pbs_server-crash.patch
- torque clients require munge, e.g qsub.
* Mon Nov 21 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-6
- Add torque-rhbz#758740-r5258-dis-close.patch and
  torque-rhbz#758740-r5270-dis-array.patch
* Mon Nov 21 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-5
- Add  torque-fix-munge-rhbz#752079-PTII.patch
* Thu Nov 17 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-4
- Empty release for release mistake.
* Thu Nov 17 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-3
- Add torque-fix-munge-rhbz#752079.patch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #759141 - pbs_server crash on 'pbsnodes' from client without munge
        https://bugzilla.redhat.com/show_bug.cgi?id=759141
  [ 2 ] Bug #752079 - Torque and Munge impersonation vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=752079
  [ 3 ] Bug #758740 - torque 2.5.7 memory leak.
        https://bugzilla.redhat.com/show_bug.cgi?id=758740
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list