Nom du paquet
torque
Date
2013-11-19
Advisory ID
MDVSA-2013:268
Affected versions
MBS1 x86_64

Problem description

Updated torque packages fix security vulnerability:

A user could submit executable shell commands on the tail of what is
passed with the -M switch for qsub. This was later passed to a pipe,
making it possible for these commands to be executed as root on the
pbs_server (CVE-2013-4495).

Updated packages

MBS1 x86_64

 6f3908db1a327f6db92892fc3a943aac  mbs1/x86_64/lib64torque2-4.1.5.1-1.1.mbs1.x86_64.rpm
 5cd92b8a3236fd94d8df07fbcdd696a2  mbs1/x86_64/lib64torque-devel-4.1.5.1-1.1.mbs1.x86_64.rpm
 ace886ceb50a0c23088f74b8e9b04f17  mbs1/x86_64/torque-4.1.5.1-1.1.mbs1.x86_64.rpm
 650ac91d9256061f7356b4d383669cf5  mbs1/x86_64/torque-client-4.1.5.1-1.1.mbs1.x86_64.rpm
 e5357ae4db5fe19096f9ce6a8f101b43  mbs1/x86_64/torque-gui-4.1.5.1-1.1.mbs1.x86_64.rpm
 63f0d5a32e0b903ab48a27f43cc28158  mbs1/x86_64/torque-mom-4.1.5.1-1.1.mbs1.x86_64.rpm
 47b5857882d5ea5870ece99f22cf6508  mbs1/x86_64/torque-sched-4.1.5.1-1.1.mbs1.x86_64.rpm
 cf173f08c5a4c6219e2d8b03cc7ab1ab  mbs1/x86_64/torque-server-4.1.5.1-1.1.mbs1.x86_64.rpm 
 c2f38649a61e45132bc6b85b591fc21e  mbs1/SRPMS/torque-4.1.5.1-1.1.mbs1.src.rpm

References