Updated torque packages fix CVE-2013-4495
Publication date: 18 Nov 2013Modification date: 18 Nov 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4495
Description
Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbs_server (CVE-2013-4495).
References
SRPMS
2/core
- torque-2.5.12-1.2.mga2
3/core
- torque-4.1.5.1-1.2.mga3