The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2025:0661-1 advisory. slurm was updated to version 24.11.1 using package slurm_24_11: – Security issues fixed: * CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs (bsc#1236722) * CVE-2024-42511: Fixed vulnerability with switch plugins where a user could override the isolation between Slingshot VNIs or IMEX channels (bsc#1236726) – Important remarks: * Slurm can be upgraded from version 23.02, 23.11 or 24.05 to version 24.11 without loss of jobs or other state information. Upgrading directly from an earlier version of Slurm will result in loss of state information. * If using the `slurmdbd` (Slurm DataBase Daemon) you must update this first. * The 24.11 `slurmdbd` will work with Slurm daemons of version 23.02 and above. You will not need to update all clusters at the same time, but it is very important to update `slurmdbd` first and having it running before updating any other clusters making use of it. * If using a backup DBD you must start the primary first to do any database conversion, the backup will not start until this has happened. * All SPANK plugins must be recompiled when upgrading from any Slurm version prior to 24.11. – Highlights of changes: *…Read More