stable

openmpi-4.1.4-9.fc38, pmix-4.1.3-1.fc38, & 2 more

FEDORA-2023-d6dbdf62ad created by salimma 2 years ago for Fedora 38

Security fix for CVE-2023-41915

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-d6dbdf62ad

This update has been submitted for testing by salimma.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon orion commented & provided feedback 2 years ago
karma

This breaks ABI:

[f38:12081] mca_base_component_repository_open: unable to open mca_pmix_ext3x: /usr/lib64/openmpi/lib/openmpi/mca_pmix_ext3x.so: undefined symbol: pmix_value_load (ignored)

If you want to push this to stable, we'll need to rebuild the deps as well.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

2 years ago
User Icon salimma commented & provided feedback 2 years ago

@orion yeah... some slurm people flagged that pmix does not really version their soname properly. Going to rebuild in a side tag, since we really do need to push this out. Thanks.

salimma edited this update.

New build(s):

  • openmpi-4.1.4-9.fc38
  • prrte-2.0.2-5.fc38
  • slurm-22.05.9-5.fc38

Karma has been reset.

2 years ago

This update has been submitted for testing by salimma.

2 years ago

salimma edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago
User Icon rineau commented & provided feedback 2 years ago

I got an error during a dnf update:

Running transaction

Transaction failed: Rpm transaction failed.
  - libfabric.so.1()(64bit) is needed by openmpi-4.1.4-9.fc38.x86_64
  - libfabric.so.1(FABRIC_1.0)(64bit) is needed by openmpi-4.1.4-9.fc38.x86_64
  - libfabric.so.1(FABRIC_1.1)(64bit) is needed by openmpi-4.1.4-9.fc38.x86_64
  - libfabric.so.1(FABRIC_1.3)(64bit) is needed by openmpi-4.1.4-9.fc38.x86_64
  - libfabric.so.1(FABRIC_1.5)(64bit) is needed by openmpi-4.1.4-9.fc38.x86_64

(same issue with both dnf4 and dnf5).

A manual installation of libfabric solved the issue:

sudo dnf install /usr/lib64/libfabric.so.1

And after that the dnf update managed to update:

Running transaction
[1/8] Verify package files                                                                                                                                                  100% | 230.0   B/s |   3.0   B |  00m00s
[2/8] Prepare transaction                                                                                                                                                   100% |   9.0   B/s |   6.0   B |  00m01s
[3/8] Upgrading openmpi-0:4.1.4-9.fc38.x86_64                                                                                                                               100% |  51.6 MiB/s |  10.0 MiB |  00m00s
[4/8] Upgrading openmpi-devel-0:4.1.4-9.fc38.x86_64                                                                                                                         100% |   8.6 MiB/s |   2.0 MiB |  00m00s
[5/8] Upgrading python3-openmpi-0:4.1.4-9.fc38.x86_64                                                                                                                       100% |  87.9 KiB/s | 540.0   B |  00m00s
[6/8] Erasing openmpi-devel-0:4.1.4-8.fc38.x86_64                                                                                                                           100% |  92.0 KiB/s | 848.0   B |  00m00s
[7/8] Erasing python3-openmpi-0:4.1.4-8.fc38.x86_64                                                                                                                         100% | 400.0   B/s |   2.0   B |  00m00s
[8/8] Erasing openmpi-0:4.1.4-8.fc38.x86_64                                                                                                                                 100% | 812.0   B/s | 559.0   B |  00m01s
>>> Running trigger-install scriptlet: glibc-common-0:2.37-5.fc38.x86_64
>>> Stop trigger-install scriptlet: glibc-common-0:2.37-5.fc38.x86_64
>>> Running trigger-install scriptlet: man-db-0:2.11.2-2.fc38.x86_64
>>> Stop trigger-install scriptlet: man-db-0:2.11.2-2.fc38.x86_64
>>> Running trigger-post-uninstall scriptlet: man-db-0:2.11.2-2.fc38.x86_64
>>> Stop trigger-post-uninstall scriptlet: man-db-0:2.11.2-2.fc38.x86_64

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
approved
2 years ago
Builds
4
openmpi-4.1.4-9.fc38
pmix-4.1.3-1.fc38
prrte-2.0.2-5.fc38
slurm-22.05.9-5.fc38
BZ#2238898 CVE-2023-41915 pmix: race condition allows attackers to obtain ownership of arbitrary files
0
0
BZ#2239124 TRIAGE-CVE-2023-41915 pmix: race condition allows attackers to obtain ownership of arbitrary files [fedora-all]
0
0
BZ#2240042 Update to pmix breaks OpenMPI
0
0
openmpi-4.1.4-9.fc38
pmix-4.1.3-1.fc38
prrte-2.0.2-5.fc38
slurm-22.05.9-5.fc38

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-22-5kk59.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy