Hello,
munge has a security vulnerability for versions below 0.5.17, Rocky versions are 0.5.13 and 0.5.15 respectively. There is a patch available in version 0.5.18:
https://github.com/dun/munge/security/advisories/GHSA-r9cr-jf4v-75gh
Rocky is based on RHEL packages, so RHEL need to fix it before it appears in Rocky. RHEL backport fixes as well if required if the fix is provided in a higher version than the distro currently has.
The bug report is here:
1 Like