[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295].
|
From: |
guix-commits |
|
Subject: |
01/01: gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295]. |
|
Date: |
Sat, 15 Dec 2018 14:37:37 -0500 (EST) |
lfam pushed a commit to branch master
in repository guix.
commit edc6dd03240b8fe0a1530ce0e80637641903095e
Author: Leo Famulari <address@hidden>
Date: Thu Dec 13 15:43:20 2018 -0500
gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295].
Our Singularity package is not vulnerable to CVE-2018-19295 by default,
becuase that vulnerability is based on the 'mount', 'start', and
'action' Singularity binaries being installed setuid, which we do not do
in Guix.
* gnu/packages/linux.scm (singularity): Update to 2.6.1.
---
gnu/packages/linux.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index ae16491..43ee257 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -2612,7 +2612,7 @@ thanks to the use of namespaces.")
(define-public singularity
(package
(name "singularity")
- (version "2.5.1")
+ (version "2.6.1")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/singularityware/singularity/";
@@ -2620,7 +2620,7 @@ thanks to the use of namespaces.")
"/singularity-" version ".tar.gz"))
(sha256
(base32
- "0f28dgf2qcy8ljjfix7p9q36q12j7rxyicfzzi4n0fl8zr8ab88g"))))
+ "1whx0hqqi1326scgdxxxa1d94vn95mnq0drid6s8wdp84ni4d3gk"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags