--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2023-e08a0f57b5
2023-01-26 00:55:17.132670
--------------------------------------------------------------------------------
Name : singularity-ce
Product : Fedora EPEL 8
Version : 3.10.5
Release : 1.el8
URL :
https://www.sylabs.io/singularity/
Summary : Application and environment virtualization
Description :
SingularityCE is the Community Edition of Singularity, an open source
container platform designed to be simple, fast, and secure.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-23538 / GHSA-7p8m-22h4-9pj7 Upgrade to 3.10.5 upstream
version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 17 2023 David Trudgian <dtrudg(a)sylabs.io> - 3.10.5-1
- Upgrade to 3.10.5 upstream version.
- Addresses CVE-2022-23538 / GHSA-7p8m-22h4-9pj7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2161859 - CVE-2022-23538 scs-library-client: User credentials leaked to
third-party service via HTTP redirect
https://bugzilla.redhat.com/show_bug.cgi?id=2161859
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update singularity-ce' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------