[SECURITY] Fedora 32 Update: singularity-3.6.3-1.fc32

Singularity provides functionality to make portable containers that can be used across host environments...

[SECURITY] Fedora 33 Update: singularity-3.6.3-1.fc33

Singularity provides functionality to make portable containers that can be used across host environments...

OPENSUSE-SU-2020:1529-1 Security update for singularity

This update for singularity fixes the following issues: New version 3.6.3, addresses the following security issues: - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1529-1 Rating: moderate References: 1176705 1176707 Cross-References: CVE-2020-25039 CVE-2020-25040 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now availabl...

openSUSE: Security Advisory for singularity (openSUSE-SU-2020:1497-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : singularity (openSUSE-2020-1497)

This update for singularity fixes the following issues : New version 3.6.3, addresses the following security issues : - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1497-1 Rating: moderate References: 1176705 1176707 Cross-References: CVE-2020-25039 CVE-2020-25040 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 An update that fixes two vulnerabilities is now...

OPENSUSE-SU-2020:1497-1 Security update for singularity

This update for singularity fixes the following issues: New version 3.6.3, addresses the following security issues: - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

Authorization Bypass

github.com/hpcng/singularity is vulnerable to Authorization Bypass. The image integrity is not validated when an ECL policy is enforced, allowing a user to bypass the ECL...

Insecure Permissions

github.com/hpcng/singularity uses insecure permissions. The insecure permissions on temporary directories used in fakeroot and user namespace container execution allows a user with access to the system to read the contents of the image during the build. If the image contains a world-writable file...

Insecure Permissions

github.com/hpcng/singularity uses insecure permissions. Insecure permissions on temporary directories used in explicit and implicit container build operations allows a user with access to the system to read the contents of the image during the build. If the image contains a world-writable file or...

Security update for singularity (important)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1100-1 Rating: important References: 1174148 1174150 1174152 Cross-References: CVE-2020-13845 CVE-2020-13846 CVE-2020-13847 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes three...

CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

CVE-2020-25040

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039...

CVE-2020-25040

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039...

Privilege escalation

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

UBUNTU-CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

Design/Logic Flaw

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039...