Published November 22, 2021
| Version v3.9.1
Software
Open
sylabs/singularity: SingularityCE 3.9.1
Authors/Creators
- Gregory M. Kurtzer1
- cclerget
- Dave Trudgian2
- Michael Bauer3
- Ian Kaneshiro
- David Godlove4
- Vanessasaurus
- Yannick Cote5
- Adam Hughes6
- Geoffroy Vallee
- DrDaveD
- Justin Cook7
- Jason Stover
- Brian P Bockelman8
- Marcelo Magallon9
- Jacob Chappell10
- Mike Frisch
- Daniele Tamino
- Carlos Eduardo Arango Gutierrez11
- Carl Madison
- Sasha Yakovtseva
- Amanda Duffy12
- Satrajit Ghosh13
- VP
- Tru Huynh14
- Mike Gray15
- Yaroslav Halchenko16
- Felix Abecassis17
- 1. Singularity Labs
- 2. @sylabs
- 3. Facebook
- 4. NIH HPC
- 5. Red Hat
- 6. Sylabs Inc
- 7. @Linaro
- 8. Morgridge Institute for Research
- 9. @grafana
- 10. Chappell Consulting & Tutoring
- 11. @RedHatOfficial
- 12. Lenovo
- 13. MIT
- 14. Unité de Bioinformatique Structurale, Institut Pasteur
- 15. Self
- 16. Dartmouth College, @Debian, @DataLad, @PyMVPA, @fail2ban
- 17. NVIDIA
Description
This is a security release for SingularityCE 3.9, addressing a security issue in SingularityCE's dependencies.
Security Related Fixes- CVE-2021-41190 / GHSA-77vh-xpmg-72qh: OCI specifications allow ambiguous documents that contain both "manifests" and "layers" fields. Interpretation depends on the presence / value of a Content-Type header. SingularityCE dependencies handling the retrieval of OCI images have been updated to versions that reject ambiguous documents.
Thanks to our contributors for code, feedback and, testing efforts!
As always, please report any bugs to: https://github.com/sylabs/singularity/issues/new
If you think that you've discovered a security vulnerability please report it to: security@sylabs.io
Have fun!
DownloadsPlease use the singularity-ce-3.9.0.tar.gz download below to obtain and install SingularityCE 3.9.0. The GitHub auto-generated 'Source Code' downloads do not include required dependencies etc.
Files
sylabs/singularity-v3.9.1.zip
Files
(5.8 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:516db03ce790201805ea4c5cc14c8be4
|
5.8 MB | Preview Download |
Additional details
Related works
- Is supplement to
- https://github.com/sylabs/singularity/tree/v3.9.1 (URL)