Published January 17, 2023
| Version v3.10.5
Software
Open
sylabs/singularity: SingularityCE 3.10.5
Authors/Creators
- Gregory M. Kurtzer1
- cclerget
- Dave Trudgian2
- Michael Bauer3
- Ian Kaneshiro
- David Godlove4
- Vanessasaurus
- Yannick Cote5
- Carlos Eduardo Arango Gutierrez6
- Adam Hughes7
- Geoffroy Vallee8
- DrDaveD
- Justin Cook9
- Jason Stover
- Brian P Bockelman10
- Marcelo Magallon11
- Jacob Chappell12
- Mike Frisch
- Daniele Tamino
- Carl Madison
- Sasha Yakovtseva
- Amanda Duffy13
- Satrajit Ghosh14
- VP
- Tru Huynh15
- Mike Gray16
- Yaroslav Halchenko17
- Felix Abecassis6
- 1. Singularity Labs
- 2. @sylabs
- 3. Relativity Space
- 4. Ctrl IQ
- 5. Red Hat
- 6. NVIDIA
- 7. Sylabs Inc
- 8. @NVIDIA
- 9. @NERSC
- 10. Morgridge Institute for Research
- 11. @grafana
- 12. @lampo
- 13. Lenovo
- 14. MIT
- 15. Unité de Bioinformatique Structurale, Institut Pasteur
- 16. Self
- 17. Dartmouth College, @Debian, @DataLad, @PyMVPA, @fail2ban
Description
SingularityCE 3.10.5 is a security release in the 3.10 series.
We encourage all users to upgrade. Please see the details and CVE/GHSA link below for more information about the vulnerability.
Security Related Fixes- CVE-2022-23538: The github.com/sylabs/scs-library-client dependency included in SingularityCE >=3.10.0, \<3.10.5 may leak user credentials to a third-party service via HTTP redirect. This issue is limited to
library://access to specific Singularity Enterprise 1.x or 3rd party library configurations, which plement a concurrent multi-part download flow. Access to Singularity Enterprise 2.x, or Singularity Container Services (cloud.sylabs.io), does not trigger the vulnerable flow. See the linked advisory for full details.
Thanks to our contributors for code, feedback and, testing efforts!
As always, please report any bugs to: https://github.com/sylabs/singularity/issues/new
If you think that you've discovered a security vulnerability please report it to: security@sylabs.io
Have fun!
DownloadsSource Code
Please use the singularity-ce-3.10.5.tar.gz download below to obtain and install SingularityCE 3.10.5. The GitHub auto-generated 'Source Code' downloads do not include required dependencies etc.
Packages
RPM / DEB packages are provided for:
- Ubuntu 18.04 (bionic)
- Ubuntu 20.04 (focal)
- Ubuntu 22.04 (jammy)
- RHEL/CentOS 7 (el7)
- RHEL/CentOS/AlmaLinux/Rocky 8 (el8)
- RHEL/CentOS/AlmaLinux/Rocky 9 (el9)
These packages were built with Go 1.19.5
Files
sylabs/singularity-v3.10.5.zip
Files
(5.6 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:da117c7045e60f933daba2edb8bcc4f7
|
5.6 MB | Preview Download |
Additional details
Related works
- Is supplement to
- https://github.com/sylabs/singularity/tree/v3.10.5 (URL)