Описание
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| singularity-container | fixed | 3.9.4+ds2-1 | experimental | package |
| singularity-container | fixed | 3.9.5+ds1-2 | package |
Примечания
https://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9v
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 5 лет назад
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
CVSS3: 7.5
nvd
больше 5 лет назад
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
