Egbert Eich
7a723afbc2
* Fix-CVE-2024-3727-bsc-1224129.patch
The fix is a no-op as none of the affected files are still in
use with version 4.1.3.
- Update to version 4.1.3
* Bug Fixes
+ Set default `PATH` in container run in OCI-Mode when image does not set
`PATH`.
+ Fix storage of credentials for `docker.io` to behave the same as for
`index.docker.io`.
+ Improve documentation for remote list command.
+ Don't fail with lack of descriptor capacity when writing OCI images
with many layers to OCI-SIF.
+ Ensure a fixed number of spare descriptors is present in the OCI-SIF
when pulling an OCI image.
- SingularityCE 4.1.2
* Bug Fixes
+ Set OCI runtime-spec annotations that are required by the documented
image-spec conversion process.
+ In `--oci` mode always set inner ID map based on host user, not
`USER` in OCI container. Fixes incorrect permissions for files
owned by `USER` in the container.
+ Provide warning / info message for OCI image-spec features
(volumes, exposed ports) that are not supported by singularity.
+ Honor `WORKDIR` by default for OCI images in `--oci` mode, as
required by OCI image-spec.
+ Restore previous `--writable` behaviour when running a container
image from SIF/SquashFS in user namepace mode. The image will be
extracted to a temporary sandbox, which is writable at runtime.
OBS-URL: https://build.opensuse.org/package/show/network:cluster/singularity-ce?expand=0&rev=9
5.6 KiB
5.6 KiB