rpm/apptainer
SHA256
1
0
Fork 0
forked from pool/apptainer
Code Pull Requests Activity

Accepting request 1008777 from home:mslacken:pr

Browse Source 
- Udpated to 1.1.2 which fixed CVE-2022-39237
  * CVE-2022-39237: The sif dependency included in Apptainer before this
    release does not verify that the hash algorithm(s) used are
    cryptographically secure when verifying digital signatures. This release
    updates to sif v2.8.1 which corrects this issue. See the linked advisory
    for references and a workaround.

OBS-URL: https://build.opensuse.org/request/show/1008777
OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=23
This commit is contained in:
Christian Goll 2022-10-07 12:44:28 +00:00 committed by Git OBS Bridge
parent 9032336fb9
commit 8016c940db
5 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apptainer-1.1.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a36ad5b0cd5f01080f0303ac022dec00c5eb909068db296498c8802e590e81cb
size 5175619

3
apptainer-1.1.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4892d2a4347a05ae66b2d7c8becf6dbbe175e12c11a4960040aa293319ee4601
size 5175828

10
apptainer.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Fri Oct 7 12:42:57 UTC 2022 - Christian Goll <cgoll@suse.com>
- Udpated to 1.1.2 which fixed CVE-2022-39237
* CVE-2022-39237: The sif dependency included in Apptainer before this
release does not verify that the hash algorithm(s) used are
cryptographically secure when verifying digital signatures. This release
updates to sif v2.8.1 which corrects this issue. See the linked advisory
for references and a workaround.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Sep 28 09:07:18 UTC 2022 - Christian Goll <cgoll@suse.com> Wed Sep 28 09:07:18 UTC 2022 - Christian Goll <cgoll@suse.com>

2
apptainer.spec
View File

@ -25,7 +25,7 @@ Summary: Application and environment virtualization
License: BSD-3-Clause-LBNL License: BSD-3-Clause-LBNL
Group: Productivity/Clustering/Computing Group: Productivity/Clustering/Computing
Name: apptainer Name: apptainer
Version: 1.1.0 Version: 1.1.2
Release: 0 Release: 0
# https://spdx.org/licenses/BSD-3-Clause-LBNL.html # https://spdx.org/licenses/BSD-3-Clause-LBNL.html
URL: https://apptainer.org URL: https://apptainer.org

4
vendor.tar.gz
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:c68491bfd2bbe56d6fa6fd83bc97523cad65372aade5c659efd0b1f0d5241901 oid sha256:dd1ee418aeb61d5a9679fe6517f01eebe313e5b8ae532b203aacd13be2bba92c
size 7214251 size 7349891