rpm/apptainer
SHA256
1
0
Fork 0
forked from pool/apptainer
Code Pull Requests Activity

Accepting request 1083262 from home:mslacken:pr

Browse Source 
- Included a fix for CVE-2023-30549 which is a vulnerability in setuid-root
  installations of Apptainer iwhich was not active in the recent openSUSE
  packages. Still this is included for completenss. The fix adds allow
  setuid-mount configuration options encrypted, squashfs, and extfs, and makes
  the default for extfs be "no". That disables the use of extfs mounts
  including for overlays or binds while in the setuid-root mode, while leaving
  it enabled for unprivileged user namespace mode. The default for encrypted
  and squashfs is "yes".
- Other bug fixes:
  * Fix loop device 'no such device or address' spurious errors when using shared
    loop devices.
  * Add xino=on mount option for writable kernel overlay mount points to fix
    inode numbers consistency after kernel cache flush (not applicable to
    fuse-overlayfs).

OBS-URL: https://build.opensuse.org/request/show/1083262
OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=43
This commit is contained in:
Christian Goll 2023-04-27 13:15:28 +00:00 committed by Git OBS Bridge
parent 7bb312ce20
commit 8a75af002a
4 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apptainer-1.1.7.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:40c193d078484c2bb6435030c9308e34ee00d75870454f7c4acfb4f1b222d3f7
size 5188635

3
apptainer-1.1.8.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e8915fe7e140f8d0a195b9517a90bcbffe4378cbf7b9c4d05186a17ab12096fe
size 5190246

19
apptainer.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Thu Apr 27 12:59:22 UTC 2023 - Christian Goll <cgoll@suse.com>
- Included a fix for CVE-2023-30549 which is a vulnerability in setuid-root
installations of Apptainer iwhich was not active in the recent openSUSE
packages. Still this is included for completenss. The fix adds allow
setuid-mount configuration options encrypted, squashfs, and extfs, and makes
the default for extfs be "no". That disables the use of extfs mounts
including for overlays or binds while in the setuid-root mode, while leaving
it enabled for unprivileged user namespace mode. The default for encrypted
and squashfs is "yes".
- Other bug fixes:
* Fix loop device 'no such device or address' spurious errors when using shared
loop devices.
* Add xino=on mount option for writable kernel overlay mount points to fix
inode numbers consistency after kernel cache flush (not applicable to
fuse-overlayfs).
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Mar 29 08:14:47 UTC 2023 - Christian Goll <cgoll@suse.com> Wed Mar 29 08:14:47 UTC 2023 - Christian Goll <cgoll@suse.com>

2
apptainer.spec
View File

@ -25,7 +25,7 @@ Summary: Application and environment virtualization
License: BSD-3-Clause-LBNL License: BSD-3-Clause-LBNL
Group: Productivity/Clustering/Computing Group: Productivity/Clustering/Computing
Name: apptainer Name: apptainer
Version: 1.1.7 Version: 1.1.8
Release: 0 Release: 0
# https://spdx.org/licenses/BSD-3-Clause-LBNL.html # https://spdx.org/licenses/BSD-3-Clause-LBNL.html
URL: https://apptainer.org URL: https://apptainer.org