FEDORA-2018-6189ba2d87 created by dwd a year ago for Fedora 29
stable

Update to released upstream 2.6.1

How to install

sudo dnf upgrade --advisory=FEDORA-2018-6189ba2d87

This update has been submitted for testing by dwd.

a year ago

This update has been pushed to testing.

a year ago

fyi: this fixes CVE-2018-19295

The 2.6.1 release contains fixes for a high severity security issue affecting Singularity 2.4.0 through 2.6.0 on modern distributions managed with systemd where mount points are mounted with shared mount propagation by default (CVE-2018-19295). A malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability to mount arbitrary directories into the host mount namespace resulting in privilege escalation on the host.

via

https://github.com/sylabs/singularity/releases/tag/2.6.1

User Icon phphavok provided feedback a year ago
karma

This update has been submitted for batched by bodhi.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago
User Icon mkandes commented & provided feedback a year ago
karma

Tests performed and outcome:

  1. clean install singularity: PASSED

    yum install singularity --enablerepo=epel-testing
    
  2. build, exec, run *.simg from definition file: PASSED

    sudo singularity build ubuntu.simg ubuntu.def
    singularity exec ubuntu.simg lsb_release -a
    singularity run ubuntu.simg
    
  3. build and exec *.simg from Docker Hub: PASSED

    sudo singularity build ubuntu-docker.simg docker://ubuntu
    singularity exec ubuntu-docker.simg cat /etc/os-release
    
  4. build, exec, run *.simg from Singulartiy Hub: PASSED

    sudo singularity build ubuntu-shub.simg shub://singularityhub/ubuntu
    singularity exec ubuntu-shub.simg cat /etc/os-release
    singularity run ubuntu-shub.simg
    
  5. convert from .simg to .img and modify *.img with shell --writable: PASSED

    singularity image.create --size 2048 ubuntu.img
    sudo singularity build --writable ubuntu.img ubuntu.simg
    sudo singularity shell --writable ubuntu.img
    > apt-get install -y python
    > exit
    
  6. exec and run modified *.img: PASSED

    singularity exec ubuntu.img python --version
    singularity run ubuntu.img
    

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
1
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago

Automated Test Results