Summary: | <sys-cluster/singularity-3.7.4: action commands against library URIs ignore configured remote endpoint | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Marek Szuba <marecki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | marecki |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/hpcng/singularity/security/advisories/GHSA-jq42-hfch-42f3 | ||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
Marek Szuba
2021-05-27 10:45:03 UTC
x86 done amd64 done all arches done The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=086e1d23d289498f83d7d321dc39ff1caaa79b9f commit 086e1d23d289498f83d7d321dc39ff1caaa79b9f Author: Marek Szuba <marecki@gentoo.org> AuthorDate: 2021-05-28 08:41:32 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2021-05-28 08:42:03 +0000 sys-cluster/singularity: drop 3.7.3 No versions vulnerable to CVE-2021-32635 left in the tree. Bug: https://bugs.gentoo.org/792465 Signed-off-by: Marek Szuba <marecki@gentoo.org> sys-cluster/singularity/Manifest | 1 - sys-cluster/singularity/singularity-3.7.3.ebuild | 73 ------------------------ 2 files changed, 74 deletions(-) Thank you for the report! Unable to check for sanity:
> no match for package: =sys-cluster/singularity-3.7.4
GLSA request filed. This issue was resolved and addressed in GLSA 202107-50 at https://security.gentoo.org/glsa/202107-50 by GLSA coordinator John Helmert III (ajak). |