875872 – =app-containers/apptainer-1.1.2: security stabilisation

Bug 875872 - =app-containers/apptainer-1.1.2: security stabilisation

Summary: =app-containers/apptainer-1.1.2: security stabilisation

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Stabilization (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Marek Szuba

URL:
Whiteboard:
Keywords:	CC-ARCHES, SECURITY

Depends on:
Blocks:	CVE-2022-39237
	Show dependency tree

Reported:	2022-10-07 14:29 UTC by Marek Szuba
Modified:	2022-10-08 10:08 UTC (History)
CC List:	1 user (show)

See Also:
Package list:	=app-containers/apptainer-1.1.2 =sys-fs/squashfuse-0.1.103
Runtime testing required:	---

Flags:	nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marek Szuba archtester

2022-10-07 14:29:19 UTC

1.1.2 is the first version of Apptainer that is not vulnerable to CVE-2022-39237.

Comment 1 NATTkA bot gentoo-dev

2022-10-07 14:32:16 UTC Comment hidden (obsolete)

Sanity check failed:

> app-containers/apptainer-1.1.2
>   depend amd64 dev profile default/linux/amd64/17.0/x32 (7 total)
>     sys-fs/squashfuse
>   depend amd64 stable profile default/linux/amd64/17.1 (14 total)
>     sys-fs/squashfuse
>   rdepend amd64 dev profile default/linux/amd64/17.0/x32 (7 total)
>     sys-fs/squashfuse
>   rdepend amd64 stable profile default/linux/amd64/17.1 (14 total)
>     sys-fs/squashfuse

Comment 2 Marek Szuba archtester

2022-10-07 14:34:34 UTC

Forgot about squashfuse, removing CC-ARCHES from keywords until its maintainer has signed this off.

Comment 3 NATTkA bot gentoo-dev

2022-10-07 14:36:15 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 4 Zac Medico gentoo-dev

2022-10-07 22:36:16 UTC

Yes, please do stabilize squashfuse-0.1.103.

Comment 5 Agostino Sarubbo gentoo-dev

2022-10-08 10:08:12 UTC

amd64 done

all arches done