From 1.3.0 release notes: "This release fixes two moderate severity denial of service vulnerabilities by upgrading a dependent library: CVE-2024-28176 and CVE-2024-28180."
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bff728ccef49fe4c5e834f9ea50a54f97c05b839 commit bff728ccef49fe4c5e834f9ea50a54f97c05b839 Author: Marek Szuba <marecki@gentoo.org> AuthorDate: 2024-03-29 13:40:19 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2024-03-29 13:41:02 +0000 app-containers/apptainer: drop 1.2.4 No versions vulnerable to CVE-2024-28176, CVE-2024-28180 left in the tree. Bug: https://bugs.gentoo.org/928121 Signed-off-by: Marek Szuba <marecki@gentoo.org> app-containers/apptainer/Manifest | 1 - app-containers/apptainer/apptainer-1.2.4.ebuild | 92 ------------------------- 2 files changed, 93 deletions(-)