diff options
author | Leo Famulari <leo@famulari.name> | 2018-12-13 15:43:20 -0500 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2018-12-15 14:37:24 -0500 |
commit | edc6dd03240b8fe0a1530ce0e80637641903095e (patch) | |
tree | ad2b45396b52a66fa97af8afbea8f9da563c96aa | |
parent | 0afeb7468cb2f2e1003e7a246a01e19bb21d1854 (diff) | |
download | guix-edc6dd03240b8fe0a1530ce0e80637641903095e.tar guix-edc6dd03240b8fe0a1530ce0e80637641903095e.tar.gz |
gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295].
Our Singularity package is not vulnerable to CVE-2018-19295 by default,
becuase that vulnerability is based on the 'mount', 'start', and
'action' Singularity binaries being installed setuid, which we do not do
in Guix.
* gnu/packages/linux.scm (singularity): Update to 2.6.1.
-rw-r--r-- | gnu/packages/linux.scm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index ae16491f26..43ee257c70 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -2612,7 +2612,7 @@ thanks to the use of namespaces.") (define-public singularity (package (name "singularity") - (version "2.5.1") + (version "2.6.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/singularityware/singularity/" @@ -2620,7 +2620,7 @@ thanks to the use of namespaces.") "/singularity-" version ".tar.gz")) (sha256 (base32 - "0f28dgf2qcy8ljjfix7p9q36q12j7rxyicfzzi4n0fl8zr8ab88g")))) + "1whx0hqqi1326scgdxxxa1d94vn95mnq0drid6s8wdp84ni4d3gk")))) (build-system gnu-build-system) (arguments `(#:configure-flags |