nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295]. 

Our Singularity package is not vulnerable to CVE-2018-19295 by default,
becuase that vulnerability is based on the 'mount', 'start', and
'action' Singularity binaries being installed setuid, which we do not do
in Guix.

* gnu/packages/linux.scm (singularity): Update to 2.6.1.
This commit is contained in:
Leo Famulari 2018-12-13 15:43:20 -05:00
parent 0afeb7468c
commit edc6dd0324
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gnu/packages/linux.scm
View File

@ -2612,7 +2612,7 @@ thanks to the use of namespaces.")
(define-public singularity (define-public singularity
(package (package
(name "singularity") (name "singularity")
(version "2.5.1") (version "2.6.1")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://github.com/singularityware/singularity/" (uri (string-append "https://github.com/singularityware/singularity/"
@ -2620,7 +2620,7 @@ thanks to the use of namespaces.")
"/singularity-" version ".tar.gz")) "/singularity-" version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"0f28dgf2qcy8ljjfix7p9q36q12j7rxyicfzzi4n0fl8zr8ab88g")))) "1whx0hqqi1326scgdxxxa1d94vn95mnq0drid6s8wdp84ni4d3gk"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
`(#:configure-flags `(#:configure-flags