Vulnerability in Singularity 3.7.2 and 3.7.3

by | May 28, 2021 | News

A security vulnerability in Singularity version 3.7.2 and 3.7.3 has been publicly announced that enables an attacker to publish malicious container that takes priority over a container that a user is expecting to run. Due to incorrect use of a default URL, singularity...

High risk vulnerability concerning Squid

by | May 12, 2021 | Advisories, News

The Squid project has publicly announced new vulnerabilities, one of which is deemed HIGH risk, viz. CVE-2020-25097, because it may allow services to be exposed that are not directly accessible from the client host. The other ones only concern potential denial of...

Singularity 3.7.3 security release

by | May 12, 2021 | News

Singularity 3.7.3 was released in April and is available in Fedora and EPEL repositories. It fixes a security bug in umoci (CVE-2021-29136), a dependency used by Singularity to extract docker/OCI image layers. It can be tricked into modifying host files by creating a...