summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2018-12-13 15:43:20 -0500
committerLeo Famulari <leo@famulari.name>2018-12-15 14:37:24 -0500
commitedc6dd03240b8fe0a1530ce0e80637641903095e (patch)
treead2b45396b52a66fa97af8afbea8f9da563c96aa
parent0afeb7468cb2f2e1003e7a246a01e19bb21d1854 (diff)
downloadguix-edc6dd03240b8fe0a1530ce0e80637641903095e.tar.gz
gnu: Singularity: Update to 2.6.1 [fixes CVE-2018-19295].
Our Singularity package is not vulnerable to CVE-2018-19295 by default,
becuase that vulnerability is based on the 'mount', 'start', and
'action' Singularity binaries being installed setuid, which we do not do
in Guix.

* gnu/packages/linux.scm (singularity): Update to 2.6.1.
-rw-r--r--gnu/packages/linux.scm4
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index ae16491f26..43ee257c70 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -2612,7 +2612,7 @@ thanks to the use of namespaces.")
 (define-public singularity
   (package
     (name "singularity")
-    (version "2.5.1")
+    (version "2.6.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://github.com/singularityware/singularity/"
@@ -2620,7 +2620,7 @@ thanks to the use of namespaces.")
                                   "/singularity-" version ".tar.gz"))
               (sha256
                (base32
-                "0f28dgf2qcy8ljjfix7p9q36q12j7rxyicfzzi4n0fl8zr8ab88g"))))
+                "1whx0hqqi1326scgdxxxa1d94vn95mnq0drid6s8wdp84ni4d3gk"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags