Skip to content

Apptainer 1.1.8

Latest
Compare
Choose a tag to compare
@DrDaveD DrDaveD released this 25 Apr 16:01
· 612 commits to main since this release
6042064

v1.1.8 - [2023-04-25]

Security fix

  • Included a fix for CVE-2023-30549 which is a vulnerability in setuid-root installations of Apptainer and Singularity that causes an elevation in severity of an existing ext4 filesystem driver vulnerability that is unpatched in several older but still actively supported operating systems including RHEL7, Debian 10, Ubuntu 18.04 and Ubuntu 20.04. The fix adds allow setuid-mount configuration options encrypted, squashfs, and extfs, and makes the default for extfs be "no". That disables the use of extfs mounts including for overlays or binds while in the setuid-root mode, while leaving it enabled for unprivileged user namespace mode. The default for encrypted and squashfs is "yes".

Other changes

  • Fix loop device 'no such device or address' spurious errors when using shared loop devices.
  • Remove unwanted colors to STDERR.
  • Add xino=on mount option for writable kernel overlay mount points to fix inode numbers consistency after kernel cache flush (not applicable to fuse-overlayfs).