This commit was created on GitHub.com and signed with GitHub’s verified signature.
v1.1.8 - [2023-04-25]
Security fix
Included a fix for CVE-2023-30549 which is a vulnerability in setuid-root installations of Apptainer and Singularity that causes an elevation in severity of an existing ext4 filesystem driver vulnerability that is unpatched in several older but still actively supported operating systems including RHEL7, Debian 10, Ubuntu 18.04 and Ubuntu 20.04. The fix adds allow setuid-mount configuration options encrypted, squashfs, and extfs, and makes the default for extfs be "no". That disables the use of extfs mounts including for overlays or binds while in the setuid-root mode, while leaving it enabled for unprivileged user namespace mode. The default for encrypted and squashfs is "yes".
Other changes
Fix loop device 'no such device or address' spurious errors when using shared loop devices.
Remove unwanted colors to STDERR.
Add xino=on mount option for writable kernel overlay mount points to fix inode numbers consistency after kernel cache flush (not applicable to fuse-overlayfs).
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.