OPENSUSE-SU-2021:1525-1
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 04 Dec 2021, 13:06
Last modified:04 Feb 2026, 04:30
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
04 Dec 2021, 13:06
Published
Vulnerability first disclosed
04 Feb 2026, 04:30
Last Modified
Vulnerability information updated
Description
Security update for singularity This update for singularity fixes the following issues: Update to 3.8.5: - CVE-2021-41190: Fixed OCI manifest and index parsing confusion (boo#1193273). - Building Singularity from source requires go greater or equal 1.16. We now aim to support the two most recent stable versions of Go. This corresponds to the Go Release Maintenance Policy - Sourcing a script based on PATH is now permitted, fixing a regression introduced in 3.6.0. - Environment variables in container definition files are properly scoped, fixing a regression introduced in 3.8.0. - Fix the oras contexts to avoid hangs upon failed pushes to Harbor registry.
Affected Systems
- opensuse•singularity&distro=openSUSE Leap 15.3
< 3.8.5-bp153.2.10.1
- suse•singularity&distro=SUSE Package Hub 15 SP3
< 3.8.5-bp153.2.10.1