For the full release announcement and downloads, please see the release on Github.

This release includes a fix for a Moderate Severity security issue, and other improvements to version 2.2.

Security information:

In versions of Singularity previous to 2.2.1, it was possible for a malicious user to create and manipulate specifically crafted raw devices within containers they own. Utilizing MS_NODEV as a container image mount option mitigates this potential vector of attack. As a result, this update should be implemented with high urgency. A big thanks to Mattias Wadenstein (@UMU in Sweden) for identifying and reporting this issue!

Other improvements:

  • Fixed some leaky file descriptors
  • Cleaned up *printf() usage
  • Catch if user’s group is not properly defined

Please report any additional bugs as issues.

Thank you!