Singularity 2.3.1 Security Release
This release includes a fix for a High Severity security issue on older hosts, and other improvements and fixes to previous versions of Singularity.
Security Information:
A potential escalation pathway was identified that could have allowed a malicious user to escalate their privileges on hosts that do not support the PR_SET_NO_NEW_PRIVS
flag for the prctl()
system call. This release fixes this as well as several other identified bugs and potential race conditions.
Please report any additional bugs to our issues board.
Thanks to the hard work of all our contributors to nail this bug in the butt!