[Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-30549
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 1 17:14:04 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a2732981 by Salvatore Bonaccorso at 2023-08-01T18:13:24+02:00
Update information on CVE-2023-30549
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12148,13 +12148,14 @@ CVE-2023-30551 (Rekor is an open source software supply chain transparency log.
CVE-2023-30550 (MeterSphere is an open source continuous testing platform, covering fu ...)
NOT-FOR-US: MeterSphere
CVE-2023-30549 (Apptainer is an open source container platform for Linux. There is an ...)
- - singularity-container <unfixed> (bug #1035026; unimportant)
+ - singularity-container 3.11.4+ds1-1 (bug #1035026; unimportant)
NOTE: https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg
NOTE: Sylabs and Apptainer projects are in disagreement to track this issue and
NOTE: their handling with respect to unpatches filesystem vulnerabilities. Sylanbs
- NOTE: will add a configuration option to disable all mounts of extfs file systems
- NOTE: as well in a future singularity-container version, as similar done by the
+ NOTE: added a configuration option to disable all mounts of extfs file systems
+ NOTE: as well in 3.11.2 singularity-container version, as similar done by the
NOTE: Apptainer project.
+ NOTE: https://github.com/sylabs/singularity/blob/main/CHANGELOG.md#3112-2023-04-27
NOTE: Details in https://sylabs.io/2023/04/response-to-cve-2023-30549/
CVE-2023-30548 (gatsby-plugin-sharp is a plugin for the gatsby framework which exposes ...)
NOT-FOR-US: gatsby-plugin-sharp
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2732981a3b58b6c0e814b7cb2518f102ea11957
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2732981a3b58b6c0e814b7cb2518f102ea11957
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230801/cbd49de2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list