For the full release announcement and downloads, please see the release on GitHub.
This release includes a fix for a Moderate Severity security issue, and other improvements to version 2.2.
In versions of Singularity previous to 2.2.1, it was possible for a malicious user to create and manipulate specifically crafted raw devices within containers they own. Utilizing
MS_NODEV as a container image mount option mitigates this potential vector of attack. As a result, this update should be implemented with high urgency. A big thanks to Mattias Wadenstein (@UMU in Sweden) for identifying and reporting this issue!
- Fixed some leaky file descriptors
- Cleaned up
- Catch if user’s group is not properly defined
Please report any additional bugs as issues.