Vulnerability in Singularity 3.7.2 and 3.7.3
A security vulnerability in Singularity version 3.7.2 and 3.7.3 has been publicly announced that enables an attacker to publish malicious container that takes priority over a container that a user is expecting to run. Due to incorrect use of a default URL, singularity...
High risk vulnerability concerning Squid
The Squid project has publicly announced new vulnerabilities, one of which is deemed HIGH risk, viz. CVE-2020-25097, because it may allow services to be exposed that are not directly accessible from the client host. The other ones only concern potential denial of...
Singularity 3.7.3 security release
Singularity 3.7.3 was released in April and is available in Fedora and EPEL repositories. It fixes a security bug in umoci (CVE-2021-29136), a dependency used by Singularity to extract docker/OCI image layers. It can be tricked into modifying host files by creating a...
Various Linux kernel vulnerabilities
We would like to point out two vulnerabilities found in the Linux Kernel, that are high risk for our infrastructure. CVE-2020-25211 A buffer overflow vulnerability has been announced by RedHat which may allow a local user to crash the system, compromise data...
Successful security workshop at ISGC 2021
We had a very successful Security Workshop on Monday 22nd March as part of ISGC 2021, including a discussion of the new Trusted CI Framework, the sharing and active use of threat intelligence, and a hands-on container security session. The threat intelligence session...
HTCondor versions 8.9.2 through 8.9.10 vulnerabilities
2 vulnerabilities have been found concerning HTCondor, affecting a limited number of versions. One may allow any authenticated user to impersonate any other user on the Condor system, and potentially reconfigure the HTCondor daemons. The other may allow any...
