| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2020-13847 |
| Description: |
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2020-13847
openSUSE-SU-2020:1011-1
openSUSE-SU-2020:1037-1
openSUSE-SU-2020:1100-1
Mitre CVE-2020-13847
SUSE CVE-2020-13847
openSUSE-SU-2020:1011-1
openSUSE-SU-2020:1037-1
openSUSE-SU-2020:1100-1
|
| Platform(s): | openSUSE Leap 15.1
openSUSE Leap 15.2
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.1 is installed AND Package Information
singularity-3.6.0-lp151.2.6 is installed
AND singularity is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Leap 15.2 is installed
AND Package Information
singularity-3.6.0-lp152.2.3.1 is installed
AND singularity is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND singularity-3.8.3-1.2 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
AND singularity-3.6.0-bp152.2.4.1 is installed
|