|Category:||SuSE Local Security Checks|
|Title:||openSUSE: Security Advisory for singularity (openSUSE-SU-2020:1770-1)|
|Summary:||The remote host is missing an update for the 'singularity'; package(s) announced via the openSUSE-SU-2020:1770-1 advisory.|
The remote host is missing an update for the 'singularity'
package(s) announced via the openSUSE-SU-2020:1770-1 advisory.
This update for singularity fixes the following issues:
Update to new version 3.6.4:
- CVE-2020-15229: Due to insecure handling of path traversal and the lack
of path sanitization within unsquashfs, it is possible to
overwrite/create files on the host filesystem during the extraction of a
crafted squashfs filesystem (boo#1177901).
To install this openSUSE Security Update use the SUSE recommended
like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1770=1
'singularity' package(s) on openSUSE Leap 15.2.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-15229|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.