Hi Yaroslav,
Am Mon, Jan 24, 2022 at 10:11:21AM -0500 schrieb Yaroslav Halchenko:
>
> > " https://github.com/sylabs/singularity/releases \
> > - (?:.*/)?singularity-(\d[\d\.]*)\.tar\.gz
> > + (?:.*/)?singularity-ce-(\d[\d\.]*)\.tar\.gz
>
> cool -- applied
:-)
> > Thus I'm wondering why we have 4 open bugs with CVE
> > numbers and are lagging several versions behind upstream. May be there
> > is a good reason to stick to the outdated security problematic version
> > which I simply do not understand?
>
> shortage of time/ppl?
OK, just wanted to make sure there is no technical reason.
> I have started to update packaging for 3.9.4+ds1 but got stuck on
> updating the 2nd patch which seems "too involved" for a go-ignorant me.
> Any help would be welcomed. I have pushed update of source tree etc
I might have a look once I get permissions to push directly.
Kind regards
Andreas.
--
http://fam-tille.de
