SUSE-SU-2025:0066-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250066-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0066-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:0066-1
Related
Published
2025-01-10T14:49:12Z
Modified
2025-01-10T14:49:12Z
Summary
Security update for apptainer
Details

This update for apptainer fixes the following issues:

  • Update to version 1.3.6
  • CVE-2024-28180: Fixed an improper handling of highly compressed data in go-jose. (bsc#1235211)
References

Affected packages

SUSE:Linux Enterprise Module for HPC 15 SP6 / apptainer

Package

Name
apptainer
Purl
pkg:rpm/suse/apptainer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.6-150600.4.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "apptainer": "1.3.6-150600.4.3.1",
            "apptainer-sle15_6": "1.3.6-150600.4.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / apptainer

Package

Name
apptainer
Purl
pkg:rpm/opensuse/apptainer&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.6-150600.4.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "apptainer-sle15_5": "1.3.6-150600.4.3.1",
            "apptainer": "1.3.6-150600.4.3.1",
            "apptainer-leap": "1.3.6-150600.4.3.1",
            "apptainer-sle15_6": "1.3.6-150600.4.3.1"
        }
    ]
}