Skip to content

v2.8.1
Compare
Choose a tag to compare
@sylabs-bot sylabs-bot released this 06 Oct 11:56
· 256 commits to main since this release
v2.8.1
This tag was signed with the committer’s verified signature.
tri-adam Adam Hughes
GPG key ID: F8C9DE2C26CB1A37
Verified
Learn about vigilant mode.
07fb860
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This security patch release addresses an issue with previous versions of the github.com/sylabs/sif/v2/pkg/integrity package, which did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. Users are encouraged to upgrade. More information is available in GHSA-m5m3-46gj-wch8.

Full Changelog: v2.8.0...v2.8.1

Assets 33
Loading