apptainer/apptainer v1.1.1

Apptainer 1.1.1 Security release

on GitHub

Changes in this release

• CVE-2022-39237: The sif dependency included in Apptainer before this release does not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. This release updates to sif v2.8.1 which corrects this issue. See the linked advisory for references and a workaround.