Package: singularity-container Version: 2.6.1-1 Severity: serious singularity-container previously had to be removed from stretch [1] due to the unfeasibility of security support for that version [private communication with security team and upstream]. While upstream has gotten better about marking vulnerable versions of the software and using CVEs, it turns out that security support will remain unfeasible [2]. Security support for the community is only promised by upstream for the latest release [3]. Therefore, singularity-container should be blocked from testing so that it does not enter a stable release.
1. https://bugs.debian.org/898154 2. https://lists.debian.org/debian-hpc/2018/12/msg00029.html 3. https://www.sylabs.io/singularity/ -- Afif Elghraoui
