openSUSE Leap 15.4: 2023:0018-1 Moderate: Apptainer Digital Signature Fix

This update for apptainer fixes the following issues:

Updated to 1.1.2 which fixed CVE-2022-39237

* CVE-2022-39237: The sif dependency included in Apptainer before this

release does not verify that the hash algorithm(s) used are

cryptographically secure when verifying digital signatures. This

release updates to sif v2.8.1 which corrects this issue. See the

linked advisory for references and a workaround.

Updated to version 1.1.0

* added squashfuse-0.1.105.tar.gz and 70.patch for the build of

squashfuse_ll which will be removed as soon as the multithread patch

is incoperated

* Change squash mounts to prefer to use squashfuse_ll instead of

squashfuse, if available, for improved performance. squashfuse_ll is

not available in factory.

* Also, for even better parallel performance, include a patched

multithreaded version of squashfuse_ll in

* Imply adding ${prefix}/libexec/apptainer/bin to...