Bug ID 1207285
Summary VirtualBox 7.0.6 is available (new version with Security fixes)
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware All
URL https://www.virtualbox.org/wiki/Changelog-7.0#v6
OS All
Status NEW
Severity Normal
Priority P5 - None
Component Virtualization:Tools
Assignee virt-bugs@suse.de
Reporter jayjayjazz@gmail.com
QA Contact qa-bugs@suse.de
Found By Community User
Blocker --- 

VirtualBox 7.0.6 (released January 17 2023)

This is a maintenance release. The following items were fixed and/or added: [1]

- VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without
unrestricted guest support (bug #21332)
- GUI: Fixed virtual machines grouping when VM was created or modified in
command line (bugs #11500, #20933)
- GUI: Introduced generic changes in settings dialogs
- VirtioNet: Fixed broken network after loading saved state (bug #21172)
- Storage: Added support for increasing the size of the following VMDK image
variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse,
twoGbMaxExtentFlat
- VBoxManage: Added missing --directory switch for guestcontrol mktemp command
- Mouse Integration: Guest was provided with extended host mouse state (bug
#21139)
- DnD: Introduced generic improvements
- Guest Control: Fixed handling creation mode for temporary directories (bug
#21394)
- Linux Host and Guest: Added initial support for building UEK7 kernel on
Oracle Linux 8
- Linux Host and Guest: Added initial support for RHEL 9.1 kernel
- Windows Host: Fixed support for VM autostart (bug#21349)
- Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo
- Audio: The "--audio" option in VBoxManage is now marked as deprecated; please
use "--audio-driver" and "--audio-enabled" instead. This will allow more
flexibility when changing the driver and/or controlling the audio functionality 


Additionally, it fixes 6 CVE's: [2]
CVE-2023-21886     Oracle VM VirtualBox     Core     Multiple     Yes     8.1  
  Network     High     None     None     Un-
changed     High     High     High     Prior to 6.1.42, prior to 7.0.6      
CVE-2023-21898     Oracle VM VirtualBox     Core     None     No     5.5    
Local     Low     Low     None     Un-
changed     None     None     High     Prior to 6.1.42, prior to 7.0.6     See
Note 1
CVE-2023-21899     Oracle VM VirtualBox     Core     None     No     5.5    
Local     Low     Low     None     Un-
changed     None     None     High     Prior to 6.1.42, prior to 7.0.6     See
Note 1
CVE-2023-21884     Oracle VM VirtualBox     Core     None     No     4.4    
Local     Low     High     None     Un-
changed     None     None     High     Prior to 6.1.42, prior to 7.0.6      
CVE-2023-21885     Oracle VM VirtualBox     Core     None     No     3.8    
Local     Low     Low     None     Changed     Low     None     None     Prior
to 6.1.42, prior to 7.0.6     See Note 2
CVE-2023-21889     Oracle VM VirtualBox     Core     None     No     3.8    
Local     Low     Low     None     Changed     Low     None     None     Prior
to 6.1.42, prior to 7.0.6      

Note 1: Applies to VirtualBox VMs running Windows 7 and later.
Note 2: Applies to Windows only.


Links:
[1] https://www.virtualbox.org/wiki/Changelog-7.0#v6
[2] https://www.oracle.com/security-alerts/cpujan2023.html#AppendixOVIR

You are receiving this mail because: