Mailinglist Archive: opensuse-updates (174 mails)

< Previous Next >
openSUSE-SU-2015:2154-1: moderate: Security update for virtualbox
openSUSE Security Update: Security update for virtualbox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:2154-1
Rating: moderate
References: #951432
Cross-References: CVE-2015-4813 CVE-2015-4896
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

The virtualbox package was updated to version 4.2.36 to fix the following
security and non security issues:

- Version bump tp 4.2.36 (released 2015-11-11 by Oracle)
* several fixes - Oracle is not more specific

- Version bump to 4.2.34 (released 2015-10-20 by Oracle) (bsc#951432)
* CVE-2015-4813: Only Windows guests are impacted. Windows guests
without VirtualBox Guest Additions installed are not affected.
* CVE-2015-4896: Only VMs with Remote Display feature (RDP) enabled are
impacted by CVE-2015-4896.
* several fixes
- Linux hosts: Linux 4.2 fix
- Linux hosts: Linux 4.3 compile fixes
- Windows hosts: hardening fixes
- Linux Additions: Linux 4.2 fixes (bug #14227)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-839=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

python-virtualbox-4.2.36-2.52.2
python-virtualbox-debuginfo-4.2.36-2.52.2
virtualbox-4.2.36-2.52.2
virtualbox-debuginfo-4.2.36-2.52.2
virtualbox-debugsource-4.2.36-2.52.2
virtualbox-devel-4.2.36-2.52.2
virtualbox-guest-kmp-default-4.2.36_k3.11.10_29-2.52.2
virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.11.10_29-2.52.2
virtualbox-guest-kmp-desktop-4.2.36_k3.11.10_29-2.52.2
virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.11.10_29-2.52.2
virtualbox-guest-tools-4.2.36-2.52.2
virtualbox-guest-tools-debuginfo-4.2.36-2.52.2
virtualbox-guest-x11-4.2.36-2.52.2
virtualbox-guest-x11-debuginfo-4.2.36-2.52.2
virtualbox-host-kmp-default-4.2.36_k3.11.10_29-2.52.2
virtualbox-host-kmp-default-debuginfo-4.2.36_k3.11.10_29-2.52.2
virtualbox-host-kmp-desktop-4.2.36_k3.11.10_29-2.52.2
virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.11.10_29-2.52.2
virtualbox-qt-4.2.36-2.52.2
virtualbox-qt-debuginfo-4.2.36-2.52.2
virtualbox-websrv-4.2.36-2.52.2
virtualbox-websrv-debuginfo-4.2.36-2.52.2

- openSUSE 13.1 (noarch):

virtualbox-host-source-4.2.36-2.52.2

- openSUSE 13.1 (i586):

virtualbox-guest-kmp-pae-4.2.36_k3.11.10_29-2.52.2
virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.11.10_29-2.52.2
virtualbox-host-kmp-pae-4.2.36_k3.11.10_29-2.52.2
virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.11.10_29-2.52.2


References:

https://www.suse.com/security/cve/CVE-2015-4813.html
https://www.suse.com/security/cve/CVE-2015-4896.html
https://bugzilla.suse.com/951432


< Previous Next >
This Thread
  • No further messages