Mailinglist Archive: opensuse-updates (118 mails)

< Previous Next >
openSUSE-SU-2016:2623-1: moderate: Security update for virtualbox
openSUSE Security Update: Security update for virtualbox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:2623-1
Rating: moderate
References: #1005621 #983629
Cross-References: CVE-2016-5501 CVE-2016-5538 CVE-2016-5605
CVE-2016-5608 CVE-2016-5610 CVE-2016-5611
CVE-2016-5613
Affected Products:
openSUSE 13.2
______________________________________________________________________________

An update that fixes 7 vulnerabilities is now available.

Description:


This update for virtualbox fixes the following issues:

- Address CVE-2016-5501, CVE-2016-5538, CVE-2016-5605, CVE-2016-5608,
CVE-2016-5610, CVE-2016-5611, CVE-2016-5613 (boo#1005621).
- Reduce memory needs during build.
- Version bump to 5.0.28 (released 2016-10-18 by Oracle) This is a
maintenance release. The following items were fixed and/or added: NAT:
Don't exceed the maximum number of "search" suffixes. Patch from bug
#15948. NAT: fixed parsing of port-forwarding rules with a name which
contains a slash (bug #16002) NAT Network: when the host has only
loopback nameserver that cannot be mapped to the guests (e.g. dnsmasq
running on 127.0.1.1), make DHCP supply NAT Network DNS proxy as
nameserver. Bridged Network: prevent flooding syslog with packet
allocation error messages (bug #15569) USB: fixed a possible crash when
detaching a USB device Audio: fixes for recording (Mac OS X hosts only)
Audio: now using Audio Queues on Mac OS X hosts OVF: improve importing
of VMs created by VirtualBox 5.1 VHDX: fixed cloning images with
VBoxManage cloned (bug #14288) Storage: Fixed broken bandwidth
limitation when the limit is very low (bug #14982) Serial: Fixed high
CPU usage with certain USB to serial converters on Linux hosts (bug
#7796) BIOS: fixed 4bpp scanline calculation (bug #15787) VBoxManage:
Don't try to set the medium type if there is no change (bug #13850) API:
fixed initialization of SAS controllers (bug #15972) Linux hosts: don't
use 32-bit legacy capabilities Linux hosts / guests: fix for kernels
with CONFIG_CPUMASK_OFFSTACK set (bug #16020) Linux Additions: several
fixes for X11 guests running non-root X servers Linux Additions: fix for
Linux 4.7 (bug #15769) Linux Additions: fix for the display kmod driver
with Linux 4.8 (bugs #15890 and #15896) Windows Additions: auto-resizing
fixes for Windows 10 guests (bug #15257) Windows Additions: fixes for
arranging the guest screens in multi-screen scenarios Windows Additions
/ VGA: if the guest's power management turns a virtual screen off, blank
the corresponding VM window rather than hide the VM window Windows
Additions: fixed a generic bug which could lead to freezing shared
folders (bug #15662)
- Modify virtualbox-guest-preamble and virtualbox-host-preamble to
obsolete old versions of the kernel modules. This change should fix the
problem in (boo#983629).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2016-1226=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (i586 x86_64):

python-virtualbox-5.0.28-54.1
python-virtualbox-debuginfo-5.0.28-54.1
virtualbox-5.0.28-54.1
virtualbox-debuginfo-5.0.28-54.1
virtualbox-debugsource-5.0.28-54.1
virtualbox-devel-5.0.28-54.1
virtualbox-guest-kmp-default-5.0.28_k3.16.7_42-54.1
virtualbox-guest-kmp-default-debuginfo-5.0.28_k3.16.7_42-54.1
virtualbox-guest-kmp-desktop-5.0.28_k3.16.7_42-54.1
virtualbox-guest-kmp-desktop-debuginfo-5.0.28_k3.16.7_42-54.1
virtualbox-guest-tools-5.0.28-54.1
virtualbox-guest-tools-debuginfo-5.0.28-54.1
virtualbox-guest-x11-5.0.28-54.1
virtualbox-guest-x11-debuginfo-5.0.28-54.1
virtualbox-host-kmp-default-5.0.28_k3.16.7_42-54.1
virtualbox-host-kmp-default-debuginfo-5.0.28_k3.16.7_42-54.1
virtualbox-host-kmp-desktop-5.0.28_k3.16.7_42-54.1
virtualbox-host-kmp-desktop-debuginfo-5.0.28_k3.16.7_42-54.1
virtualbox-qt-5.0.28-54.1
virtualbox-qt-debuginfo-5.0.28-54.1
virtualbox-websrv-5.0.28-54.1
virtualbox-websrv-debuginfo-5.0.28-54.1

- openSUSE 13.2 (noarch):

virtualbox-guest-desktop-icons-5.0.28-54.1
virtualbox-host-source-5.0.28-54.1

- openSUSE 13.2 (i586):

virtualbox-guest-kmp-pae-5.0.28_k3.16.7_42-54.1
virtualbox-guest-kmp-pae-debuginfo-5.0.28_k3.16.7_42-54.1
virtualbox-host-kmp-pae-5.0.28_k3.16.7_42-54.1
virtualbox-host-kmp-pae-debuginfo-5.0.28_k3.16.7_42-54.1


References:

https://www.suse.com/security/cve/CVE-2016-5501.html
https://www.suse.com/security/cve/CVE-2016-5538.html
https://www.suse.com/security/cve/CVE-2016-5605.html
https://www.suse.com/security/cve/CVE-2016-5608.html
https://www.suse.com/security/cve/CVE-2016-5610.html
https://www.suse.com/security/cve/CVE-2016-5611.html
https://www.suse.com/security/cve/CVE-2016-5613.html
https://bugzilla.suse.com/1005621
https://bugzilla.suse.com/983629


< Previous Next >
This Thread
  • No further messages