Linux Security
    Linux Security
    Linux Security

    openSUSE: 2020:1486-1: moderate: virtualbox

    Date
    279
    Posted By
    An update that fixes 25 vulnerabilities is now available.
       openSUSE Security Update: Security update for virtualbox
    ______________________________________________________________________________
    
    Announcement ID:    openSUSE-SU-2020:1486-1
    Rating:             moderate
    References:         #1114605 #1174075 #1174159 #1175201 
    Cross-References:   CVE-2020-14628 CVE-2020-14629 CVE-2020-14646
                        CVE-2020-14647 CVE-2020-14648 CVE-2020-14649
                        CVE-2020-14650 CVE-2020-14673 CVE-2020-14674
                        CVE-2020-14675 CVE-2020-14676 CVE-2020-14677
                        CVE-2020-14694 CVE-2020-14695 CVE-2020-14698
                        CVE-2020-14699 CVE-2020-14700 CVE-2020-14703
                        CVE-2020-14704 CVE-2020-14707 CVE-2020-14711
                        CVE-2020-14712 CVE-2020-14713 CVE-2020-14714
                        CVE-2020-14715
    Affected Products:
                        openSUSE Leap 15.2
    ______________________________________________________________________________
    
       An update that fixes 25 vulnerabilities is now available.
    
    Description:
    
       This update for virtualbox fixes the following issues:
    
       Update to Oracle version 6.1.14a.
    
         This minor update enables the building of libvirt again.
    
       Version update to 6.1.14 (released September 04 2020 by Oracle)
    
         File "fix_virtio_build.patch" is added to fix a build problem. This is a
       maintenance release. The following items were fixed and/or added: GUI:
       Fixes file name changes in the File location field when creating Virtual
       Hard Disk (bug #19286) VMM: Fixed running VMs which failed to start with
       VERR_NEM_MISSING_KERNEL_API_2 when Hyper-V is used (bug #19779 and #19804)
       Audio: fix regression in HDA emulation introduced in 6.1.0 Shared
       Clipboard: Fixed a potential crash when copying HTML data (6.1.2
       regression; bug #19226) Linux host and guest: Linux kernel version 5.8
       support EFI: Fixed reading ISO9660 filesystems on attached media (6.1.0
       regression; bug #19682) EFI: Support booting from drives attached to the
       LsiLogic SCSI and SAS controller emulations
    
       Pseudo version bump to 6.1.13, which is NOT an Oracle release.
    
         Update VB sources to run under kernel 5.8.0+ with no modifications to
       the kernel. These sources are derived from r85883 of the Oracle svn
       repository. For operations with USB{2,3}, the extension pack for revision
       140056 must be installed. Once Oracle releases 6.1.14, then the extension
       pack and VB itself will have the same revision number. File
       "fixes_for_5.8.patch" is removed as that part was fixed upstream. Fixes
       boo#1175201.
    
       Apply Oracle changes for kernel 5.8.
    
       Version bump to 6.1.12 (released July 14 2020 by Oracle)
    
         This is a maintenance release. The following items were fixed and/or
       added: File "turn_off_cloud_net.patch" added. Fixes for CVE-2020-14628,
       CVE-2020-14646, CVE-2020-14647, CVE-2020-14649 CVE-2020-14713,
       CVE-2020-14674, CVE-2020-14675, CVE-2020-14676 CVE-2020-14677,
       CVE-2020-14699, CVE-2020-14711, CVE-2020-14629 CVE-2020-14703,
       CVE-2020-14704, CVE-2020-14648, CVE-2020-14650 CVE-2020-14673,
       CVE-2020-14694, CVE-2020-14695, CVE-2020-14698 CVE-2020-14700,
       CVE-2020-14712, CVE-2020-14707, CVE-2020-14714 CVE-2020-14715 boo#1174159.
       UI: Fixes for Log-Viewer search-backward icon Devices: Fixes and
       improvements for the BusLogic SCSI controller emulation Serial Port:
       Regression fixes in FIFO data handling Oracle Cloud Infrastructure
       integration: Experimental new type of network attachment, allowing local
       VM to act as if it was run in cloud API: improved resource management in
       the guest control functionality VBoxManage: fixed command option parsing
       for the "snapshot edit" sub-command VBoxManage: Fix crash of 'VBoxManage
       internalcommands repairhd' when processing invalid input (bug #19579)
       Guest Additions, 3D: New experimental GLX graphics output Guest Additions,
       3D: Fixed releasing texture objects, which could cause guest crashes Guest
       Additions: Fixed writes to a file on a shared folder not being reflected
       on the host when the file is mmap'ed and the used Linux kernel is between
       version 4.10.0 and 4.11.x Guest Additions: Fixed the shared folder driver
       on 32bit Windows 8 and newer returning an error when flushing writes to a
       file which is mapped into memory under rare circumstances Guest Additions:
       Improve resize coverage for VMSVGA graphics controller Guest Additions:
       Fix issues detecting guest additions ISO at runtime Guest Additions: Fixed
       German translation encoding for Windows GA installer
    
    
    Patch Instructions:
    
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - openSUSE Leap 15.2:
    
          zypper in -t patch openSUSE-2020-1486=1
    
    
    
    Package List:
    
       - openSUSE Leap 15.2 (noarch):
    
          virtualbox-guest-desktop-icons-6.1.14-lp152.2.5.1
          virtualbox-guest-source-6.1.14-lp152.2.5.1
          virtualbox-host-source-6.1.14-lp152.2.5.1
    
       - openSUSE Leap 15.2 (x86_64):
    
          python3-virtualbox-6.1.14-lp152.2.5.1
          python3-virtualbox-debuginfo-6.1.14-lp152.2.5.1
          virtualbox-6.1.14-lp152.2.5.1
          virtualbox-debuginfo-6.1.14-lp152.2.5.1
          virtualbox-debugsource-6.1.14-lp152.2.5.1
          virtualbox-devel-6.1.14-lp152.2.5.1
          virtualbox-guest-tools-6.1.14-lp152.2.5.1
          virtualbox-guest-tools-debuginfo-6.1.14-lp152.2.5.1
          virtualbox-guest-x11-6.1.14-lp152.2.5.1
          virtualbox-guest-x11-debuginfo-6.1.14-lp152.2.5.1
          virtualbox-kmp-debugsource-6.1.14-lp152.2.5.1
          virtualbox-kmp-default-6.1.14_k5.3.18_lp152.41-lp152.2.5.1
          virtualbox-kmp-default-debuginfo-6.1.14_k5.3.18_lp152.41-lp152.2.5.1
          virtualbox-kmp-preempt-6.1.14_k5.3.18_lp152.41-lp152.2.5.1
          virtualbox-kmp-preempt-debuginfo-6.1.14_k5.3.18_lp152.41-lp152.2.5.1
          virtualbox-qt-6.1.14-lp152.2.5.1
          virtualbox-qt-debuginfo-6.1.14-lp152.2.5.1
          virtualbox-vnc-6.1.14-lp152.2.5.1
          virtualbox-websrv-6.1.14-lp152.2.5.1
          virtualbox-websrv-debuginfo-6.1.14-lp152.2.5.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2020-14628.html
       https://www.suse.com/security/cve/CVE-2020-14629.html
       https://www.suse.com/security/cve/CVE-2020-14646.html
       https://www.suse.com/security/cve/CVE-2020-14647.html
       https://www.suse.com/security/cve/CVE-2020-14648.html
       https://www.suse.com/security/cve/CVE-2020-14649.html
       https://www.suse.com/security/cve/CVE-2020-14650.html
       https://www.suse.com/security/cve/CVE-2020-14673.html
       https://www.suse.com/security/cve/CVE-2020-14674.html
       https://www.suse.com/security/cve/CVE-2020-14675.html
       https://www.suse.com/security/cve/CVE-2020-14676.html
       https://www.suse.com/security/cve/CVE-2020-14677.html
       https://www.suse.com/security/cve/CVE-2020-14694.html
       https://www.suse.com/security/cve/CVE-2020-14695.html
       https://www.suse.com/security/cve/CVE-2020-14698.html
       https://www.suse.com/security/cve/CVE-2020-14699.html
       https://www.suse.com/security/cve/CVE-2020-14700.html
       https://www.suse.com/security/cve/CVE-2020-14703.html
       https://www.suse.com/security/cve/CVE-2020-14704.html
       https://www.suse.com/security/cve/CVE-2020-14707.html
       https://www.suse.com/security/cve/CVE-2020-14711.html
       https://www.suse.com/security/cve/CVE-2020-14712.html
       https://www.suse.com/security/cve/CVE-2020-14713.html
       https://www.suse.com/security/cve/CVE-2020-14714.html
       https://www.suse.com/security/cve/CVE-2020-14715.html
       https://bugzilla.suse.com/1114605
       https://bugzilla.suse.com/1174075
       https://bugzilla.suse.com/1174159
       https://bugzilla.suse.com/1175201
    
    -- 
    

    Advisories

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/41-ubuntu-is-a-more-secure-distro-than-fedora?task=poll.vote&format=json
    41
    radio
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.