Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

openSUSE: 2022:10067-1 Important: VirtualBox Security Update

opensuse
Calendar Grey July 27, 2022
Dist Opensuse Esm H88
Essential patches for openSUSE targeting various weaknesses in virtualbox to improve overall system protection.
An update that solves 7 vulnerabilities and has one errata is now available

Description

This update for virtualbox fixes the following issues:

- Save and restore FPU status during interrupt. (boo#1199803)

- Update support of building with Python

- Replace SDL-devel BuildRequires with pkgconfig(sdl): allow to use

sdl12_compat as an alternative.

Version bump to 6.1.36 released by Oracle July 19 2022

This is a maintenance release. The following items were fixed and/or added:

- VMM: Fixed possible Linux guest kernel crash when configuring

Speculative Store Bypass for a single vCPU VM

- GUI: In the storage page of the virtual machine settings dialog, fixed a

bug which disrupted mouse interaction with the native file selector on

KDE

- NAT: Prevent issue when host resolver incorrectly returned NXDOMAIN for

unsupported queries (bug #20977)

- Audio: General improvements in saved state area

- Recording: Various fixes for settings handling

- VGA: Performance improvements for screen updates when VBE banking is used

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update threat important system security openSUSE virtualbox

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-2022-10067=1

Package List

- openSUSE Leap 15.4 (noarch):

virtualbox-guest-desktop-icons-6.1.36-lp154.2.7.1

virtualbox-guest-source-6.1.36-lp154.2.7.1

virtualbox-host-source-6.1.36-lp154.2.7.1

- openSUSE Leap 15.4 (x86_64):

python3-virtualbox-6.1.36-lp154.2.7.1

python3-virtualbox-debuginfo-6.1.36-lp154.2.7.1

virtualbox-6.1.36-lp154.2.7.1

virtualbox-debuginfo-6.1.36-lp154.2.7.1

virtualbox-debugsource-6.1.36-lp154.2.7.1

virtualbox-devel-6.1.36-lp154.2.7.1

virtualbox-guest-tools-6.1.36-lp154.2.7.1

virtualbox-guest-tools-debuginfo-6.1.36-lp154.2.7.1

virtualbox-guest-x11-6.1.36-lp154.2.7.1

virtualbox-guest-x11-debuginfo-6.1.36-lp154.2.7.1

virtualbox-kmp-debugsource-6.1.36-lp154.2.7.1

virtualbox-kmp-default-6.1.36_k5.14.21_150400.24.11-lp154.2.7.1

virtualbox-kmp-default-debuginfo-6.1.36_k5.14.21_150400.24.11-lp154.2.7.1

virtualbox-qt-6.1.36-lp154.2.7.1

virtualbox-qt-debuginfo-6.1.36-lp154.2.7.1

virtualbox-vnc-6.1.36-lp154.2.7.1

virtualbox-websrv-6.1.36-lp154.2.7.1

virtualbox-websrv-debuginfo-6.1.36-lp154.2.7.1

References

https://www.suse.com/security/cve/CVE-2022-21465.html

https://www.suse.com/security/cve/CVE-2022-21471.html

https://www.suse.com/security/cve/CVE-2022-21487.html

https://www.suse.com/security/cve/CVE-2022-21488.html

https://www.suse.com/security/cve/CVE-2022-21491.html

https://www.suse.com/security/cve/CVE-2022-21554.html

https://www.suse.com/security/cve/CVE-2022-21571.html

https://bugzilla.suse.com/1198676

https://bugzilla.suse.com/1198677

https://bugzilla.suse.com/1198678

https://bugzilla.suse.com/1198679

https://bugzilla.suse.com/1198680

https://bugzilla.suse.com/1198703

https://bugzilla.suse.com/1199803

https://bugzilla.suse.com/1201720

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:10067-1
Rating: important
Affected Products: openSUSE Leap 15.4 ble.

Topics%20covered

Topics Covered

security advisory update threat important system security openSUSE virtualbox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here