UbuntuUpdates.org

Package "virtualbox"

Name: virtualbox

Description:

x86 virtualization solution - base binaries

Latest version: 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.2
Release: trusty (14.04)
Level: security
Repository: multiverse
Homepage: http://www.virtualbox.org/

Links

Save this URL for the latest version of "virtualbox": https://www.ubuntuupdates.org/virtualbox


Download "virtualbox"


Other versions of "virtualbox" in Trusty

Repository Area Version
base multiverse 4.3.10-dfsg-1
updates multiverse 4.3.40-dfsg-0ubuntu14.04.1
proposed multiverse 4.3.40-dfsg-0ubuntu14.04.1
PPA: Mint upstream 4.3.18-dfsg-1~ubuntu1~trusty1
PPA: Mint upstream 5.0.4-dfsg-2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.2 2019-01-22 22:06:50 UTC

  virtualbox (4.3.36-dfsg-1+deb8u1ubuntu1.14.04.2) trusty-security; urgency=medium

  * debian/patches/fix-for-guest-to-host-escape-vulnerability.patch:
    - Apply patch for guest-to-host escape vulnerability (LP: #1809156)
    - CVE-2018-3294

 -- Martin Konrad <email address hidden> Wed, 26 Dec 2018 19:41:57 -0500

Source diff to previous version
1809156 E1000 guest to host escape
CVE-2018-3294 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to

Version: 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1 2016-02-01 08:06:27 UTC

  virtualbox (4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1) trusty-security; urgency=medium

  * Upload to trusty-security (LP: #1538115)

Source diff to previous version
1538115 virtualbox SRU for CVEs

Version: 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1 2015-11-25 15:06:27 UTC

  virtualbox (4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1) trusty-security; urgency=medium

  * New upstream bugfix release. (LP: #1517161)
    - drop patches and rebase with debian jessie-security upload
    - all CVEs are fixed in the upstream import, drop all the CVE
      patches.

 -- Gianfranco Costamagna Tue, 17 Nov 2015 14:44:04 +0100

Source diff to previous version
1517161 virtualbox SRU for CVE

Version: 4.3.10-dfsg-1ubuntu5 2015-05-22 06:06:41 UTC

  virtualbox (4.3.10-dfsg-1ubuntu5) trusty-security; urgency=medium

  * d/p/CVE-2015-3456.patch fix for CVE-2015-3456 a.k.a. VENOM
    (Closes: #785424, LP: #1456553)

 -- Gianfranco Costamagna <email address hidden> Tue, 19 May 2015 12:14:01 +0200

Source diff to previous version
1456553 CVE-2015-3456
785424 virtualbox: CVE-2015-3456: floppy driver host code execution - Debian Bug report logs
CVE-2015-3456 vulnerability in QEMU's virtual Floppy Disk Controller

Version: 4.3.10-dfsg-1ubuntu2 2015-02-03 05:06:11 UTC

  virtualbox (4.3.10-dfsg-1ubuntu2) trusty-security; urgency=high

  [ Seth Arnold standardizing the changelog entry ]
  * SECURITY UPDATE: multiple flaws in experimental video code (LP: #1413603)
    - CVE-2014-6595
    - CVE-2014-6590
    - CVE-2014-6589
    - CVE-2014-6588
    - CVE-2015-0427

  [ Frank Mehnert ]
  * d/rules: Disable experimental code by exporting
    VBOX_WITH_VMSVGA= VBOX_WITH_VMSVGA3D=
    this fixes CVE-2014-6595, CVE-2014-6590, CVE-2014-6589,
    CVE-2014-6588 and CVE-2015-0427. (Closes: #775888)
 -- Gianfranco Costamagna <email address hidden> Thu, 22 Jan 2015 10:51:40 +0100

1413603 virtualbox multiple security vulnerabilities
775888 virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427 - Debian Bug report logs
CVE-2014-6595 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integr
CVE-2014-6590 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integr
CVE-2014-6589 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integr
CVE-2014-6588 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integr
CVE-2015-0427 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect inte



About   -   Send Feedback to @ubuntu_updates