subject:"Bug#611925\: \[Pkg\-virtualbox\-devel\] Bug#611925\: CVE\-2010\-4414\: Does it affect Debian\?"

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

2011-02-04 Thread Frank Mehnert

On Thursday 03 February 2011 22:16:39 Moritz Muehlenhoff wrote:
 On Thu, Feb 03, 2011 at 09:40:15PM +0100, Frank Mehnert wrote:
  This does only affect VirtualBox 4.0.0, not VirtualBox 4.0.2.
 
 Thanks. What's the status of releases  4.0.0, like the 3.2.10 from Debian?
 Are they also unaffected?

No. As I said: Only version 4.0.0 is affected.

Kind regards,

Frank
-- 
ORACLE Deutschland B.V.  Co. KG   Dr.-Ing. Frank Mehnert
Werkstrasse 24 Staff Engineer, VirtualBox
71384 Weinstadt, Germany   mailto:frank.mehn...@oracle.com

Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Rijnzathe 6, 3454PV De Meern, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven


signature.asc
Description: This is a digitally signed message part.

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

2011-02-03 Thread Moritz Muehlenhoff

On Thu, Feb 03, 2011 at 09:40:15PM +0100, Frank Mehnert wrote:
 This does only affect VirtualBox 4.0.0, not VirtualBox 4.0.2.

Thanks. What's the status of releases  4.0.0, like the 3.2.10 from Debian?
Are they also unaffected?

Cheers,
Moritz



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

2011-02-03 Thread Frank Mehnert

This does only affect VirtualBox 4.0.0, not VirtualBox 4.0.2.

Kind regards,

Frank

On Thursday 03 February 2011 21:25:53 Moritz Muehlenhoff wrote:
 Package: virtualbox-ose
 Version: 3.2.10-dfsg-1
 Severity: important
 Tags: security
 
 Hi,
 the VirtualBox developers have released an advisory for virtualbox,
 which has been assigned CVE-2010-4414.
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4414
 
 This might only affect proprietary addons, could you check with
 upstream?
 
 Cheers,
 Moritz
 
 -- System Information:
 Debian Release: 6.0
   APT prefers testing
   APT policy: (500, 'testing')
 Architecture: amd64 (x86_64)
 
 Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
 Shell: /bin/sh linked to /bin/dash
 
 Versions of packages virtualbox-ose depends on:
 ii  adduser 3.112+nmu2   add and remove users and
 groups ii  libc6   2.11.2-10Embedded GNU C
 Library: Shared lib ii  libcurl37.21.0-1
 Multi-protocol file transfer libra ii  libgcc1 1:4.4.5-8  
  GCC support library
 ii  libpng12-0  1.2.44-1 PNG library - runtime
 ii  libpython2.62.6.6-8+b1   Shared Python runtime library
 (ver ii  libsdl1.2debian 1.2.14-6.1   Simple DirectMedia Layer
 ii  libssl0.9.8 0.9.8o-4 SSL shared libraries
 ii  libstdc++6  4.4.5-8  The GNU Standard C++ Library
 v3 ii  libvncserver0   0.9.7-2+b1   API to write one's own vnc
 server ii  libx11-62:1.3.3-4X11 client-side
 library ii  libxcursor1 1:1.1.10-2   X cursor management
 library ii  libxext62:1.1.2-1X11 miscellaneous
 extension librar ii  libxml2 2.7.8.dfsg-2 GNOME XML
 library
 ii  libxmu6 2:1.0.5-2X11 miscellaneous utility
 library ii  libxt6  1:1.0.7-1X11 toolkit
 intrinsics library ii  python  2.6.6-3+squeeze5
 interactive high-level object-orie ii  python-central  0.6.16+nmu1
  register and build utility for Pyt ii  zlib1g 
 1:1.2.3.4.dfsg-3 compression library - runtime
 
 Versions of packages virtualbox-ose recommends:
 ii  libgl1-mesa-glx [libgl1]   7.7.1-4   A free implementation of the
 OpenG ii  libqt4-opengl  4:4.6.3-4 Qt 4 OpenGL module
 ii  libqtcore4 4:4.6.3-4 Qt 4 core module
 ii  libqtgui4  4:4.6.3-4 Qt 4 GUI module
 ii  virtualbox-ose-dkms3.2.10-dfsg-1 x86 virtualization solution -
 kern ii  virtualbox-ose-qt  3.2.10-dfsg-1 x86 virtualization
 solution - Qt b
 
 Versions of packages virtualbox-ose suggests:
 ii  libasound2   1.0.23-2.1  shared library for ALSA
 applicatio ii  libpulse00.9.21-3+b1 PulseAudio client
 libraries pn  vde2 none  (no description
 available) pn  virtualbox-guest-additions   none  (no description
 available)
 
 -- no debconf information
 
 
 
 ___
 Pkg-virtualbox-devel mailing list
 pkg-virtualbox-de...@lists.alioth.debian.org
 http://lists.alioth.debian.org/mailman/listinfo/pkg-virtualbox-devel

-- 
ORACLE Deutschland B.V.  Co. KG   Dr.-Ing. Frank Mehnert
Werkstrasse 24 Staff Engineer, VirtualBox
71384 Weinstadt, Germany   mailto:frank.mehn...@oracle.com

Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Rijnzathe 6, 3454PV De Meern, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven


signature.asc
Description: This is a digitally signed message part.

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

Bug#611925: [Pkg-virtualbox-devel] Bug#611925: CVE-2010-4414: Does it affect Debian?

3 matches

Site Navigation

Mail list logo

Footer information