Package: virtualbox
Severity: grave
Tags: security
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Several vulnerabilities have been reported in VirtualBox. Details are scarce, so
please get in touch with upstream for more information on eventual backports
to oldstable/stable. Judging from the CVSS scores this is likely only local
denial of service, in that case we likely don't need a DSA.
CVE-2013-5892
CVE-2014-0407
CVE-2014-0406
CVE-2014-0404
In addition CVE-2014-0405 seems to affect virtualbox-guest-additions-iso from
non-free
Cheers,
Moritz
_______________________________________________
Secure-testing-team mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
