Public bug reported: SRU updates for Virtualbox, - fix all CVEs around the package (upstream refuses to give targeted fixes) cfr: debian #794466 - ship kernel modules compatible with latest kernels (fixing e.g. 1457780 1358157 and the hundred of duplicates) - port the new virtualbox kernel modules features (from Adam Conrad) also to trusty, because now the kernel module is also provided by the kernel itself
SRU: 1) wily: update SRU to xenial 5.0.10-dfsg-2 (sync ongoing) No regression potential, just security fixes and bug fixes (upstream takes care of auto testing, and I usually test deeply virtualbox prior to release) 2) vivid: is this needed? let me know, I can update it without issues (same update as the trusty one) 3) trusty: update from 4.3.10 to 4.3.34 I started from the Debian version that landed in -security some time ago, and I rebased with the ubuntu changelogs. no notable differences a part of the changelog. testing has been fine, except for the part that I couldn't install the current virtualbox-dkms because of the build failures (now trusty images comes with shipped 3.19 that makes the dkms build fail). so, directly installed the 4.3.34 and everything was fine. 4) precise: update from 4.1.12 to 4.1.44 I started from the Debian version that landed in -security some time ago, and I rebased with the ubuntu changelogs. differences between debian for precise: changelog, version (debian has 4.1.42 ubuntu has 4.1.44, but this is a really minor difference) 2 patches: - fix a build failure because LIBVNCSERVER_IPv6 is defined but there is no ipv6port exposed (this shouldn't be a problem to comment that part) - fix a runtime dkms build failure, because newer kernel such as trusty- lts has CONFIG_X86_SMAP defined, and virtualbox 4.1.x is known to *not* work with it. this is a "*regression*" in the kernel and virtualbox doesn't work also in 4.1.12 anymore with it (it affects broadwell/skylake cpus only). the real fix would be to upgrade to virtualbox 4.2, but since nobody so far complained about this problem, I guess we can avoid this major upgrade testing has been successful, I installed trusty on a vm, upgraded virtualbox to 4.1.44, and trusty was still starting ok, even with the old precise kernel, and the lts-trusty one. packages uploaded here https://launchpad.net/~costamagnagianfranco/+archive/ubuntu/costamagnagianfranco-ppa/+packages I'm not happy with this request, but well, I monitor for bugs, and I guess I'll continue doing my best in keeping virtualbox working correctly (I couldn't before because I was forced by the MRE updates impossibility) ** Affects: virtualbox (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1517161 Title: virtualbox SRU for CVE To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1517161/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
