[Pkg-virtualbox-devel] Bug#611925: Bug#611925: CVE-2010-4414: Does it affect Debian?
Frank Mehnert
frank.mehnert at oracle.com
Thu Feb 3 20:40:15 UTC 2011
This does only affect VirtualBox 4.0.0, not VirtualBox 4.0.2.
Kind regards,
Frank
On Thursday 03 February 2011 21:25:53 Moritz Muehlenhoff wrote:
> Package: virtualbox-ose
> Version: 3.2.10-dfsg-1
> Severity: important
> Tags: security
>
> Hi,
> the VirtualBox developers have released an advisory for virtualbox,
> which has been assigned CVE-2010-4414.
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4414
>
> This might only affect proprietary addons, could you check with
> upstream?
>
> Cheers,
> Moritz
>
> -- System Information:
> Debian Release: 6.0
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages virtualbox-ose depends on:
> ii adduser 3.112+nmu2 add and remove users and
> groups ii libc6 2.11.2-10 Embedded GNU C
> Library: Shared lib ii libcurl3 7.21.0-1
> Multi-protocol file transfer libra ii libgcc1 1:4.4.5-8
> GCC support library
> ii libpng12-0 1.2.44-1 PNG library - runtime
> ii libpython2.6 2.6.6-8+b1 Shared Python runtime library
> (ver ii libsdl1.2debian 1.2.14-6.1 Simple DirectMedia Layer
> ii libssl0.9.8 0.9.8o-4 SSL shared libraries
> ii libstdc++6 4.4.5-8 The GNU Standard C++ Library
> v3 ii libvncserver0 0.9.7-2+b1 API to write one's own vnc
> server ii libx11-6 2:1.3.3-4 X11 client-side
> library ii libxcursor1 1:1.1.10-2 X cursor management
> library ii libxext6 2:1.1.2-1 X11 miscellaneous
> extension librar ii libxml2 2.7.8.dfsg-2 GNOME XML
> library
> ii libxmu6 2:1.0.5-2 X11 miscellaneous utility
> library ii libxt6 1:1.0.7-1 X11 toolkit
> intrinsics library ii python 2.6.6-3+squeeze5
> interactive high-level object-orie ii python-central 0.6.16+nmu1
> register and build utility for Pyt ii zlib1g
> 1:1.2.3.4.dfsg-3 compression library - runtime
>
> Versions of packages virtualbox-ose recommends:
> ii libgl1-mesa-glx [libgl1] 7.7.1-4 A free implementation of the
> OpenG ii libqt4-opengl 4:4.6.3-4 Qt 4 OpenGL module
> ii libqtcore4 4:4.6.3-4 Qt 4 core module
> ii libqtgui4 4:4.6.3-4 Qt 4 GUI module
> ii virtualbox-ose-dkms 3.2.10-dfsg-1 x86 virtualization solution -
> kern ii virtualbox-ose-qt 3.2.10-dfsg-1 x86 virtualization
> solution - Qt b
>
> Versions of packages virtualbox-ose suggests:
> ii libasound2 1.0.23-2.1 shared library for ALSA
> applicatio ii libpulse0 0.9.21-3+b1 PulseAudio client
> libraries pn vde2 <none> (no description
> available) pn virtualbox-guest-additions <none> (no description
> available)
>
> -- no debconf information
>
>
>
> _______________________________________________
> Pkg-virtualbox-devel mailing list
> Pkg-virtualbox-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-virtualbox-devel
--
ORACLE Deutschland B.V. & Co. KG Dr.-Ing. Frank Mehnert
Werkstrasse 24 Staff Engineer, VirtualBox
71384 Weinstadt, Germany mailto:frank.mehnert at oracle.com
Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603
Komplementärin: ORACLE Deutschland Verwaltung B.V.
Rijnzathe 6, 3454PV De Meern, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-virtualbox-devel/attachments/20110203/b8c039d4/attachment-0003.pgp>
More information about the Pkg-virtualbox-devel
mailing list