[Pkg-virtualbox-devel] Bug#735410: virtualbox: CVE-2013-5892 CVE-2014-0407 CVE-2014-0406 CVE-2014-0404

Moritz Muehlenhoff jmm at inutil.org
Wed Jan 15 08:19:56 UTC 2014


Package: virtualbox
Severity: grave
Tags: security

http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Several vulnerabilities have been reported in VirtualBox. Details are scarce, so
please get in touch with upstream for more information on eventual backports
to oldstable/stable. Judging from the CVSS scores this is likely only local
denial of service, in that case we likely don't need a DSA.

CVE-2013-5892   
CVE-2014-0407
CVE-2014-0406
CVE-2014-0404

In addition CVE-2014-0405 seems to affect virtualbox-guest-additions-iso from non-free

Cheers,
        Moritz



More information about the Pkg-virtualbox-devel mailing list