drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in VirtualBox
Name: |
Mehrere Probleme in VirtualBox |
|
ID: |
201702-08 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 14. Februar 2017, 14:32 |
|
Referenzen: |
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3290
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3332 |
|
Applikationen: |
VirtualBox |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --8qnBenFVUNoXrJBMPE7R2TFGbL71ud8Q1 Content-Type: multipart/mixed; boundary="qR3ax4c39BBgkncCwIK8GavLkT0pKMEPm"; protected-headers="v1" From: Thomas Deutschmann <whissi@gentoo.org> Reply-To: Gentoo Security <security@gentoo.org> To: gentoo-announce@lists.gentoo.org Message-ID: <d2ed135b-ffce-f7ba-8ca8-eba3b3cf17ab@gentoo.org> Subject: [ GLSA 201702-08 ] VirtualBox: Multiple vulnerabilities
--qR3ax4c39BBgkncCwIK8GavLkT0pKMEPm Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201702-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: VirtualBox: Multiple vulnerabilities Date: February 14, 2017 Bugs: #607674 ID: 201702-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in VirtualBox, the worst of which might allow unauthorized changes to some critical or all accessible data.
Background ==========
VirtualBox is a powerful virtualization product from Oracle.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/virtualbox < 5.0.32 >= 5.0.32
Description ===========
Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details.
Impact ======
An attacker could cause a Denial of Service condition. Additionally, an attacker could create, delete or modify critical or all accessible data.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All VirtualBox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/virtualbox-5.0.32"
References ==========
[ 1 ] CVE-2016-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5545 [ 2 ] CVE-2017-3290 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3290 [ 3 ] CVE-2017-3316 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3316 [ 4 ] CVE-2017-3332 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3332
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201702-08
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--qR3ax4c39BBgkncCwIK8GavLkT0pKMEPm--
--8qnBenFVUNoXrJBMPE7R2TFGbL71ud8Q1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0
iQJ8BAEBCgBmBQJYovsOXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzM0M1ODQ4MkM0MDIyOTJEMkUzQzVDMDY5 NzA5RjkwQzNDOTZGRkM4AAoJEJcJ+Qw8lv/I10MQALVuCrV+WKU0j4bAuA2luZ5R 7o/8d3sHFKSTt97aJgvQQufxU2W1Ikt9ap3Ecq0ZVNew3wV+XQ6trj9ok3q2Ovd+ Ej0N96+/GM4HSvC7ViptgXe3Ra3I5oJKppWXs4dgV6OAB/C3nHlnwI4TTrrrbpYJ HrGK6oLg13sXphiTzv+3VQUL7aDAPoxdE5uUOIYP/9ridLHj2F6UOQTgwYamQdvz W8AYTshZF6EubdUktv06siHRjsm3rOH6vkq1vRPHeRtLE812v1Qd3ndsftAy8beJ LoIsWsysOrKcStN9pAAlUEL+RfdRkCfm6gMUPKv1e78JCrXttzx6eiBJEg+WQ+Rz uts4u6L892ocZKiPaAatPZ3jbp/Am//UkIqU0sMLiQOOv98kUQAb3RTg/BRNgJ4e cJJYnd8efIT/TCtQ/AaMpkT0VVDxW06uM1kTOeMt7WONCzrRTKLPkWXfe1RVWL9h k9bf59lz4F1YO56k6MCjEwlPp2TFzn3Nm4gn6p/pVh/xpJQwss7uNo0dCkc6b/Zk jG6kzYG3BbYp7Z+94mziAPVXS/F4gCIPpie3u5Zc04tANgI5jt8eBGCZn31Y2Oa2 YxM0Xc5eBPpwuMX+YW+o9TL3Vg/1bCrMcLXsE3KkoDi6VSb6G8c/dswMOtWWLVMB kKPhdrmEEhqYnSnnbUgz =Gm/k -----END PGP SIGNATURE-----
--8qnBenFVUNoXrJBMPE7R2TFGbL71ud8Q1--
|
|
|
|