Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in kbuild und virtualbox
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in kbuild und virtualbox
ID: openSUSE-SU-2018:2524-1
Distribution: SUSE
Plattformen: SUSE openSUSE Leap 42.3
Datum: Mo, 27. August 2018, 07:51
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2837
Applikationen: kbuild, VirtualBox

Originalnachricht

   openSUSE Security Update: Security update for kbuild, virtualbox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:2524-1
Rating: important
References: #1039375 #1076372 #1079838 #1093731 #1097248
#1098050 #1101667
Cross-References: CVE-2017-5715 CVE-2018-0739 CVE-2018-2676
CVE-2018-2685 CVE-2018-2686 CVE-2018-2687
CVE-2018-2688 CVE-2018-2689 CVE-2018-2690
CVE-2018-2693 CVE-2018-2694 CVE-2018-2698
CVE-2018-2830 CVE-2018-2831 CVE-2018-2835
CVE-2018-2836 CVE-2018-2837 CVE-2018-2842
CVE-2018-2843 CVE-2018-2844 CVE-2018-2845
CVE-2018-2860 CVE-2018-3005 CVE-2018-3055
CVE-2018-3085 CVE-2018-3086 CVE-2018-3087
CVE-2018-3088 CVE-2018-3089 CVE-2018-3090
CVE-2018-3091
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 31 vulnerabilities is now available.

Description:

This update for kbuild, virtualbox fixes the following issues:

kbuild changes:

- Update to version 0.1.9998svn3110
- Do not assume glibc glob internals
- Support GLIBC glob interface version 2
- Fix build failure (boo#1079838)
- Fix build with GCC7 (boo#1039375)
- Fix build by disabling vboxvideo_drv.so

virtualbox security fixes (boo#1101667, boo#1076372):

- CVE-2018-3005
- CVE-2018-3055
- CVE-2018-3085
- CVE-2018-3086
- CVE-2018-3087
- CVE-2018-3088
- CVE-2018-3089
- CVE-2018-3090
- CVE-2018-3091
- CVE-2018-2694
- CVE-2018-2698
- CVE-2018-2685
- CVE-2018-2686
- CVE-2018-2687
- CVE-2018-2688
- CVE-2018-2689
- CVE-2018-2690
- CVE-2018-2676
- CVE-2018-2693
- CVE-2017-5715

virtualbox other changes:

- Version bump to 5.2.16
- Use %{?linux_make_arch} when building kernel modules (boo#1098050)
- Fixed vboxguestconfig.sh script
- Update warning regarding the security hole in USB passthrough.
(boo#1097248)
- Fixed include for build with Qt 5.11 (boo#1093731)
- You can find a detailed list of changes
[here](https://www.virtualbox.org/wiki/Changelog#v16)


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-938=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

kbuild-0.1.9998svn3110-4.3.1
kbuild-debuginfo-0.1.9998svn3110-4.3.1
kbuild-debugsource-0.1.9998svn3110-4.3.1

- openSUSE Leap 42.3 (x86_64):

python-virtualbox-5.2.18-56.1
python-virtualbox-debuginfo-5.2.18-56.1
virtualbox-5.2.18-56.1
virtualbox-debuginfo-5.2.18-56.1
virtualbox-debugsource-5.2.18-56.1
virtualbox-devel-5.2.18-56.1
virtualbox-guest-kmp-default-5.2.18_k4.4.143_65-56.1
virtualbox-guest-kmp-default-debuginfo-5.2.18_k4.4.143_65-56.1
virtualbox-guest-tools-5.2.18-56.1
virtualbox-guest-tools-debuginfo-5.2.18-56.1
virtualbox-guest-x11-5.2.18-56.1
virtualbox-guest-x11-debuginfo-5.2.18-56.1
virtualbox-host-kmp-default-5.2.18_k4.4.143_65-56.1
virtualbox-host-kmp-default-debuginfo-5.2.18_k4.4.143_65-56.1
virtualbox-qt-5.2.18-56.1
virtualbox-qt-debuginfo-5.2.18-56.1
virtualbox-vnc-5.2.18-56.1
virtualbox-websrv-5.2.18-56.1
virtualbox-websrv-debuginfo-5.2.18-56.1

- openSUSE Leap 42.3 (noarch):

virtualbox-guest-desktop-icons-5.2.18-56.1
virtualbox-guest-source-5.2.18-56.1
virtualbox-host-source-5.2.18-56.1


References:

https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2018-0739.html
https://www.suse.com/security/cve/CVE-2018-2676.html
https://www.suse.com/security/cve/CVE-2018-2685.html
https://www.suse.com/security/cve/CVE-2018-2686.html
https://www.suse.com/security/cve/CVE-2018-2687.html
https://www.suse.com/security/cve/CVE-2018-2688.html
https://www.suse.com/security/cve/CVE-2018-2689.html
https://www.suse.com/security/cve/CVE-2018-2690.html
https://www.suse.com/security/cve/CVE-2018-2693.html
https://www.suse.com/security/cve/CVE-2018-2694.html
https://www.suse.com/security/cve/CVE-2018-2698.html
https://www.suse.com/security/cve/CVE-2018-2830.html
https://www.suse.com/security/cve/CVE-2018-2831.html
https://www.suse.com/security/cve/CVE-2018-2835.html
https://www.suse.com/security/cve/CVE-2018-2836.html
https://www.suse.com/security/cve/CVE-2018-2837.html
https://www.suse.com/security/cve/CVE-2018-2842.html
https://www.suse.com/security/cve/CVE-2018-2843.html
https://www.suse.com/security/cve/CVE-2018-2844.html
https://www.suse.com/security/cve/CVE-2018-2845.html
https://www.suse.com/security/cve/CVE-2018-2860.html
https://www.suse.com/security/cve/CVE-2018-3005.html
https://www.suse.com/security/cve/CVE-2018-3055.html
https://www.suse.com/security/cve/CVE-2018-3085.html
https://www.suse.com/security/cve/CVE-2018-3086.html
https://www.suse.com/security/cve/CVE-2018-3087.html
https://www.suse.com/security/cve/CVE-2018-3088.html
https://www.suse.com/security/cve/CVE-2018-3089.html
https://www.suse.com/security/cve/CVE-2018-3090.html
https://www.suse.com/security/cve/CVE-2018-3091.html
https://bugzilla.suse.com/1039375
https://bugzilla.suse.com/1076372
https://bugzilla.suse.com/1079838
https://bugzilla.suse.com/1093731
https://bugzilla.suse.com/1097248
https://bugzilla.suse.com/1098050
https://bugzilla.suse.com/1101667

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung