openSUSE Security Update: Security update for virtualbox
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2023:0213-1
Rating:             important
References:         #1209727 #1211941 #1212209 #1212761 
Affected Products:
                    openSUSE Leap 15.5
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This update for virtualbox fixes the following issues:

   VirtualBox 7.0.10 (released July 18 2023)

   This is a maintenance release. The following items were fixed and/or added:

   - OCI: Introduced general improvements
   - VMM: Fixed a bug while walking page tables while executing nested VMs
     causing flooding of the release log as a consequence (Intel hosts only,
     bug #21551)
   - GUI: Added general improvements
   - TPM: Fixed a crash when a VM has a TPM version 1.2 configured (bug
     #21622)
   - 3D: Initial support for OpenGL 4.1
   - 3D: Fixed various graphics issues with Windows 11 guests (bugs #21136,
     #21515)
   - Guest Control/VBoxManage: Fixed parameter "--ignore-orphaned-processes"
   - Guest Control/VBoxManage: Fixed behavior of how handling argument 0 for
     a started guest process works: One can now explicitly specify it with
     the newly added option "--arg0". This will effectively restore the
     behavior of former VirtualBox versions
   - Audio: Also use the PulseAudio backend when pipewire-pulse is running
     instead of falling back to ALSA (bug #21575)
   - NAT: Adjusted UDP proxy timeout from 18-21 to 21-24 range to respect
     intended 20 second timeout (bug #21560)
   - Linux Host: Added initial support for Indirect Branch Tracking (bug
     #21435)
   - Linux Host: Added initial support for kernel 6.5 (NOTE: Guest Additions
     do not support kernel 6.5 yet)
   - Linux Host and Guest: Improved condition check when kernel modules need
     to be signed
   - Linux Host and Guest: Added initial support for RHEL 8.8 (bug #21692),
     8.9 (bug #21690) and 9.3 (bugs #21598 and #21671) kernels
   - Linux Guest Additions: Fixed issue when kernel modules were rebuilt on
     each boot when guest system has no X11 installed
   - Linux Guest Additions: Added initial support for kernel 6.4
   - Linux Guest Additions: Fixed issue when vboxvideo module reloading
     caused kernel panic in some guests (bug #21740)
   - Linux Guest Additions: Introduced general improvements in the installer
     area
   - Windows Guest Additions: Introduced general improvements in graphics
     drivers area
   - Fix issue with kernel on newer CPU (boo#1212209)

   - Turn build of VBoxSDL back on. This update addresses boo#1211941.
   - Detect vboxpython module with python 3.11
   - Fix Vagrant/virtualbox startup problems boo#1209727


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.5:

      zypper in -t patch openSUSE-2023-213=1



Package List:

   - openSUSE Leap 15.5 (noarch):

      virtualbox-guest-desktop-icons-7.0.10-lp155.2.5.1
      virtualbox-guest-source-7.0.10-lp155.2.5.1
      virtualbox-host-source-7.0.10-lp155.2.5.1

   - openSUSE Leap 15.5 (x86_64):

      python3-virtualbox-7.0.10-lp155.2.5.1
      python3-virtualbox-debuginfo-7.0.10-lp155.2.5.1
      virtualbox-7.0.10-lp155.2.5.1
      virtualbox-debuginfo-7.0.10-lp155.2.5.1
      virtualbox-debugsource-7.0.10-lp155.2.5.1
      virtualbox-devel-7.0.10-lp155.2.5.1
      virtualbox-guest-tools-7.0.10-lp155.2.5.1
      virtualbox-guest-tools-debuginfo-7.0.10-lp155.2.5.1
      virtualbox-kmp-debugsource-7.0.10-lp155.2.5.1
      virtualbox-kmp-default-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1
      virtualbox-kmp-default-debuginfo-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1
      virtualbox-qt-7.0.10-lp155.2.5.1
      virtualbox-qt-debuginfo-7.0.10-lp155.2.5.1
      virtualbox-vnc-7.0.10-lp155.2.5.1
      virtualbox-websrv-7.0.10-lp155.2.5.1
      virtualbox-websrv-debuginfo-7.0.10-lp155.2.5.1


References:

   https://bugzilla.suse.com/1209727
   https://bugzilla.suse.com/1211941
   https://bugzilla.suse.com/1212209
   https://bugzilla.suse.com/1212761

openSUSE: 2023:0213-1 important: virtualbox

August 6, 2023
An update that contains security fixes can now be installed

Description

This update for virtualbox fixes the following issues: VirtualBox 7.0.10 (released July 18 2023) This is a maintenance release. The following items were fixed and/or added: - OCI: Introduced general improvements - VMM: Fixed a bug while walking page tables while executing nested VMs causing flooding of the release log as a consequence (Intel hosts only, bug #21551) - GUI: Added general improvements - TPM: Fixed a crash when a VM has a TPM version 1.2 configured (bug #21622) - 3D: Initial support for OpenGL 4.1 - 3D: Fixed various graphics issues with Windows 11 guests (bugs #21136, #21515) - Guest Control/VBoxManage: Fixed parameter "--ignore-orphaned-processes" - Guest Control/VBoxManage: Fixed behavior of how handling argument 0 for a started guest process works: One can now explicitly specify it with the newly added option "--arg0". This will effectively restore the behavior of former VirtualBox versions - Audio: Also use the PulseAudio backend when pipewire-pulse is running instead of falling back to ALSA (bug #21575) - NAT: Adjusted UDP proxy timeout from 18-21 to 21-24 range to respect intended 20 second timeout (bug #21560) - Linux Host: Added initial support for Indirect Branch Tracking (bug #21435) - Linux Host: Added initial support for kernel 6.5 (NOTE: Guest Additions do not support kernel 6.5 yet) - Linux Host and Guest: Improved condition check when kernel modules need to be signed - Linux Host and Guest: Added initial support for RHEL 8.8 (bug #21692), 8.9 (bug #21690) and 9.3 (bugs #21598 and #21671) kernels - Linux Guest Additions: Fixed issue when kernel modules were rebuilt on each boot when guest system has no X11 installed - Linux Guest Additions: Added initial support for kernel 6.4 - Linux Guest Additions: Fixed issue when vboxvideo module reloading caused kernel panic in some guests (bug #21740) - Linux Guest Additions: Introduced general improvements in the installer area - Windows Guest Additions: Introduced general improvements in graphics drivers area - Fix issue with kernel on newer CPU (boo#1212209) - Turn build of VBoxSDL back on. This update addresses boo#1211941. - Detect vboxpython module with python 3.11 - Fix Vagrant/virtualbox startup problems boo#1209727

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5: zypper in -t patch openSUSE-2023-213=1


Package List

- openSUSE Leap 15.5 (noarch): virtualbox-guest-desktop-icons-7.0.10-lp155.2.5.1 virtualbox-guest-source-7.0.10-lp155.2.5.1 virtualbox-host-source-7.0.10-lp155.2.5.1 - openSUSE Leap 15.5 (x86_64): python3-virtualbox-7.0.10-lp155.2.5.1 python3-virtualbox-debuginfo-7.0.10-lp155.2.5.1 virtualbox-7.0.10-lp155.2.5.1 virtualbox-debuginfo-7.0.10-lp155.2.5.1 virtualbox-debugsource-7.0.10-lp155.2.5.1 virtualbox-devel-7.0.10-lp155.2.5.1 virtualbox-guest-tools-7.0.10-lp155.2.5.1 virtualbox-guest-tools-debuginfo-7.0.10-lp155.2.5.1 virtualbox-kmp-debugsource-7.0.10-lp155.2.5.1 virtualbox-kmp-default-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1 virtualbox-kmp-default-debuginfo-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1 virtualbox-qt-7.0.10-lp155.2.5.1 virtualbox-qt-debuginfo-7.0.10-lp155.2.5.1 virtualbox-vnc-7.0.10-lp155.2.5.1 virtualbox-websrv-7.0.10-lp155.2.5.1 virtualbox-websrv-debuginfo-7.0.10-lp155.2.5.1


References

https://bugzilla.suse.com/1209727 https://bugzilla.suse.com/1211941 https://bugzilla.suse.com/1212209 https://bugzilla.suse.com/1212761


Severity
Announcement ID: openSUSE-SU-2023:0213-1
Rating: important
Affected Products: openSUSE Leap 15.5 .

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The Kinsing hacker group, or H2Miner, has been orchestrating illicit cryptocurrency mining campaigns since 2019 and poses a persistent security
32.Lock Code Circular Esm H320
2 - 3 min read
The Kimsuky APT group, reportedly linked to North Korea's Reconnaissance General Bureau (RGB), has been identified deploying a Linux version of its
4.Lock AbstractDigital Esm H320
2 - 3 min read
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport
28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved