17571 – Update request: virtualbox-5.0.14-1.mga5

Bug 17571 - Update request: virtualbox-5.0.14-1.mga5

Summary: Update request: virtualbox-5.0.14-1.mga5

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:	http://lwn.net/Vulnerabilities/673467/
Whiteboard:	MGA5-32-OK MGA5-64-OK advisory
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2016-01-21 21:25 CET by Thomas Backlund
Modified:	2016-01-25 20:35 CET (History)
CC List:	2 users (show)

See Also:
Source RPM:	virtualbox
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Backlund 2016-01-21 21:25:35 CET

New virtualbox maintenance release to test:


SRPMS:
kmod-vboxadditions-5.0.14-1.mga5.src.rpm
kmod-virtualbox-5.0.14-1.mga5.src.rpm
virtualbox-5.0.14-1.mga5.src.rpm


i586:
dkms-vboxadditions-5.0.14-1.mga5.noarch.rpm
dkms-virtualbox-5.0.14-1.mga5.noarch.rpm
python-virtualbox-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-4.1.15-desktop586-2.mga5-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-4.1.15-server-2.mga5-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-desktop586-latest-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-desktop-latest-5.0.14-1.mga5.i586.rpm
vboxadditions-kernel-server-latest-5.0.14-1.mga5.i586.rpm
virtualbox-5.0.14-1.mga5.i586.rpm
virtualbox-devel-5.0.14-1.mga5.i586.rpm
virtualbox-guest-additions-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-4.1.15-desktop586-2.mga5-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-4.1.15-server-2.mga5-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-desktop586-latest-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-desktop-latest-5.0.14-1.mga5.i586.rpm
virtualbox-kernel-server-latest-5.0.14-1.mga5.i586.rpm
x11-driver-video-vboxvideo-5.0.14-1.mga5.i586.rpm


x86_64:
dkms-vboxadditions-5.0.14-1.mga5.noarch.rpm
dkms-virtualbox-5.0.14-1.mga5.noarch.rpm
python-virtualbox-5.0.14-1.mga5.x86_64.rpm
vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.x86_64.rpm
vboxadditions-kernel-4.1.15-server-2.mga5-5.0.14-1.mga5.x86_64.rpm
vboxadditions-kernel-desktop-latest-5.0.14-1.mga5.x86_64.rpm
vboxadditions-kernel-server-latest-5.0.14-1.mga5.x86_64.rpm
virtualbox-5.0.14-1.mga5.x86_64.rpm
virtualbox-devel-5.0.14-1.mga5.x86_64.rpm
virtualbox-guest-additions-5.0.14-1.mga5.x86_64.rpm
virtualbox-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.x86_64.rpm
virtualbox-kernel-4.1.15-server-2.mga5-5.0.14-1.mga5.x86_64.rpm
virtualbox-kernel-desktop-latest-5.0.14-1.mga5.x86_64.rpm
virtualbox-kernel-server-latest-5.0.14-1.mga5.x86_64.rpm
x11-driver-video-vboxvideo-5.0.14-1.mga5.x86_64.rpm



Reproducible: 

Steps to Reproduce:

Comment 1 Thomas Backlund 2016-01-21 21:28:39 CET

advisory added to svn

Whiteboard: (none) => advisory

Comment 2 David Walser 2016-01-21 23:58:02 CET

Tested Mageia 5 i586 host with every VM guest OS known to man.  Everything worked OK.  I haven't tested any VMs with sound, so I'll do that with my VM at home, hopefully tomorrow.

Comment 3 Thomas Andrews 2016-01-22 01:12:51 CET

Tested Mageia 5 x86-64 host with Mageia 5 i586 guest. Everything worked OK, including sound.

CC: (none) => andrewsfarm

Comment 4 James Kerr 2016-01-22 10:31:21 CET

Testing on mga5-64

Packages installed from testing:
- virtualbox-5.0.14-1.mga5.x86_64
- virtualbox-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.x86_64
- virtualbox-kernel-desktop-latest-5.0.14-1.mga5.x86_64

Packages installed cleanly
Installed Extension pack

Win xp guest:
Launced normally
Additions updated
USB devices accessible and working

mga5-32 guest:
Launched normally
Packages installed from testing:
- vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.14-1.mga5.i586
- vboxadditions-kernel-desktop-latest-5.0.14-1.mga5.i586
- virtualbox-guest-additions-5.0.14-1.mga5.i586
- x11-driver-video-vboxvideo-5.0.14-1.mga5.i586
USB devices accessible and working

OK for mga5-64 host 
OK for mga5-32 guest

Comment 5 Thomas Backlund 2016-01-22 22:59:14 CET

Turns out it's a security update:
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers
to affect availability via unknown vectors related to Core. 
(CVE-2016-0495)

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local
users to affect availability via unknown vectors related to Core. 
(CVE-2016-0592)

advisory in svn updated accordingly

Component: RPM Packages => Security

Comment 6 James Kerr 2016-01-23 00:30:40 CET

Testing on mga5-32

Packages installed from testing:
- virtualbox-5.0.14-1.mga5.i586
- virtualbox-kernel-4.1.15-server-2.mga5-5.0.14-1.mga5.i586
- virtualbox-kernel-server-latest-5.0.14-1.mga5.i586
Packages installed cleanly

Installed Extension pack

win7-32 guest - runs normally including sound and USB

OK for mga5-32

Comment 7 David Walser 2016-01-23 00:48:08 CET

Finished testing my Mageia 5 i586 guest at home, that's fine too.

Thanks TJ and James for your x86_64 tests.  This has been sufficiently tested to release.

Please to push to core/updates.

Keywords: (none) => validated_update
Whiteboard: advisory => MGA5-32-OK MGA5-64-OK advisory
CC: (none) => sysadmin-bugs

Comment 8 Mageia Robot 2016-01-23 12:47:05 CET

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0035.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-01-25 20:35:49 CET

URL: (none) => http://lwn.net/Vulnerabilities/673467/

Note You need to log in before you can comment on or make changes to this bug.