[Bug 1805651] Re: VBoxNetNAT is missing suid bit

[Launchpad Bug Tracker]

This bug was fixed in the package virtualbox -
5.2.32-dfsg-0~ubuntu18.04.1

---------------
virtualbox (5.2.32-dfsg-0~ubuntu18.04.1) bionic; urgency=medium

  * SRU the latest package for bionic (LP: #1835576, LP: #1829248)
  [ Connor Kuehl ]
  * Fix build for Linux 5.0 (LP: #1835576)
    - debian/patches/ubuntu-0001-linux-5.0-compat.patch
    - debian/patches/ubuntu-0002-linux-5.0-move-ms-remount.patch
    - debian/patches/ubuntu-0003-linux-5.0-make-driver-work-with-Linux-5.0.patch
    - debian/patches/ubuntu-0004-drop-FBINFO_CAN_FORCE_OUTPUT-flag.patch
    - debian/patches/ubuntu-0005-switch-to-drm_get-drm_put-helpers.patch
    - debian/patches/ubuntu-0006-fixup-vboxvideo-module-include.patch
    - debian/patches/ubuntu-0007-update-connector-functions.patch

  [ Gianfranco Costamagna ]
  * Do not apply patches ubuntu-000{1,2,3,4,5,7], because they are included in
    this upstream release
  * New upstream release, update postinst.
  * CVE fixes
    - CVE-2019-2656
    - CVE-2019-2680
    - CVE-2019-2696
    - CVE-2019-2703
    - CVE-2019-2721
    - CVE-2019-2722
    - CVE-2019-2723
    - CVE-2019-2657
    - CVE-2019-2690
    - CVE-2019-2679
    - CVE-2019-2678
    - CVE-2019-2574
  * Drop patches useless with this new upstream release:
    - 18-system-xorg.patch
    - new-gcc.patch
    - kernel-4.18.patch
    - fix-guest-to-host-escape-vulnerability.patch
  * Cherry-pick some fixes from Debian git master branch
    - Enable full hardening
    - automatically detect wsimport from the system
    - bump std-version to 4.3.0
    - Add suid bit to VBoxNetNat to make it work (LP: #1805651)
    - Finally relax dh_strip hack
    - Relax some version constraints, already fullfilled since o-o-stable
    - use cafe instead of beef, to detect if we are inside a VM to fix
      copy-paste.
    - Start VBoxClient too, with the right --vmsvga flag, to fix screen resize
    - Switch to java11, that changed everything (Closes: #920723)
      - add new jaxw dependencies.
    - Switch from iasl to the new acpica-tools name
    - Implement DEB_BUILD_OPTIONS=parallel=n handling during build
      (Closes: #924302)

 -- Gianfranco Costamagna <locutusofb...@debian.org>  Thu, 18 Apr 2019
09:30:21 +0200

** Changed in: virtualbox (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2574

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2656

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2657

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2678

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2679

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2680

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2690

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2696

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2703

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2721

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2722

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-2723

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1805651

Title:
  VBoxNetNAT is missing suid bit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1805651/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs