On Dom, 2015-05-17 at 22:21 +0000, Gianfranco Costamagna wrote: > Hi folks,in my ongoing effort to fix Debian/Ubuntu packages, I would like to > understand how and if virtualbox is affected, and if a patch is available for > download.
Googling by "venom bug" I found many thing about this security problem, for example: http://mashable.com/2015/05/13/venom-security-faq/ Anyway Maxime Dor ask if it is already fixed on 4.3.28 . > thanks > > > > > cheers, > > Gianfranco > > > Il Venerdì 15 Maggio 2015 11:31, Maxime Dor <[email protected]> ha scritto: > Hi, > > Could an experienced dev validate that this diff between VBox 4.3.26 & > 4.3.28 is indeed a fix CVE-2015-3456 ? http://pastebin.com/hb5Fbwku > QEMU patch for reference: > http://git.qemu.org/?p=qemu.git;a=blobdiff;f=hw/block/fdc.c;h=d8a8edd936f42d4b1d801c996932668e456b5896;hp=f72a39216347e722496797555db9f208b0c5b4b2;hb=e907746266721f305d67bc0718795fedee2e824c;hpb=968bb75c348a401b85e08d5eb1887a3e6c3185f5 > > Thank you! > Max > > _______________________________________________ > vbox-dev mailing list > [email protected] > https://www.virtualbox.org/mailman/listinfo/vbox-dev > > _______________________________________________ > vbox-dev mailing list > [email protected] > https://www.virtualbox.org/mailman/listinfo/vbox-dev -- Sérgio M. B. _______________________________________________ vbox-dev mailing list [email protected] https://www.virtualbox.org/mailman/listinfo/vbox-dev
