Hello Larry, It looks to me like the site was updated after 5.2.22 was released to say that the researcher considers the issue fixed. Unfortunately we are by Oracle policy to comment on security fixes or even mention them in the change log - all security information is published in the quarterly Oracle critical patch update information. Please note though that we take security seriously!
Regards Michael 11.11.18 22:13, Larry Finger wrote: > On 11/11/18 1:09 AM, Mihai Hanor wrote: >> Hi, >> >> According to the same researcher, Virtualbox 5.2.22 fixes the >> vulnerability: >> >> https://github.com/MorteNoir1/virtualbox_e1000_0day/issues/12 > > I'm not sure that he says that 5.2.22 fixes the problem. What he says is > that 5.2.20 and earlier are affected; however, 5.2.22 was released after > his posting. > > Larry > > > _______________________________________________ > vbox-dev mailing list > [email protected] > https://www.virtualbox.org/mailman/listinfo/vbox-dev -- Michael Thayer | VirtualBox engineer ORACLE Deutschland B.V. & Co. KG | Werkstr. 24 | D-71384 Weinstadt ORACLE Deutschland B.V. & Co. KG Hauptverwaltung: Riesstraße 25, D-80992 München Registergericht: Amtsgericht München, HRA 95603 Komplementärin: ORACLE Deutschland Verwaltung B.V. Hertogswetering 163/167, 3543 AS Utrecht, Niederlande Handelsregister der Handelskammer Midden-Nederland, Nr. 30143697 Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher
pEpkey.asc
Description: application/pgp-keys
_______________________________________________ vbox-dev mailing list [email protected] https://www.virtualbox.org/mailman/listinfo/vbox-dev
