SUSE 5181 Published by

A virtualbox security update has been released for openSUSE Leap 15.1.



security-announce: openSUSE-SU-2020:1511-1: important: Security update for virtualbox


openSUSE Security Update: Security update for virtualbox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1511-1
Rating: important
References: #1174159
Cross-References: CVE-2020-14628 CVE-2020-14629 CVE-2020-14646
CVE-2020-14647 CVE-2020-14648 CVE-2020-14649
CVE-2020-14650 CVE-2020-14673 CVE-2020-14674
CVE-2020-14675 CVE-2020-14676 CVE-2020-14677
CVE-2020-14694 CVE-2020-14695 CVE-2020-14698
CVE-2020-14699 CVE-2020-14700 CVE-2020-14703
CVE-2020-14704 CVE-2020-14707 CVE-2020-14711
CVE-2020-14712 CVE-2020-14713 CVE-2020-14714
CVE-2020-14715
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that fixes 25 vulnerabilities is now available.

Description:

This update for virtualbox fixes the following issues:

Version Bump to 6.0.24 (released July 14 2020 by Oracle)

This is a maintenance release. The following items were fixed and/or added:

- API: Fix unintentionally enabled audio due to a settings file version
dependent bug
- VBoxManage: Fix crash of 'VBoxManage internalcommands repairhd' when
processing invalid input (bug #19579)
- Guest Additions: Fix issues detecting guest additions ISO at runtime
- Fixes CVE-2020-14628, CVE-2020-14646, CVE-2020-14647, CVE-2020-14649,
CVE-2020-14713, CVE-2020-14674, CVE-2020-14675, CVE-2020-14676,
CVE-2020-14677, CVE-2020-14699, CVE-2020-14711, CVE-2020-14629,
CVE-2020-14703, CVE-2020-14704, CVE-2020-14648, CVE-2020-14650,
CVE-2020-14673, CVE-2020-14694, CVE-2020-14695, CVE-2020-14698,
CVE-2020-14700, CVE-2020-14712, CVE-2020-14707, CVE-2020-14714,
CVE-2020-14715 boo#1174159

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1511=1


Package List:

- openSUSE Leap 15.1 (x86_64):

python3-virtualbox-6.0.24-lp151.2.18.1
python3-virtualbox-debuginfo-6.0.24-lp151.2.18.1
virtualbox-6.0.24-lp151.2.18.1
virtualbox-debuginfo-6.0.24-lp151.2.18.1
virtualbox-debugsource-6.0.24-lp151.2.18.1
virtualbox-devel-6.0.24-lp151.2.18.1
virtualbox-guest-tools-6.0.24-lp151.2.18.1
virtualbox-guest-tools-debuginfo-6.0.24-lp151.2.18.1
virtualbox-guest-x11-6.0.24-lp151.2.18.1
virtualbox-guest-x11-debuginfo-6.0.24-lp151.2.18.1
virtualbox-kmp-default-6.0.24_k4.12.14_lp151.28.67-lp151.2.18.1
virtualbox-kmp-default-debuginfo-6.0.24_k4.12.14_lp151.28.67-lp151.2.18.1
virtualbox-qt-6.0.24-lp151.2.18.1
virtualbox-qt-debuginfo-6.0.24-lp151.2.18.1
virtualbox-vnc-6.0.24-lp151.2.18.1
virtualbox-websrv-6.0.24-lp151.2.18.1
virtualbox-websrv-debuginfo-6.0.24-lp151.2.18.1

- openSUSE Leap 15.1 (noarch):

virtualbox-guest-desktop-icons-6.0.24-lp151.2.18.1
virtualbox-guest-source-6.0.24-lp151.2.18.1
virtualbox-host-source-6.0.24-lp151.2.18.1

References:

  https://www.suse.com/security/cve/CVE-2020-14628.html
  https://www.suse.com/security/cve/CVE-2020-14629.html
  https://www.suse.com/security/cve/CVE-2020-14646.html
  https://www.suse.com/security/cve/CVE-2020-14647.html
  https://www.suse.com/security/cve/CVE-2020-14648.html
  https://www.suse.com/security/cve/CVE-2020-14649.html
  https://www.suse.com/security/cve/CVE-2020-14650.html
  https://www.suse.com/security/cve/CVE-2020-14673.html
  https://www.suse.com/security/cve/CVE-2020-14674.html
  https://www.suse.com/security/cve/CVE-2020-14675.html
  https://www.suse.com/security/cve/CVE-2020-14676.html
  https://www.suse.com/security/cve/CVE-2020-14677.html
  https://www.suse.com/security/cve/CVE-2020-14694.html
  https://www.suse.com/security/cve/CVE-2020-14695.html
  https://www.suse.com/security/cve/CVE-2020-14698.html
  https://www.suse.com/security/cve/CVE-2020-14699.html
  https://www.suse.com/security/cve/CVE-2020-14700.html
  https://www.suse.com/security/cve/CVE-2020-14703.html
  https://www.suse.com/security/cve/CVE-2020-14704.html
  https://www.suse.com/security/cve/CVE-2020-14707.html
  https://www.suse.com/security/cve/CVE-2020-14711.html
  https://www.suse.com/security/cve/CVE-2020-14712.html
  https://www.suse.com/security/cve/CVE-2020-14713.html
  https://www.suse.com/security/cve/CVE-2020-14714.html
  https://www.suse.com/security/cve/CVE-2020-14715.html
  https://bugzilla.suse.com/1174159