SUSE 5149 Published by

A virtualbox security update has been released for openSUSE Leap 15.5.



openSUSE-SU-2023:0213-1: important: Security update for virtualbox


openSUSE Security Update: Security update for virtualbox
_______________________________

Announcement ID: openSUSE-SU-2023:0213-1
Rating: important
References: #1209727 #1211941 #1212209 #1212761
Affected Products:
openSUSE Leap 15.5
_______________________________

An update that contains security fixes can now be installed.

Description:

This update for virtualbox fixes the following issues:

VirtualBox 7.0.10 (released July 18 2023)

This is a maintenance release. The following items were fixed and/or added:

- OCI: Introduced general improvements
- VMM: Fixed a bug while walking page tables while executing nested VMs
causing flooding of the release log as a consequence (Intel hosts only,
bug #21551)
- GUI: Added general improvements
- TPM: Fixed a crash when a VM has a TPM version 1.2 configured (bug
#21622)
- 3D: Initial support for OpenGL 4.1
- 3D: Fixed various graphics issues with Windows 11 guests (bugs #21136,
#21515)
- Guest Control/VBoxManage: Fixed parameter "--ignore-orphaned-processes"
- Guest Control/VBoxManage: Fixed behavior of how handling argument 0 for
a started guest process works: One can now explicitly specify it with
the newly added option "--arg0". This will effectively restore the
behavior of former VirtualBox versions
- Audio: Also use the PulseAudio backend when pipewire-pulse is running
instead of falling back to ALSA (bug #21575)
- NAT: Adjusted UDP proxy timeout from 18-21 to 21-24 range to respect
intended 20 second timeout (bug #21560)
- Linux Host: Added initial support for Indirect Branch Tracking (bug
#21435)
- Linux Host: Added initial support for kernel 6.5 (NOTE: Guest Additions
do not support kernel 6.5 yet)
- Linux Host and Guest: Improved condition check when kernel modules need
to be signed
- Linux Host and Guest: Added initial support for RHEL 8.8 (bug #21692),
8.9 (bug #21690) and 9.3 (bugs #21598 and #21671) kernels
- Linux Guest Additions: Fixed issue when kernel modules were rebuilt on
each boot when guest system has no X11 installed
- Linux Guest Additions: Added initial support for kernel 6.4
- Linux Guest Additions: Fixed issue when vboxvideo module reloading
caused kernel panic in some guests (bug #21740)
- Linux Guest Additions: Introduced general improvements in the installer
area
- Windows Guest Additions: Introduced general improvements in graphics
drivers area
- Fix issue with kernel on newer CPU (boo#1212209)

- Turn build of VBoxSDL back on. This update addresses boo#1211941.
- Detect vboxpython module with python 3.11
- Fix Vagrant/virtualbox startup problems boo#1209727

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.5:

zypper in -t patch openSUSE-2023-213=1

Package List:

- openSUSE Leap 15.5 (noarch):

virtualbox-guest-desktop-icons-7.0.10-lp155.2.5.1
virtualbox-guest-source-7.0.10-lp155.2.5.1
virtualbox-host-source-7.0.10-lp155.2.5.1

- openSUSE Leap 15.5 (x86_64):

python3-virtualbox-7.0.10-lp155.2.5.1
python3-virtualbox-debuginfo-7.0.10-lp155.2.5.1
virtualbox-7.0.10-lp155.2.5.1
virtualbox-debuginfo-7.0.10-lp155.2.5.1
virtualbox-debugsource-7.0.10-lp155.2.5.1
virtualbox-devel-7.0.10-lp155.2.5.1
virtualbox-guest-tools-7.0.10-lp155.2.5.1
virtualbox-guest-tools-debuginfo-7.0.10-lp155.2.5.1
virtualbox-kmp-debugsource-7.0.10-lp155.2.5.1
virtualbox-kmp-default-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1
virtualbox-kmp-default-debuginfo-7.0.10_k5.14.21_150500.55.7-lp155.2.5.1
virtualbox-qt-7.0.10-lp155.2.5.1
virtualbox-qt-debuginfo-7.0.10-lp155.2.5.1
virtualbox-vnc-7.0.10-lp155.2.5.1
virtualbox-websrv-7.0.10-lp155.2.5.1
virtualbox-websrv-debuginfo-7.0.10-lp155.2.5.1

References:

https://bugzilla.suse.com/1209727
https://bugzilla.suse.com/1211941
https://bugzilla.suse.com/1212209
https://bugzilla.suse.com/1212761