Mageia Advisory: MGASA-2016-0035 - Updated virtualbox packages fix security vulnerabilities

Updated virtualbox packages fix security vulnerabilities

Publication date: 23 Jan 2016
Modification date: 23 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0495 , CVE-2016-0592

Description

This update provides the virtualbox 5.0.14 maintenance release.
It also fixes the following security issues:

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers
to affect availability via unknown vectors related to Core.
(CVE-2016-0495)

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local
users to affect availability via unknown vectors related to Core.
(CVE-2016-0592)

For other fixes in this update, see the referenced changelog.

References

https://bugs.mageia.org/show_bug.cgi?id=17571
https://www.virtualbox.org/wiki/Changelog
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592

SRPMS

5/core

virtualbox-5.0.14-1.mga5
kmod-virtualbox-5.0.14-1.mga5
kmod-vboxadditions-5.0.14-1.mga5

Advisories » MGASA-2016-0035

Updated virtualbox packages fix security vulnerabilities

Description

References

SRPMS

5/core