{
  "schema_version": "1.7.0",
  "id": "MGASA-2016-0259",
  "published": "2016-07-26T19:11:30Z",
  "modified": "2016-07-26T19:03:47Z",
  "summary": "Updated VirtualBox 5.1 packages fix security vulnerability",
  "details": "This update provides the new VirtualBox 5.1 series, currently based\non 5.1.2 providing several perfomance enhancements\n\nThe highlights include:\n* VMM: new APIC and I/O APIC implementations that result in significantly\n  improved performance in certain situations (for example with networking)\n* VMM: activate the x2APIC by default for Linux guests\n* VMM: added support for Hyper-V paravirtualized debugging of Windows guests\n* VMM: emulate even more MMIO and shadow pagetable exits without going back\n  to user mode\n* GUI: overall migration to Qt5\n* GUI: passive API event listener improving the VM GUI performance and \n  response time\n* Audio: added HDA (High Definition Audio) support for newer Linux guests\n* Audio: added on-demand timers which should improve the overall performance\n  and reduce the CPU consumption\n* Audio: more fine-grained volume control for the AC'97 emulation, which now\n  also takes the master volume control into account\n* better support for Python 3 \n\nIt also resolves the following security issue:\n\nUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle\nVirtualization VirtualBox before 5.0.26 allows local users to affect\navailability via vectors related to Core (CVE-2016-3597). \n\nFor other fixes, see the referenced changelog.\n",
  "upstream": [
    "CVE-2016-3597"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2016-0259.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=18944"
    },
    {
      "type": "WEB",
      "url": "https://www.virtualbox.org/wiki/Changelog"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "virtualbox",
        "purl": "pkg:rpm/mageia/virtualbox?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.2-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "kmod-virtualbox",
        "purl": "pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.2-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "kmod-vboxadditions",
        "purl": "pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.2-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}