[SECURITY] [DSA 2878-1] virtualbox security update

2014-03-13T15:32:08
ID DEBIAN:DSA-2878-1:66F21
Type debian
Reporter Debian
Modified 2014-03-13T15:32:08

Description


Debian Security Advisory DSA-2878-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 13, 2014 http://www.debian.org/security/faq


Package : virtualbox CVE ID : CVE-2013-5892 CVE-2014-0404 CVE-2014-0406 CVE-2014-0407 Debian Bug : 735410

Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86 virtualisation solution, resulting in denial of service, privilege escalation and an information leak.

For the oldstable distribution (squeeze), these problems have been fixed in version 3.2.10-dfsg-1+squeeze2 of the virtualbox-ose source package.

For the stable distribution (wheezy), these problems have been fixed in version 4.1.18-dfsg-2+deb7u2.

For the testing distribution (jessie), these problems have been fixed in version 4.3.6-dfsg-1.

For the unstable distribution (sid), these problems have been fixed in version 4.3.6-dfsg-1.

We recommend that you upgrade your virtualbox packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org