Bug 798776 - VUL-1: Virtualbox: Jan 2013 Oracle patch tuesday
VUL-1: Virtualbox: Jan 2013 Oracle patch tuesday
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Michal Seben
Security Team bot
:
Depends on: 798751
Blocks:
  Show dependency treegraph
 
Reported: 2013-01-16 13:35 UTC by Sebastian Krahmer
Modified: 2014-04-03 13:40 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2013-01-16 13:35:37 UTC
+++ This bug was initially created as a clone of Bug #798751 +++

Please split off bugs for particular packages from this bug.

See

http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Comment 1 Sebastian Krahmer 2013-01-16 13:36:58 UTC
CVE-2013-0420
Comment 2 Swamp Workflow Management 2013-01-16 23:00:26 UTC
bugbot adjusting priority
Comment 3 Bernhard Wiedemann 2013-01-23 10:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (798776) was mentioned in
https://build.opensuse.org/request/show/149632 Maintenance /
Comment 4 Michal Seben 2013-01-24 07:05:48 UTC
I found answer from Frank Mehnert (virtualbox team) regarding this CVE:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698292
>The fix can be found in
>
> https://www.virtualbox.org/changeset/44055/vbox
>
>Please ignore the change in DevVGA.h, this change is not necessary.


sr with patch send to 12.1 and 12.2
Comment 5 Swamp Workflow Management 2013-02-04 13:04:32 UTC
openSUSE-SU-2013:0231-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 798776
CVE References: CVE-2013-0420
Sources used:
openSUSE 12.2 (src):    virtualbox-4.1.22-1.10.1
openSUSE 12.1 (src):    virtualbox-4.1.22-3.9.1
Comment 6 Alexander Bergmann 2014-04-03 13:40:16 UTC
Closing as fixed.