Debian Bug report logs -
#659950
CVE-2012-0111
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Virtualbox Team <pkg-virtualbox-devel@lists.alioth.debian.org>:
Bug#659950; Package virtualbox.
(Wed, 15 Feb 2012 09:06:25 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <muehlenhoff@univention.de>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Virtualbox Team <pkg-virtualbox-devel@lists.alioth.debian.org>.
(Wed, 15 Feb 2012 09:06:32 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: virtualbox
Severity: grave
Tags: security
Please see
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
It says "Supported versions affected": 4.1, but I'm not sure if earlier
versions are nor supported or not affected? (Specifically the version
of virtualbox-ose from stable)
Maybe you can contact your upstream contact for details?
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Virtualbox Team <pkg-virtualbox-devel@lists.alioth.debian.org>:
Bug#659950; Package virtualbox.
(Wed, 15 Feb 2012 10:13:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Alexey Eromenko <al4321@gmail.com>:
Extra info received and forwarded to list. Copy sent to Debian Virtualbox Team <pkg-virtualbox-devel@lists.alioth.debian.org>.
(Wed, 15 Feb 2012 10:13:05 GMT) (full text, mbox, link).
Message #10 received at 659950@bugs.debian.org (full text, mbox, reply):
Oracle (klaus) say that v3.2.x is not affected for both CVE-2012-0105
and CVE-2012-0111. (so Squeeze is not affected)
And that v4.1.8 is fixed for both (so Wheezy is not affected)
--
-Alexey Eromenko "Technologov"
Reply sent
to Felix Geyer <debfx-pkg@fobos.de>:
You have taken responsibility.
(Sun, 19 Feb 2012 16:03:05 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <muehlenhoff@univention.de>:
Bug acknowledged by developer.
(Sun, 19 Feb 2012 16:03:05 GMT) (full text, mbox, link).
Message #15 received at 659950-done@bugs.debian.org (full text, mbox, reply):
Yes, none of the versions in Debian are affected.
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 19 Mar 2012 07:35:29 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:21:43 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon