ALT-BU-2013-1448-1
Branch sisyphus update bulletin.
Package virtualbox updated to version 4.3.4-alt1 for branch sisyphus in task 109958.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-0404
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.
- 102061
- 102061
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64911
- 64911
- 1029610
- 1029610
- oracle-cpujan2014-cve20140404(90372)
- oracle-cpujan2014-cve20140404(90372)
Modified: 2024-11-21
CVE-2014-0405
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.
Modified: 2024-11-21
CVE-2014-0406
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.
- 102060
- 102060
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64905
- 64905
- 1029610
- 1029610
- oracle-cpujan2014-cve20140406(90371)
- oracle-cpujan2014-cve20140406(90371)
Modified: 2024-11-21
CVE-2014-0407
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
- 102058
- 102058
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64913
- 64913
- 1029610
- 1029610
- oracle-cpujan2014-cve20140407(90369)
- oracle-cpujan2014-cve20140407(90369)
Modified: 2024-11-21
CVE-2015-0377
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72219
- 72219
- oracle-cpujan2015-cve20150377(100176)
- oracle-cpujan2015-cve20150377(100176)
- GLSA-201612-27
- GLSA-201612-27
Modified: 2024-11-21
CVE-2015-0418
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72194
- 72194
- oracle-cpujan2015-cve20150418(100182)
- oracle-cpujan2015-cve20150418(100182)
- GLSA-201612-27
- GLSA-201612-27
Package kernel-modules-virtualbox-addition-std-def updated to version 4.3.4-alt1.199192.1 for branch sisyphus in task 109958.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-0404
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.
- 102061
- 102061
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64911
- 64911
- 1029610
- 1029610
- oracle-cpujan2014-cve20140404(90372)
- oracle-cpujan2014-cve20140404(90372)
Modified: 2024-11-21
CVE-2014-0405
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.
Modified: 2024-11-21
CVE-2014-0406
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.
- 102060
- 102060
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64905
- 64905
- 1029610
- 1029610
- oracle-cpujan2014-cve20140406(90371)
- oracle-cpujan2014-cve20140406(90371)
Modified: 2024-11-21
CVE-2014-0407
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
- 102058
- 102058
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64913
- 64913
- 1029610
- 1029610
- oracle-cpujan2014-cve20140407(90369)
- oracle-cpujan2014-cve20140407(90369)
Modified: 2024-11-21
CVE-2015-0377
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72219
- 72219
- oracle-cpujan2015-cve20150377(100176)
- oracle-cpujan2015-cve20150377(100176)
- GLSA-201612-27
- GLSA-201612-27
Modified: 2024-11-21
CVE-2015-0418
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72194
- 72194
- oracle-cpujan2015-cve20150418(100182)
- oracle-cpujan2015-cve20150418(100182)
- GLSA-201612-27
- GLSA-201612-27
Package kernel-modules-virtualbox-std-def updated to version 4.3.4-alt1.199192.1 for branch sisyphus in task 109958.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-0404
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.
- 102061
- 102061
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64911
- 64911
- 1029610
- 1029610
- oracle-cpujan2014-cve20140404(90372)
- oracle-cpujan2014-cve20140404(90372)
Modified: 2024-11-21
CVE-2014-0405
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.
Modified: 2024-11-21
CVE-2014-0406
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.
- 102060
- 102060
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64905
- 64905
- 1029610
- 1029610
- oracle-cpujan2014-cve20140406(90371)
- oracle-cpujan2014-cve20140406(90371)
Modified: 2024-11-21
CVE-2014-0407
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
- 102058
- 102058
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64913
- 64913
- 1029610
- 1029610
- oracle-cpujan2014-cve20140407(90369)
- oracle-cpujan2014-cve20140407(90369)
Modified: 2024-11-21
CVE-2015-0377
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72219
- 72219
- oracle-cpujan2015-cve20150377(100176)
- oracle-cpujan2015-cve20150377(100176)
- GLSA-201612-27
- GLSA-201612-27
Modified: 2024-11-21
CVE-2015-0418
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72194
- 72194
- oracle-cpujan2015-cve20150418(100182)
- oracle-cpujan2015-cve20150418(100182)
- GLSA-201612-27
- GLSA-201612-27
Package kernel-modules-virtualbox-un-def updated to version 4.3.4-alt1.199685.1 for branch sisyphus in task 109958.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-0404
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.
- 102061
- 102061
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64911
- 64911
- 1029610
- 1029610
- oracle-cpujan2014-cve20140404(90372)
- oracle-cpujan2014-cve20140404(90372)
Modified: 2024-11-21
CVE-2014-0405
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.
Modified: 2024-11-21
CVE-2014-0406
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.
- 102060
- 102060
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64905
- 64905
- 1029610
- 1029610
- oracle-cpujan2014-cve20140406(90371)
- oracle-cpujan2014-cve20140406(90371)
Modified: 2024-11-21
CVE-2014-0407
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
- 102058
- 102058
- 56490
- 56490
- DSA-2878
- DSA-2878
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- 64758
- 64758
- 64913
- 64913
- 1029610
- 1029610
- oracle-cpujan2014-cve20140407(90369)
- oracle-cpujan2014-cve20140407(90369)
Modified: 2024-11-21
CVE-2015-0377
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72219
- 72219
- oracle-cpujan2015-cve20150377(100176)
- oracle-cpujan2015-cve20150377(100176)
- GLSA-201612-27
- GLSA-201612-27
Modified: 2024-11-21
CVE-2015-0418
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
- openSUSE-SU-2015:0229
- openSUSE-SU-2015:0229
- 62694
- 62694
- DSA-3143
- DSA-3143
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- 72194
- 72194
- oracle-cpujan2015-cve20150418(100182)
- oracle-cpujan2015-cve20150418(100182)
- GLSA-201612-27
- GLSA-201612-27
Closed vulnerabilities
BDU:2015-09726
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2013-4545
cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
- http://curl.haxx.se/docs/adv_20131115.html
- http://curl.haxx.se/docs/adv_20131115.html
- openSUSE-SU-2013:1859
- openSUSE-SU-2013:1859
- openSUSE-SU-2013:1865
- openSUSE-SU-2013:1865
- DSA-2798
- DSA-2798
- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- USN-2048-1
- USN-2048-1
- HPSBMU03112
- HPSBMU03112
Modified: 2024-11-21
CVE-2013-6422
The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-6411
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
- http://bugs.openttd.org/task/5820
- http://bugs.openttd.org/task/5820
- openSUSE-SU-2013:1932
- openSUSE-SU-2013:1932
- [oss-security] 20131129 Re: CVE request for OpenTTD
- [oss-security] 20131129 Re: CVE request for OpenTTD
- 55589
- 55589
- 56218
- 56218
- http://vcs.openttd.org/svn/changeset/26134
- http://vcs.openttd.org/svn/changeset/26134
- 64003
- 64003
- openttd-cve20136411-dos(89334)
- openttd-cve20136411-dos(89334)
- https://security.openttd.org/en/CVE-2013-6411
- https://security.openttd.org/en/CVE-2013-6411