This update for virtualbox fixes the following issues:
- CVE-2017-10392: A local user can exploit a flaw in the Oracle VM VirtualBox Core component to partially access data, partially modify data, and deny service
- CVE-2017-10407: A local user can exploit a flaw in the Oracle VM VirtualBox Core component to partially access data, partially modify data, and deny service
- CVE-2017-10408: A local user can exploit a flaw in the Oracle VM VirtualBox Core component to partially access data, partially modify data, and deny service
- CVE-2017-10428: A local user can exploit a flaw in the Oracle VM VirtualBox Core component to partially access data, partially modify data, and partially deny service
The following packaging changes are included:
- Further to usage of vboxdrv if virtualbox-qt is not installed: updates to vboxdrv.sh (boo#1060072)
- The virtualbox package no longer requires libX11, an library module files were moved to virtualbox-qt
This update also contains all upstream improvements in the 5.1.30 release, including:
- Fix for double mouse cursor when using mouse integration without Guest Additions.
- Translation updates
- Submitted by Larry Finger (lwfinger)