File _patchinfo of Package patchinfo
<patchinfo incident="16230">
<issue tracker="cve" id="2021-2282"/>
<issue tracker="cve" id="2021-2283"/>
<issue tracker="cve" id="2021-2297"/>
<issue tracker="cve" id="2021-2306"/>
<issue tracker="cve" id="2021-2266"/>
<issue tracker="cve" id="2021-2264"/>
<issue tracker="cve" id="2021-2309"/>
<issue tracker="cve" id="2021-2280"/>
<issue tracker="cve" id="2021-2145"/>
<issue tracker="cve" id="2021-2279"/>
<issue tracker="cve" id="2021-2296"/>
<issue tracker="cve" id="2021-2250"/>
<issue tracker="cve" id="2021-2281"/>
<issue tracker="cve" id="2021-2287"/>
<issue tracker="cve" id="2021-2310"/>
<issue tracker="cve" id="2021-2284"/>
<issue tracker="cve" id="2021-2291"/>
<issue tracker="cve" id="2021-2285"/>
<issue tracker="cve" id="2021-2312"/>
<issue tracker="cve" id="2021-2286"/>
<issue tracker="cve" id="2021-25319"/>
<issue tracker="bnc" id="1182918">VUL-0: CVE-2021-25319: virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group</issue>
<packager>lwfinger</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for virtualbox</summary>
<description>This update for virtualbox fixes the following issues:
virtualbox was updated to 6.1.22 (released April 29 2021 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
- VMM: Improved performance of 64-bit Windows and Solaris guests when Hyper-V is used on recent Windows 10 hosts
- VMM: Fixed frequent crashes of 64-bit Windows Vista and Server 2003 guests when Hyper-V is used
- GUI: Fixed regression where user was not able to save unset default shortcuts (bug #20305)
- Storage: Fixed regression in LsiLogic SAS controller emulation caused VM crash (bug #20323)
- Linux Guest Additions: Fixed issue when it was not possible to run executables from mounted share (bug #20320)
- Fixes for CVE-2021-2145 CVE-2021-2250 CVE-2021-2264 CVE-2021-2266 CVE-2021-2279 CVE-2021-2280
CVE-2021-2281 CVE-2021-2282 CVE-2021-2283 CVE-2021-2284 CVE-2021-2285 CVE-2021-2286
CVE-2021-2287 CVE-2021-2291 CVE-2021-2296 CVE-2021-2297 CVE-2021-2306 CVE-2021-2309
CVE-2021-2310 CVE-2021-2312
- Version bump to (released April 20 2021 by Oracle)
File "virtualbox-kmp-files-leap" is deleted.
- Use distconfdir for xinitrc.d files on TW
- Improve autostart security boo#1182918. </description>
</patchinfo>