Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="16230">
  <issue tracker="cve" id="2021-2282"/>
  <issue tracker="cve" id="2021-2283"/>
  <issue tracker="cve" id="2021-2297"/>
  <issue tracker="cve" id="2021-2306"/>
  <issue tracker="cve" id="2021-2266"/>
  <issue tracker="cve" id="2021-2264"/>
  <issue tracker="cve" id="2021-2309"/>
  <issue tracker="cve" id="2021-2280"/>
  <issue tracker="cve" id="2021-2145"/>
  <issue tracker="cve" id="2021-2279"/>
  <issue tracker="cve" id="2021-2296"/>
  <issue tracker="cve" id="2021-2250"/>
  <issue tracker="cve" id="2021-2281"/>
  <issue tracker="cve" id="2021-2287"/>
  <issue tracker="cve" id="2021-2310"/>
  <issue tracker="cve" id="2021-2284"/>
  <issue tracker="cve" id="2021-2291"/>
  <issue tracker="cve" id="2021-2285"/>
  <issue tracker="cve" id="2021-2312"/>
  <issue tracker="cve" id="2021-2286"/>
  <issue tracker="cve" id="2021-25319"/>
  <issue tracker="bnc" id="1182918">VUL-0: CVE-2021-25319: virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group</issue>
  <packager>lwfinger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for virtualbox</summary>
  <description>This update for virtualbox fixes the following issues:

virtualbox was updated to 6.1.22 (released April 29 2021 by Oracle)

This is a maintenance release. The following items were fixed and/or added:

- VMM: Improved performance of 64-bit Windows and Solaris guests when Hyper-V is used on recent Windows 10 hosts
- VMM: Fixed frequent crashes of 64-bit Windows Vista and Server 2003 guests when Hyper-V is used
- GUI: Fixed regression where user was not able to save unset default shortcuts (bug #20305)
- Storage: Fixed regression in LsiLogic SAS controller emulation caused VM crash (bug #20323)
- Linux Guest Additions: Fixed issue when it was not possible to run executables from mounted share (bug #20320)
- Fixes for CVE-2021-2145 CVE-2021-2250 CVE-2021-2264 CVE-2021-2266 CVE-2021-2279 CVE-2021-2280
            CVE-2021-2281 CVE-2021-2282 CVE-2021-2283 CVE-2021-2284 CVE-2021-2285 CVE-2021-2286
            CVE-2021-2287 CVE-2021-2291 CVE-2021-2296 CVE-2021-2297 CVE-2021-2306 CVE-2021-2309
            CVE-2021-2310 CVE-2021-2312

- Version bump to (released April 20 2021 by Oracle)
  File "virtualbox-kmp-files-leap" is deleted.
- Use distconfdir for xinitrc.d files on TW

- Improve autostart security boo#1182918. </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places