Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 03 Jun 2023 13:21:37 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 271141] security/vuxml: document vulnerabilities for the emulators/virtualbox-ose family
Message-ID:  <bug-271141-7788-aQn9KS0l6O@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-271141-7788@https.bugs.freebsd.org/bugzilla/>
References:  <bug-271141-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271141

Graham Perrin <grahamperrin@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|security/vuxml: mark as     |security/vuxml: document
                   |FORBIDDEN, and document     |vulnerabilities for the
                   |vulnerabilities for, the    |emulators/virtualbox-ose
                   |emulators/virtualbox-ose    |family
                   |family                      |

--- Comment #5 from Graham Perrin <grahamperrin@freebsd.org> ---
With the Oracle-supported 6.1 branch
<https://www.virtualbox.org/wiki/Changelog-6.1>; currently at 6.1.44

As far as I can tell, from a FreeBSD-CURRENT perspective,
<https://cgit.freebsd.org/ports/commit/?id=3D1d37fcd8316a078e512852b7c565b5=
b2cf2dcbcd>
(2023-05-15), its cherry-pick to 2023Q2, and other 6.1-related commits nega=
ted
the need to mark as FORBIDDEN.=20


% uname -r
14.0-CURRENT
% pkg search virtualbox | grep -v 6.1.44
phpvirtualbox-6.1_1            AJAX Web Interface for VirtualBox
phpvirtualbox-legacy-5.2.1_2   AJAX Web Interface for VirtualBox
virtualbox-ose-additions-legacy-5.2.44_5 VirtualBox additions for FreeBSD
guests
virtualbox-ose-additions-nox11-legacy-5.2.44_4 VirtualBox additions for Fre=
eBSD
guests
virtualbox-ose-kmod-legacy-5.2.44_7 VirtualBox kernel module for FreeBSD
%=20


In addition: we might reasonably assume that ports of the 5.2 branch are
vulnerable, however these are no longer supported by Oracle (and so, we can=
't
expect vulnerabilities to be documented by Oracle).

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-271141-7788-aQn9KS0l6O>