Date: Thu, 21 Jul 2022 08:59:43 GMT From: Guido Falsi <madpilot@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 8fbdd9595ef8 - main - security/vuxml: Document new VirtualBox vulnerabilities. Message-ID: <202207210859.26L8xhZ8010019@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by madpilot: URL: https://cgit.FreeBSD.org/ports/commit/?id=8fbdd9595ef89aa01c62704b1d10e27be5052791 commit 8fbdd9595ef89aa01c62704b1d10e27be5052791 Author: Guido Falsi <madpilot@FreeBSD.org> AuthorDate: 2022-07-21 08:49:27 +0000 Commit: Guido Falsi <madpilot@FreeBSD.org> CommitDate: 2022-07-21 08:59:18 +0000 security/vuxml: Document new VirtualBox vulnerabilities. PR: 265350 --- security/vuxml/vuln-2022.xml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 3435054aff6c..fdfcc1f52ada 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,35 @@ + <vuln vid="e1387e95-08d0-11ed-be26-001999f8d30b"> + <topic>VirtualBox -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>virtualbox-ose</name> + <range><lt>6.1.36</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Oracle reports:</p> + <blockquote cite="https://www.oracle.com/security-alerts/cpujul2022.html">; + <p> Easily exploitable vulnerability allows high privileged + attacker with logon to the infrastructure where Oracle + VM VirtualBox executes to compromise Oracle VM VirtualBox. + Successful attacks of this vulnerability can result in + unauthorized ability to cause a hang or frequently + repeatable crash (complete DOS) of Oracle VM VirtualBox.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-21554</cvename> + <cvename>CVE-2022-21571</cvename> + <url>https://www.oracle.com/security-alerts/cpujul2022.html</url>; + </references> + <dates> + <discovery>2022-07-20</discovery> + <entry>2022-07-21</entry> + </dates> + </vuln> + <vuln vid="8e150606-08c9-11ed-856e-d4c9ef517024"> <topic>MySQL -- Multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202207210859.26L8xhZ8010019>