[vbox-dev] CVE-2015-3456 aka VENOM
Gianfranco Costamagna
costamagnagianfranco at yahoo.it
Sun May 17 22:21:34 GMT 2015
Hi folks,in my ongoing effort to fix Debian/Ubuntu packages, I would like to understand how and if virtualbox is affected, and if a patch is available for download.
thanks
cheers,
Gianfranco
Il Venerdì 15 Maggio 2015 11:31, Maxime Dor <max at kamax.io> ha scritto:
Hi,
Could an experienced dev validate that this diff between VBox 4.3.26 &
4.3.28 is indeed a fix CVE-2015-3456 ? http://pastebin.com/hb5Fbwku
QEMU patch for reference:
http://git.qemu.org/?p=qemu.git;a=blobdiff;f=hw/block/fdc.c;h=d8a8edd936f42d4b1d801c996932668e456b5896;hp=f72a39216347e722496797555db9f208b0c5b4b2;hb=e907746266721f305d67bc0718795fedee2e824c;hpb=968bb75c348a401b85e08d5eb1887a3e6c3185f5
Thank you!
Max
_______________________________________________
vbox-dev mailing list
vbox-dev at virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
More information about the vbox-dev
mailing list