[vbox-dev] "Disgruntled Security Researcher Publishes Major VirtualBox 0-Day Exploit"
michael.thayer at oracle.com
Mon Nov 12 13:08:20 UTC 2018
It looks to me like the site was updated after 5.2.22 was released to
say that the researcher considers the issue fixed. Unfortunately we are
by Oracle policy to comment on security fixes or even mention them in
the change log - all security information is published in the quarterly
Oracle critical patch update information. Please note though that we
take security seriously!
11.11.18 22:13, Larry Finger wrote:
> On 11/11/18 1:09 AM, Mihai Hanor wrote:
>> According to the same researcher, Virtualbox 5.2.22 fixes the
> I'm not sure that he says that 5.2.22 fixes the problem. What he says is
> that 5.2.20 and earlier are affected; however, 5.2.22 was released after
> his posting.
> vbox-dev mailing list
> vbox-dev at virtualbox.org
Michael Thayer | VirtualBox engineer
ORACLE Deutschland B.V. & Co. KG | Werkstr. 24 | D-71384 Weinstadt
ORACLE Deutschland B.V. & Co. KG
Hauptverwaltung: Riesstraße 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603
Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Nederland, Nr. 30143697
Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2468 bytes
Desc: not available
More information about the vbox-dev