Package: virtualbox
Severity: grave
Tags: security
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Several vulnerabilities have been reported in VirtualBox. Details are scarce, so
please get in touch with upstream for more information on eventual backports
to oldstable/stable. Judging from the CVSS scores this is likely only local
denial of service, in that case we likely don't need a DSA.
CVE-2013-5892
CVE-2014-0407
CVE-2014-0406
CVE-2014-0404
In addition CVE-2014-0405 seems to affect virtualbox-guest-additions-iso from
non-free
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
