jengelh/virtualbox
SHA256
1
0
Fork 1
forked from pool/virtualbox
Code Pull Requests Activity
3dad334a2b
virtualbox/vbox-usb-warning.diff

78 lines
3.1 KiB
Diff
Raw Normal View History

Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
Index: VirtualBox-7.0.6/src/apps/Makefile.kmk
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
===================================================================
Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
--- VirtualBox-7.0.6.orig/src/apps/Makefile.kmk
+++ VirtualBox-7.0.6/src/apps/Makefile.kmk
Accepting request 1036720 from home:lwfinger:branches:Virtualization added file "set_noexec_stack.patch" to remove executable stack in yasm-compiled routines addwd file "fix_v7_build.patch" added file "VBoxDDR0.r0" deleted file "/vb-6.1.16-modal-dialog-parent.patch" VirtualBox 7.0.2 (released October 20 2022) This is a maintenance release. The following items were fixed and/or added: Known issue: VMs having more than one vCPU configured will not work properly on macOS Catalina due to an unknown memory corruption issue. Either lower the number of vCPUs to 1 or upgrade to BigSur or later where the issue does not occur Main: Fixed issue when VBoxSVC could become unresponsive if Extension Pack was not installed (bug #21167) Linux Guest Additions: Introduced initial support for kernel 6.1 Linux Guest Additions: Fixed issue when VBoxClient seamless service caused a crash of some X11 applications (bug #21132) GUI: Fixed a glitch in the log viewer which was causing wrong log file to be saved (bug #21156) VirtualBox 7.0.0 (released October 10 2022) This is a major update. The following major new features were added: Virtual machines can be fully encrypted now, including the VM config logs and saved states (CLI only for now) OCI: Cloud virtual machines can be added to Virtual Machine Manager and controlled as local VMs OCI: Cloud networks can now be configured via Network Manager tool same way as it is done for Host-only and NAT networks GUI: Added a new utility similar to "top" or "resource monitor" which lists peformance statistics (CPU usage, RAM usage, disk I/O rate, etc.) of running guests GUI: Reworked the new vm wizard to integrate the unattended guest OS installation and to have a more streamlined work flow GUI: Added a new help viewer widget which enables the user manual to be navigated and searched GUI: Adding new notification center unifying most of running progresses and error reporting around the GUI GUI: Improved theme support on all platforms. Linux and macOS use native engine while for Windows host it is separately implemented. GUI: Large icon update. Audio recording: Now using Vorbis as the default audio format for WebM containers. Opus is no longer being used. Audio: Added "default" host driver type to make it possible to move VMs (appliances) between different platforms without the need of changing the audio driver explicitly. When the "default" driver is selected, the best audio backend option for a platform will be used. This is the default for newly created VMs. Guest Control: Implemented initial support for automatic updating of Guest Additions for Linux guests Guest Control: Implemented ability to wait for and/or reboot the guest when updating Guest Additions via VBoxManage VBoxManage: Added Guest Control "waitrunlevel" sub-command to make it possible to wait for a guest to reach a certain run level Linux Guest Additions: Reworked guest screen re-size functionality, added basic integration with some of guest Desktop Environments Devices: Implemented new 3D support based on DirectX 11 (and DXVK on non Windows hosts) Devices: Added virtual IOMMU devices (Intel and AMD variant) OBS-URL: https://build.opensuse.org/request/show/1036720 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=663
2022-11-18 22:49:33 +01:00
@@ -30,5 +30,7 @@ include $(KBUILD_PATH)/subheader.kmk
Accepting request 1004165 from home:larryr:branches:Virtualization - Version bump to 6.1.38r86 released by Oracle September 02 2022 This is a maintenance release. The following items were fixed and/or added: GUI: Improvements in Native Language Support area Main: OVF Export: Added support for exporting VMs containing Virtio-SCSI controllers Recording settings: Fixed a regression which could cause not starting the COM server (VBoxSVC) under certain circumstances (bug #21034) Recording: More deterministic naming for recorded files (will now overwrite old .webm files if present) Linux Host and Guest Additions installer: Improved check for systemd presence in the system (bug #19033) Linux Guest Additions: Introduced initial support for kernel 6.0 Linux Guest Additions: Additional fixes for kernel RHEL 9.1 (bug #21065) Windows Guest Additions: Improvements in Drag and Drop area Fixes permission problem with /dev/vboxuser (boo#1203370) Fixes boo#1203306 - 6.1.38 is available Fixes missing firewall opening (boo#1203086) Fixes boo#1201720 CVE items for CVE-2022-21571, CVE-2022-21554 OBS-URL: https://build.opensuse.org/request/show/1004165 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=653
2022-09-16 19:04:36 +02:00
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
include $(PATH_SUB_CURRENT)/VBoxPermissionMessage/Makefile.kmk
Accepting request 1004165 from home:larryr:branches:Virtualization - Version bump to 6.1.38r86 released by Oracle September 02 2022 This is a maintenance release. The following items were fixed and/or added: GUI: Improvements in Native Language Support area Main: OVF Export: Added support for exporting VMs containing Virtio-SCSI controllers Recording settings: Fixed a regression which could cause not starting the COM server (VBoxSVC) under certain circumstances (bug #21034) Recording: More deterministic naming for recorded files (will now overwrite old .webm files if present) Linux Host and Guest Additions installer: Improved check for systemd presence in the system (bug #19033) Linux Guest Additions: Introduced initial support for kernel 6.0 Linux Guest Additions: Additional fixes for kernel RHEL 9.1 (bug #21065) Windows Guest Additions: Improvements in Drag and Drop area Fixes permission problem with /dev/vboxuser (boo#1203370) Fixes boo#1203306 - 6.1.38 is available Fixes missing firewall opening (boo#1203086) Fixes boo#1201720 CVE items for CVE-2022-21571, CVE-2022-21554 OBS-URL: https://build.opensuse.org/request/show/1004165 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=653
2022-09-16 19:04:36 +02:00
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+include $(PATH_SUB_CURRENT)/VBoxUSB_DevRules/Makefile.kmk
+
include $(FILE_KBUILD_SUB_FOOTER)
Accepting request 1004165 from home:larryr:branches:Virtualization - Version bump to 6.1.38r86 released by Oracle September 02 2022 This is a maintenance release. The following items were fixed and/or added: GUI: Improvements in Native Language Support area Main: OVF Export: Added support for exporting VMs containing Virtio-SCSI controllers Recording settings: Fixed a regression which could cause not starting the COM server (VBoxSVC) under certain circumstances (bug #21034) Recording: More deterministic naming for recorded files (will now overwrite old .webm files if present) Linux Host and Guest Additions installer: Improved check for systemd presence in the system (bug #19033) Linux Guest Additions: Introduced initial support for kernel 6.0 Linux Guest Additions: Additional fixes for kernel RHEL 9.1 (bug #21065) Windows Guest Additions: Improvements in Drag and Drop area Fixes permission problem with /dev/vboxuser (boo#1203370) Fixes boo#1203306 - 6.1.38 is available Fixes missing firewall opening (boo#1203086) Fixes boo#1201720 CVE items for CVE-2022-21571, CVE-2022-21554 OBS-URL: https://build.opensuse.org/request/show/1004165 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=653
2022-09-16 19:04:36 +02:00
Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
Index: VirtualBox-7.0.6/src/apps/VBoxUSB_DevRules/Makefile.kmk
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
===================================================================
- Revise warning screen concerning USB passthru - fixes bnc#1041137. USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default. Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed, the popup will show the next time VB is started. File "fix_usb_rules.sh" is added. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-09 00:26:55 +02:00
--- /dev/null
Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
+++ VirtualBox-7.0.6/src/apps/VBoxUSB_DevRules/Makefile.kmk
- File "fixes_for_4.14.patch" deleted - upstream fix. File "remove_vbox_video_build.patch" added as current versions of Xorg no longer need this component. Version update to 5.2.4 (released 2017-12-19 by Oracle) This is a maintenance release. The following items were fixed and/or added: User interface: Adjusting desktop file for X11 window managers (bug #17312) User interface: various high resolution display adjustments Audio: fixed SB16 volume handling (5.2 regression) Audio: various fixes USB/OHCI: fixed a problem where OHCI emulation might sporadically drop data transfers Linux hosts: fixed screen corruption when the host screen changes and a virtual machine window is maximized X11 Guest Additions: fixed a hang at the GNOME Shell login screen with 3D enabled (5.2 regression, bugs #17189 and #17190) Version bump to 5.2.2 (released 2017-11-24 by Oracle) This is a maintenance release. The following items were fixed and/or added: User interface: various improvements for high resolution screens User interface: added functionality to duplicate optical and floppy images User interface: various improvements for the virtual media manager VMM: fixed emulation so that Plan 9 guests can start once more (5.1.0 regression) Storage: fixed regression breaking iSCSI (bug #17196) Audio: added HDA support for more exotic guests (e.g. Haiku) Serial: fixed hanging I/O when using named pipes on Windows (5.2.0 regression; bug #17227) Serial: fixed broken communication with certain devices on Linux hosts USB/OHCI: improved behavior so that the controller state after a VM reset is closer to the initial state after VM start EFI: fixed HFS+ driver which in rare cases failed to access most files on a volume Shared clipboard: fixed hang with OS X host and Linux guest (bug #15782) Linux hosts: fixed kernel module compilation and start failures with Linux kernel 4.14 (bug #17267) X11 hosts: better handle WM_CLASS setting (bug #12534) Linux guests: fixed kernel module compilation and other problems with Linux kernel 4.14 (bug #12534) Linux guests: fixed kernel module compilation and other problems with Linux kernel 4.14 Linux guests: fixed various 5.2.0 regressions (bug #17163) Bridged networking: fixed duplicate EtherType in VLAN/priority tags on Linux (5.2.0 regression; bug #17277) OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=393
2017-12-29 20:22:29 +01:00
@@ -0,0 +1,30 @@
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+# $Id: Makefile.kmk 28800 2010-04-27 08:22:32Z vboxsync $
+## @file
+#
+# VBoxUSB_DevRules is wrapper for suse users
+#
+# This file is part of VirtualBox Open Source Edition (OSE), as
+# available from http://www.virtualbox.org. This file is free software;
+# you can redistribute it and/or modify it under the terms of the GNU
+# General Public License (GPL) as published by the Free Software
+# Foundation, in version 2 as it comes in the "COPYING" file of the
+# VirtualBox OSE distribution. VirtualBox OSE is distributed in the
+# hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
+#
+
+
+SUB_DEPTH = ../../..
+include $(KBUILD_PATH)/subheader.kmk
+
+PROGRAMS += VBoxUSB_DevRules
+
Accepting request 414498 from home:luizluca:branches:Virtualization bump to 5.1.2 I tried to keep all Suse customization as they are. Warning dialogs were ported to Qt5. I did not check for added executables in the new release. Compile tested on all current targets. Runtime tested on Tumbleweed, both host and guest. OBS-URL: https://build.opensuse.org/request/show/414498 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=262
2016-07-26 18:15:55 +02:00
+VBoxUSB_DevRules_TEMPLATE = VBOXQTGUIEXE
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+VBoxUSB_DevRules_SOURCES = VBoxUSB_DevRules.cpp
+VBoxUSB_DevRules_QT_MODULES = Core Gui
- File "fixes_for_4.14.patch" deleted - upstream fix. File "remove_vbox_video_build.patch" added as current versions of Xorg no longer need this component. Version update to 5.2.4 (released 2017-12-19 by Oracle) This is a maintenance release. The following items were fixed and/or added: User interface: Adjusting desktop file for X11 window managers (bug #17312) User interface: various high resolution display adjustments Audio: fixed SB16 volume handling (5.2 regression) Audio: various fixes USB/OHCI: fixed a problem where OHCI emulation might sporadically drop data transfers Linux hosts: fixed screen corruption when the host screen changes and a virtual machine window is maximized X11 Guest Additions: fixed a hang at the GNOME Shell login screen with 3D enabled (5.2 regression, bugs #17189 and #17190) Version bump to 5.2.2 (released 2017-11-24 by Oracle) This is a maintenance release. The following items were fixed and/or added: User interface: various improvements for high resolution screens User interface: added functionality to duplicate optical and floppy images User interface: various improvements for the virtual media manager VMM: fixed emulation so that Plan 9 guests can start once more (5.1.0 regression) Storage: fixed regression breaking iSCSI (bug #17196) Audio: added HDA support for more exotic guests (e.g. Haiku) Serial: fixed hanging I/O when using named pipes on Windows (5.2.0 regression; bug #17227) Serial: fixed broken communication with certain devices on Linux hosts USB/OHCI: improved behavior so that the controller state after a VM reset is closer to the initial state after VM start EFI: fixed HFS+ driver which in rare cases failed to access most files on a volume Shared clipboard: fixed hang with OS X host and Linux guest (bug #15782) Linux hosts: fixed kernel module compilation and start failures with Linux kernel 4.14 (bug #17267) X11 hosts: better handle WM_CLASS setting (bug #12534) Linux guests: fixed kernel module compilation and other problems with Linux kernel 4.14 (bug #12534) Linux guests: fixed kernel module compilation and other problems with Linux kernel 4.14 Linux guests: fixed various 5.2.0 regressions (bug #17163) Bridged networking: fixed duplicate EtherType in VLAN/priority tags on Linux (5.2.0 regression; bug #17277) OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=393
2017-12-29 20:22:29 +01:00
+VBoxUSB_DevRules_QT_MODULES += Widgets
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+
+#INSTALLS += VBoxUSB_DevRules
+
+include $(KBUILD_PATH)/subfooter.kmk
+
+
Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
Index: VirtualBox-7.0.6/src/apps/VBoxUSB_DevRules/VBoxUSB_DevRules.cpp
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
===================================================================
- Revise warning screen concerning USB passthru - fixes bnc#1041137. USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default. Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed, the popup will show the next time VB is started. File "fix_usb_rules.sh" is added. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-09 00:26:55 +02:00
--- /dev/null
Accepting request 1060705 from home:larryr:branches:Virtualization - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: OBS-URL: https://build.opensuse.org/request/show/1060705 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=673
2023-01-24 22:49:25 +01:00
+++ VirtualBox-7.0.6/src/apps/VBoxUSB_DevRules/VBoxUSB_DevRules.cpp
- Add file "fix_32_bit_builds.patch" to fix error in 32-bit builds. Add file "switch_to_python3.6.patch" to convert to Python3. Update warning regarding the security hole in USB passthrough. The text no longer refers to an old bugzilla entry (bsc#1097248). Script vboxguestconfig.sh is fixed. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=432
2018-06-19 19:53:58 +02:00
@@ -0,0 +1,25 @@
Accepting request 414498 from home:luizluca:branches:Virtualization bump to 5.1.2 I tried to keep all Suse customization as they are. Warning dialogs were ported to Qt5. I did not check for added executables in the new release. Compile tested on all current targets. Runtime tested on Tumbleweed, both host and guest. OBS-URL: https://build.opensuse.org/request/show/414498 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=262
2016-07-26 18:15:55 +02:00
+#include <QtWidgets/QApplication>
+#include <QtWidgets/QMessageBox>
- Add file "fix_32_bit_builds.patch" to fix error in 32-bit builds. Add file "switch_to_python3.6.patch" to convert to Python3. Update warning regarding the security hole in USB passthrough. The text no longer refers to an old bugzilla entry (bsc#1097248). Script vboxguestconfig.sh is fixed. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=432
2018-06-19 19:53:58 +02:00
+#include <QtWidgets/QPushButton>+
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+int main(int argc, char *argv[])
+{
Accepting request 789598 from home:lwfinger:branches:Virtualization - Fix build errors for gcc-10 (boo#1167897). File "fixes_for_gcc10.patch" is added. - Convert /usr/bin/VirtualBox to use "~/.config/VirtualBox" instead "~/.vbox". This change was requested in boo#1167660. OBS-URL: https://build.opensuse.org/request/show/789598 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=543
2020-03-30 06:53:46 +02:00
+ QApplication app(argc, argv);
+ QMessageBox msgBox;
- Revise warning screen concerning USB passthru - fixes bnc#1041137. USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default. Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed, the popup will show the next time VB is started. File "fix_usb_rules.sh" is added. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-09 00:26:55 +02:00
+ QPushButton *myYesButton = msgBox.addButton("Enable", QMessageBox::YesRole);
+ QPushButton *myNoButton = msgBox.addButton("Disable", QMessageBox::NoRole);
+ msgBox.setWindowTitle(QObject::tr("USB Rules and Permissions !"));
Accepting request 789598 from home:lwfinger:branches:Virtualization - Fix build errors for gcc-10 (boo#1167897). File "fixes_for_gcc10.patch" is added. - Convert /usr/bin/VirtualBox to use "~/.config/VirtualBox" instead "~/.vbox". This change was requested in boo#1167660. OBS-URL: https://build.opensuse.org/request/show/789598 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=543
2020-03-30 06:53:46 +02:00
+ msgBox.setText(QObject::tr("USB passthrough requires read/write access to USB devices. "
- Add file "fix_32_bit_builds.patch" to fix error in 32-bit builds. Add file "switch_to_python3.6.patch" to convert to Python3. Update warning regarding the security hole in USB passthrough. The text no longer refers to an old bugzilla entry (bsc#1097248). Script vboxguestconfig.sh is fixed. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=432
2018-06-19 19:53:58 +02:00
+ "As a result, it opens a security hole.\n\n"
+ "Nonetheless, this feature is extremely useful and it may be worth the security risk. "
+ "Thus the code defaults to enabling it.\n\nIf you agree that the risk is acceptable, then click 'Enable'.\n"
Accepting request 789598 from home:lwfinger:branches:Virtualization - Fix build errors for gcc-10 (boo#1167897). File "fixes_for_gcc10.patch" is added. - Convert /usr/bin/VirtualBox to use "~/.config/VirtualBox" instead "~/.vbox". This change was requested in boo#1167660. OBS-URL: https://build.opensuse.org/request/show/789598 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=543
2020-03-30 06:53:46 +02:00
+ "You should not be asked this question again when VB is updated. If you later change your mind, run 'rm ~/.config/virtualbox/*'\n\n"
Accepting request 555993 from home:hfschmidt:branches:Virtualization - Fix spelling mistakes in vbox-usb-warning.diff. OBS-URL: https://build.opensuse.org/request/show/555993 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=390
2017-12-11 18:20:16 +01:00
+ "If you wish to disable USB passthrough to plug the security hole, then click 'Disable'. "
- Add file "fix_32_bit_builds.patch" to fix error in 32-bit builds. Add file "switch_to_python3.6.patch" to convert to Python3. Update warning regarding the security hole in USB passthrough. The text no longer refers to an old bugzilla entry (bsc#1097248). Script vboxguestconfig.sh is fixed. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=432
2018-06-19 19:53:58 +02:00
+ "You will be asked for the system password, and /etc/udev/rules.d/60-vboxdrv.rules will be changed.\n\n"
Accepting request 789598 from home:lwfinger:branches:Virtualization - Fix build errors for gcc-10 (boo#1167897). File "fixes_for_gcc10.patch" is added. - Convert /usr/bin/VirtualBox to use "~/.config/VirtualBox" instead "~/.vbox". This change was requested in boo#1167660. OBS-URL: https://build.opensuse.org/request/show/789598 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=543
2020-03-30 06:53:46 +02:00
+ "These changes may not be preserved through VB updates, thus this screen may be displayed again at that time."));
- Revise warning screen concerning USB passthru - fixes bnc#1041137. USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default. Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed, the popup will show the next time VB is started. File "fix_usb_rules.sh" is added. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-09 00:26:55 +02:00
+ msgBox.exec();
Accepting request 789598 from home:lwfinger:branches:Virtualization - Fix build errors for gcc-10 (boo#1167897). File "fixes_for_gcc10.patch" is added. - Convert /usr/bin/VirtualBox to use "~/.config/VirtualBox" instead "~/.vbox". This change was requested in boo#1167660. OBS-URL: https://build.opensuse.org/request/show/789598 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=543
2020-03-30 06:53:46 +02:00
+ app.quit();
- Revise warning screen concerning USB passthru - fixes bnc#1041137. USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default. Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed, the popup will show the next time VB is started. File "fix_usb_rules.sh" is added. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-09 00:26:55 +02:00
+ if (msgBox.clickedButton() == myYesButton)
+ return 0;
+ return 1;
Accepting request 342960 from home:lwfinger:branches:Virtualization Add popup for USB passthru security (boo#953018). OBS-URL: https://build.opensuse.org/request/show/342960 OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=233
2015-11-08 10:13:53 +01:00
+}
+
Copy Permalink