- Fixes for CVE-2017-3561, CVE-2017-3563, CVE-2017-3576, CVE-2017-3558, CVE-2017-3587

CVE-2017-3559, CVE-2017-3575, CVE-2017-3538, CVE-2017-3513
   Version bump to 5.1.20 (released 2017-04-18 by Oracle)
   This is a maintenance release. The following items were fixed and/or added:
    GUI: don't check if the Extension Pack is up-to-date if the user is about to install a new Extension Pack (bug #16317)
    GUI: fixed a possible crash when switching a multi-monitor VM into full-screen or seamless mode
    GUI: several mini-toolbar fixes in full-screen / seamless mode (X11 hosts only)
    GUI: don't crash on restoring defaults in the appliance import dialog
    Windows Additions: another fix for automatic logins for Windows Vista and newer (bug #15904)
    ICH9: fix for Windows guests with a huge amount (>64G) of guest memory
    BIOS: fixed El Torito hard disk emulation geometry calculation (thanks Dwight Engen)

OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=325
This commit is contained in:
Larry Finger 2017-04-20 20:01:58 +00:00 committed by Git OBS Bridge
parent d1039d5c96
commit c3b3915a83
6 changed files with 119 additions and 96 deletions

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:1e520c8fd6c7249fc89e39f61c117537fe9e469688af0912c45517c27f9c2255 oid sha256:73b685e32fe65b291e5c18a1de27c758c432b3423e1b02aa5184bde7a779b528
size 4363880 size 4365078

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ac5c5430ab29021b133948b88d8960d39a9a80caae0da927a482d6d8a0ad3acd
size 81031394

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eebde919a146c6b028f20b72d74b60bba08e9462e292224063448bed411688ea
size 81111766

View File

@ -1,7 +1,7 @@
Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh Index: VirtualBox-5.1.20/src/VBox/Additions/linux/installer/vboxadd.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/Additions/linux/installer/vboxadd.sh --- VirtualBox-5.1.20.orig/src/VBox/Additions/linux/installer/vboxadd.sh
+++ VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh +++ VirtualBox-5.1.20/src/VBox/Additions/linux/installer/vboxadd.sh
@@ -23,9 +23,12 @@ @@ -23,9 +23,12 @@
# Provides: vboxadd # Provides: vboxadd
# Required-Start: # Required-Start:
@ -16,7 +16,7 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
### END INIT INFO ### END INIT INFO
## @todo This file duplicates a lot of script with vboxdrv.sh. When making ## @todo This file duplicates a lot of script with vboxdrv.sh. When making
@@ -94,7 +97,6 @@ fail() @@ -108,7 +111,6 @@ fail()
dev=/dev/vboxguest dev=/dev/vboxguest
userdev=/dev/vboxuser userdev=/dev/vboxuser
@ -24,7 +24,7 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
owner=vboxadd owner=vboxadd
group=1 group=1
@@ -140,12 +142,6 @@ do_vboxguest_non_udev() @@ -162,12 +164,6 @@ do_vboxguest_non_udev()
fail "Cannot create device $dev with major $maj and minor $min" fail "Cannot create device $dev with major $maj and minor $min"
} }
fi fi
@ -37,7 +37,7 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
if [ ! -c $userdev ]; then if [ ! -c $userdev ]; then
maj=10 maj=10
@@ -156,12 +152,6 @@ do_vboxguest_non_udev() @@ -178,12 +174,6 @@ do_vboxguest_non_udev()
rmmod vboxguest 2>/dev/null rmmod vboxguest 2>/dev/null
fail "Cannot create device $userdev with major $maj and minor $min" fail "Cannot create device $userdev with major $maj and minor $min"
} }
@ -50,31 +50,29 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
fi fi
fi fi
} }
@@ -171,13 +161,6 @@ start() @@ -193,9 +183,8 @@ start()
begin "Starting the VirtualBox Guest Additions" console; begin "Starting the VirtualBox Guest Additions" console;
# If we got this far assume that the slow set-up has been done. # If we got this far assume that the slow set-up has been done.
QUICKSETUP=yes QUICKSETUP=yes
- if test -r $config; then - if test -z "${INSTALL_NO_MODULE_BUILDS}"; then
- . $config - uname -r | grep -q -E '^2\.6|^3|^4' 2>/dev/null &&
- else - ps -A -o comm | grep -q '/*udevd$' 2>/dev/null ||
- fail "Configuration file $config not found" + uname -r | grep -q -E '^2\.6|^3|^4' 2>/dev/null &&
- fi + ps -A -o comm | grep -q '/*udevd$' 2>/dev/null ||
- test -n "$INSTALL_DIR" -a -n "$INSTALL_VER" || no_udev=1
- fail "Configuration file $config not complete" running_vboxguest || {
uname -r | grep -q -E '^2\.6|^3|^4' 2>/dev/null && rm -f $dev || {
ps -A -o comm | grep -q '/*udevd$' 2>/dev/null || @@ -209,7 +198,7 @@ start()
no_udev=1
@@ -193,7 +176,7 @@ start()
$MODPROBE vboxguest >/dev/null 2>&1 || {
setup
$MODPROBE vboxguest >/dev/null 2>&1 || { $MODPROBE vboxguest >/dev/null 2>&1 || {
- /sbin/rcvboxadd-x11 cleanup setup
+ #/sbin/rcvboxadd-x11 cleanup $MODPROBE vboxguest >/dev/null 2>&1 || {
fail "modprobe vboxguest failed" - ${INSTALL_DIR}/init/vboxadd-x11 cleanup
+ ${INSTALL_DIR}#/init/vboxadd-x11 cleanup
fail "modprobe vboxguest failed"
}
} }
} @@ -234,14 +223,14 @@ start()
@@ -217,14 +200,14 @@ start() fi # INSTALL_NO_MODULE_BUILDS
}
# Put the X.Org driver in place. This is harmless if it is not needed. # Put the X.Org driver in place. This is harmless if it is not needed.
- /sbin/rcvboxadd-x11 setup - /sbin/rcvboxadd-x11 setup
@ -91,7 +89,7 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
# SELinux for the OpenGL libraries, so that gdm can load them during the # SELinux for the OpenGL libraries, so that gdm can load them during the
# acceleration support check. This prevents an "Oh no, something has gone # acceleration support check. This prevents an "Oh no, something has gone
# wrong!" error when starting EL7 guests. # wrong!" error when starting EL7 guests.
@@ -237,6 +220,15 @@ start() @@ -254,6 +243,15 @@ start()
chcon -h -t lib_t "/var/lib/VBoxGuestAdditions/lib/libEGL.so.1" chcon -h -t lib_t "/var/lib/VBoxGuestAdditions/lib/libEGL.so.1"
fi fi
echo "/var/lib/VBoxGuestAdditions/lib" > /etc/ld.so.conf.d/00vboxvideo.conf echo "/var/lib/VBoxGuestAdditions/lib" > /etc/ld.so.conf.d/00vboxvideo.conf
@ -107,27 +105,38 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
fi fi
ldconfig ldconfig
@@ -382,7 +374,7 @@ extra_setup() @@ -394,9 +392,9 @@ create_udev_rule()
ln -sf "$lib_path/$PACKAGE/mount.vboxsf" /sbin echo "KERNEL=${udev_fix}\"vboxuser\", NAME=\"vboxuser\", OWNER=\"vboxadd\", MODE=\"0666\"" >> /etc/udev/rules.d/60-vboxadd.rules
# And an rc file to re-build the kernel modules and re-set-up the X server. fi
ln -sf "$lib_path/$PACKAGE/vboxadd" /sbin/rcvboxadd }
- ln -sf "$lib_path/$PACKAGE/vboxadd-x11" /sbin/rcvboxadd-x11 -
-create_module_rebuild_script()
-{
+ # And an rc file to re-build the kernel modules and re-set-up the X server.
+ ln -sf "$lib_path/$PACKAGE/vboxadd" /sbin/rcvboxadd
+ #ln -sf "$lib_path/$PACKAGE/vboxadd-x11" /sbin/rcvboxadd-x11 + #ln -sf "$lib_path/$PACKAGE/vboxadd-x11" /sbin/rcvboxadd-x11
# And a post-installation script for rebuilding modules when a new kernel # And a post-installation script for rebuilding modules when a new kernel
# is installed. # is installed.
mkdir -p /etc/kernel/postinst.d /etc/kernel/prerm.d mkdir -p /etc/kernel/postinst.d /etc/kernel/prerm.d
@@ -415,49 +407,13 @@ EOF @@ -427,47 +425,18 @@ shared_folder_setup()
## @todo It would be nicer if the kernel module just parsed parameters
# itself instead of needing a separate binary to do that.
ln -sf "${INSTALL_DIR}/other/mount.vboxsf" /sbin
- # SELinux security context for the mount helper.
- if test -e /etc/selinux/config; then
- # This is correct. semanage maps this to the real path, and it aborts
- # with an error, telling you what you should have typed, if you specify
- # the real path. The "chcon" is there as a back-up for old guests.
- command -v semanage > /dev/null &&
- semanage fcontext -a -t mount_exec_t "/usr/lib/$PACKAGE/mount.vboxsf"
- chcon -t mount_exec_t "$lib_path/$PACKAGE/mount.vboxsf"
- fi
- succ_msg
-}
-
# setup_script # setup_script
setup() setup()
{ {
- begin "Building Guest Additions kernel modules" console
- if test -r $config; then
- . $config
- else
- fail "Configuration file $config not found"
- fi
- test -n "$INSTALL_DIR" -a -n "$INSTALL_VER" ||
- fail "Configuration file $config not complete"
- export BUILD_TYPE - export BUILD_TYPE
- export USERNAME - export USERNAME
- -
@ -136,20 +145,16 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
- BUILDINTMP="$MODULE_SRC/build_in_tmp" - BUILDINTMP="$MODULE_SRC/build_in_tmp"
- chcon -t bin_t "$BUILDINTMP" > /dev/null 2>&1 - chcon -t bin_t "$BUILDINTMP" > /dev/null 2>&1
- -
- if setup_modules; then - test -z "${INSTALL_NO_MODULE_BUILDS}" && setup_modules
- mod_succ=0 - create_vbox_user
- else - create_udev_rule
- mod_succ=1 - test -z "${INSTALL_NO_MODULE_BUILDS}" && create_module_rebuild_script
- show_error "Please check that you have gcc, make, the header files for your Linux kernel and possibly perl installed." - test -n "${QUICKSETUP}" && return 0
- shared_folder_setup
- if running_vboxguest || running_vboxadd; then
- begin "Running kernel modules will not be replaced until the system is restarted"
- fi - fi
- test -n "${QUICKSETUP}" && return "${mod_succ}" - return 0
- extra_setup
- if [ "$mod_succ" -eq "0" ]; then
- if running_vboxguest || running_vboxadd; then
- begin "You should restart your guest to make sure the new modules are actually used" console
- fi
- fi
- return "${mod_succ}"
+ begin "Recompiling VirtualBox kernel module, NOT. It has been packaged." + begin "Recompiling VirtualBox kernel module, NOT. It has been packaged."
+ succ_msg + succ_msg
} }
@ -157,36 +162,37 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd.sh
# cleanup_script # cleanup_script
cleanup() cleanup()
{ {
- if test -r $config; then - if test -z "${INSTALL_NO_MODULE_BUILDS}"; then
- . $config - # Delete old versions of VBox modules.
- test -n "$INSTALL_DIR" -a -n "$INSTALL_VER" || - cleanup_modules
- fail "Configuration file $config not complete" + # Delete old versions of VBox modules.
- else + cleanup_modules
- fail "Configuration file $config not found" depmod
- fi
- # Remove old module sources
# Delete old versions of VBox modules. @@ -477,13 +446,14 @@ cleanup()
cleanup_modules fi
depmod
@@ -468,12 +424,12 @@ cleanup()
done
# Clean-up X11-related bits # Clean-up X11-related bits
- /sbin/rcvboxadd-x11 cleanup - ${INSTALL_DIR}/init/vboxadd-x11 cleanup
+ #/sbin/rcvboxadd-x11 cleanup + #/sbin/rcvboxadd-x11 cleanup
# Remove other files # Remove other files
rm /sbin/mount.vboxsf 2>/dev/null rm /sbin/mount.vboxsf 2>/dev/null
rm /sbin/rcvboxadd 2>/dev/null - if test -z "${INSTALL_NO_MODULE_BUILDS}"; then
- rm /sbin/rcvboxadd-x11 2>/dev/null - rm -f /etc/kernel/postinst.d/vboxadd /etc/kernel/prerm.d/vboxadd
- rmdir -p /etc/kernel/postinst.d /etc/kernel/prerm.d 2>/dev/null
+ rm /sbin/rcvboxadd 2>/dev/null
+ #rm /sbin/rcvboxadd-x11 2>/dev/null + #rm /sbin/rcvboxadd-x11 2>/dev/null
rm -f /etc/kernel/postinst.d/vboxadd /etc/kernel/prerm.d/vboxadd + rm -f /etc/kernel/postinst.d/vboxadd /etc/kernel/prerm.d/vboxadd
rmdir -p /etc/kernel/postinst.d /etc/kernel/prerm.d 2>/dev/null + rmdir -p /etc/kernel/postinst.d /etc/kernel/prerm.d 2>/dev/null
fi
rm /etc/udev/rules.d/60-vboxadd.rules 2>/dev/null rm /etc/udev/rules.d/60-vboxadd.rules 2>/dev/null
Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd-service.sh }
Index: VirtualBox-5.1.20/src/VBox/Additions/linux/installer/vboxadd-service.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/Additions/linux/installer/vboxadd-service.sh --- VirtualBox-5.1.20.orig/src/VBox/Additions/linux/installer/vboxadd-service.sh
+++ VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd-service.sh +++ VirtualBox-5.1.20/src/VBox/Additions/linux/installer/vboxadd-service.sh
@@ -20,7 +20,7 @@ @@ -20,7 +20,7 @@
# Provides: vboxadd-service # Provides: vboxadd-service
# Required-Start: vboxadd # Required-Start: vboxadd
@ -196,10 +202,10 @@ Index: VirtualBox-5.1.14/src/VBox/Additions/linux/installer/vboxadd-service.sh
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: VirtualBox Additions Service # Description: VirtualBox Additions Service
### END INIT INFO ### END INIT INFO
Index: VirtualBox-5.1.14/src/VBox/Installer/linux/vboxautostart-service.sh Index: VirtualBox-5.1.20/src/VBox/Installer/linux/vboxautostart-service.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/Installer/linux/vboxautostart-service.sh --- VirtualBox-5.1.20.orig/src/VBox/Installer/linux/vboxautostart-service.sh
+++ VirtualBox-5.1.14/src/VBox/Installer/linux/vboxautostart-service.sh +++ VirtualBox-5.1.20/src/VBox/Installer/linux/vboxautostart-service.sh
@@ -20,7 +20,7 @@ @@ -20,7 +20,7 @@
# Provides: vboxautostart-service # Provides: vboxautostart-service
# Required-Start: vboxdrv # Required-Start: vboxdrv
@ -209,10 +215,10 @@ Index: VirtualBox-5.1.14/src/VBox/Installer/linux/vboxautostart-service.sh
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: VirtualBox autostart service # Description: VirtualBox autostart service
### END INIT INFO ### END INIT INFO
Index: VirtualBox-5.1.14/src/VBox/Installer/linux/vboxballoonctrl-service.sh Index: VirtualBox-5.1.20/src/VBox/Installer/linux/vboxballoonctrl-service.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/Installer/linux/vboxballoonctrl-service.sh --- VirtualBox-5.1.20.orig/src/VBox/Installer/linux/vboxballoonctrl-service.sh
+++ VirtualBox-5.1.14/src/VBox/Installer/linux/vboxballoonctrl-service.sh +++ VirtualBox-5.1.20/src/VBox/Installer/linux/vboxballoonctrl-service.sh
@@ -20,7 +20,7 @@ @@ -20,7 +20,7 @@
# Provides: vboxballoonctrl-service # Provides: vboxballoonctrl-service
# Required-Start: vboxdrv # Required-Start: vboxdrv
@ -222,10 +228,10 @@ Index: VirtualBox-5.1.14/src/VBox/Installer/linux/vboxballoonctrl-service.sh
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: VirtualBox watchdog daemon # Description: VirtualBox watchdog daemon
### END INIT INFO ### END INIT INFO
Index: VirtualBox-5.1.14/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh Index: VirtualBox-5.1.20/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh --- VirtualBox-5.1.20.orig/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh
+++ VirtualBox-5.1.14/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh +++ VirtualBox-5.1.20/src/VBox/ValidationKit/testboxscript/linux/testboxscript-service.sh
@@ -31,7 +31,7 @@ @@ -31,7 +31,7 @@
# Provides: testboxscript-service # Provides: testboxscript-service
# Required-Start: $network # Required-Start: $network
@ -235,10 +241,10 @@ Index: VirtualBox-5.1.14/src/VBox/ValidationKit/testboxscript/linux/testboxscrip
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: TestBoxScript service # Description: TestBoxScript service
### END INIT INFO ### END INIT INFO
Index: VirtualBox-5.1.14/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh Index: VirtualBox-5.1.20/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh --- VirtualBox-5.1.20.orig/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh
+++ VirtualBox-5.1.14/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh +++ VirtualBox-5.1.20/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs-nat.sh
@@ -31,7 +31,7 @@ @@ -31,7 +31,7 @@
# Provides: vboxtxs # Provides: vboxtxs
# Required-Start: $network # Required-Start: $network
@ -248,10 +254,10 @@ Index: VirtualBox-5.1.14/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: VirtualBox Test Execution Service # Description: VirtualBox Test Execution Service
### END INIT INFO ### END INIT INFO
Index: VirtualBox-5.1.14/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh Index: VirtualBox-5.1.20/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh
=================================================================== ===================================================================
--- VirtualBox-5.1.14.orig/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh --- VirtualBox-5.1.20.orig/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh
+++ VirtualBox-5.1.14/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh +++ VirtualBox-5.1.20/src/VBox/ValidationKit/utils/TestExecServ/linux/vboxtxs.sh
@@ -31,7 +31,7 @@ @@ -31,7 +31,7 @@
# Provides: vboxtxs # Provides: vboxtxs
# Required-Start: $network # Required-Start: $network

View File

@ -1,3 +1,20 @@
-------------------------------------------------------------------
Thu Apr 20 19:51:27 UTC 2017 - Larry.Finger@lwfinger.net
- Fixes for CVE-2017-3561, CVE-2017-3563, CVE-2017-3576, CVE-2017-3558, CVE-2017-3587
CVE-2017-3559, CVE-2017-3575, CVE-2017-3538, CVE-2017-3513
Version bump to 5.1.20 (released 2017-04-18 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
GUI: don't check if the Extension Pack is up-to-date if the user is about to install a new Extension Pack (bug #16317)
GUI: fixed a possible crash when switching a multi-monitor VM into full-screen or seamless mode
GUI: several mini-toolbar fixes in full-screen / seamless mode (X11 hosts only)
GUI: don't crash on restoring defaults in the appliance import dialog
Windows Additions: another fix for automatic logins for Windows Vista and newer (bug #15904)
ICH9: fix for Windows guests with a huge amount (>64G) of guest memory
BIOS: fixed El Torito hard disk emulation geometry calculation (thanks Dwight Engen)
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Apr 8 23:10:36 UTC 2017 - Larry.Finger@lwfinger.net Sat Apr 8 23:10:36 UTC 2017 - Larry.Finger@lwfinger.net

View File

@ -22,7 +22,7 @@
%define _vbox_instdir %{_libexecdir}/virtualbox %define _vbox_instdir %{_libexecdir}/virtualbox
%define _udevrulesdir %{_sysconfdir}/udev/rules.d %define _udevrulesdir %{_sysconfdir}/udev/rules.d
Name: virtualbox Name: virtualbox
Version: 5.1.18 Version: 5.1.20
Release: 0 Release: 0
Summary: VirtualBox is an Emulator Summary: VirtualBox is an Emulator
License: GPL-2.0+ License: GPL-2.0+