Bug#741602: marked as done (virtualbox: CVE-2014-0981 CVE-2014-0982 CVE-2014-0983)

[Debian Bug Tracking System]

Your message dated Sun, 06 Apr 2014 15:51:19 +0000
with message-id <e1wwplr-0007mc...@franck.debian.org>
and subject line Bug#741602: fixed in virtualbox 4.3.10-dfsg-1
has caused the Debian Bug report #741602,
regarding virtualbox: CVE-2014-0981 CVE-2014-0982 CVE-2014-0983
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
741602: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741602
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: virtualbox
Severity: grave
Tags: security
Justification: user security hole

Hi,
please see 
http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: virtualbox
Source-Version: 4.3.10-dfsg-1

We believe that the bug you reported is fixed in the latest version of
virtualbox, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 741...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Felix Geyer <fge...@debian.org> (supplier of updated virtualbox package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 06 Apr 2014 15:31:09 +0200
Source: virtualbox
Binary: virtualbox-qt virtualbox virtualbox-dbg virtualbox-dkms 
virtualbox-source virtualbox-guest-dkms virtualbox-guest-source 
virtualbox-guest-x11 virtualbox-guest-utils
Architecture: source amd64 all
Version: 4.3.10-dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Virtualbox Team 
<pkg-virtualbox-de...@lists.alioth.debian.org>
Changed-By: Felix Geyer <fge...@debian.org>
Description: 
 virtualbox - x86 virtualization solution - base binaries
 virtualbox-dbg - x86 virtualization solution - debugging symbols
 virtualbox-dkms - x86 virtualization solution - kernel module sources for dkms
 virtualbox-guest-dkms - x86 virtualization solution - guest addition module 
source for dk
 virtualbox-guest-source - x86 virtualization solution - guest addition module 
source
 virtualbox-guest-utils - x86 virtualization solution - non-X11 guest utilities
 virtualbox-guest-x11 - x86 virtualization solution - X11 guest utilities
 virtualbox-qt - x86 virtualization solution - Qt based user interface
 virtualbox-source - x86 virtualization solution - kernel module source
Closes: 741602
Changes: 
 virtualbox (4.3.10-dfsg-1) unstable; urgency=high
 .
   * New upstream release.
     - Fixes multiple memory corruption vulnerabilities in the 3D acceleration
       code. (Closes: #741602)
       CVE-2014-0981, CVE-2014-0983
 .
   [ Gianfranco Costamagna ]
   * Patch refresh.
   * d/control, enforcing gsoap min required version.
 .
   [ Felix Geyer ]
   * Override embedded-library nspr lintian warning, it's a locally modified
     version.
Checksums-Sha1: 
 f17b8ecce3d0832424e1ae3c8596c9b3ad137e3a 3579 virtualbox_4.3.10-dfsg-1.dsc
 a97c6e56d073ad4e2ec9978989f7af2a5d164a38 42622360 
virtualbox_4.3.10-dfsg.orig.tar.xz
 a904c3dd56c62441517d268f2c729ff37fbc61fc 74532 
virtualbox_4.3.10-dfsg-1.debian.tar.xz
 c836a171404a32052b79869474dd665d23a34e37 4595902 
virtualbox-qt_4.3.10-dfsg-1_amd64.deb
 dfb216c94a9669b9f20dd1f247aaaac86a591def 15600010 
virtualbox_4.3.10-dfsg-1_amd64.deb
 f7a773542dc928c8bafef96411dc35be3d3071a3 65018910 
virtualbox-dbg_4.3.10-dfsg-1_amd64.deb
 05993e2df4af850648d88f95c9e4f27fa33eb4a6 558374 
virtualbox-dkms_4.3.10-dfsg-1_all.deb
 aa5548416f912841bdf10c0973daf0c8b180e163 661806 
virtualbox-source_4.3.10-dfsg-1_all.deb
 1959927cc26ccb307e4327d45e14a706a313c1db 471214 
virtualbox-guest-dkms_4.3.10-dfsg-1_all.deb
 8d40eec8eccd7132c32860b2402b81cbd2889b64 571552 
virtualbox-guest-source_4.3.10-dfsg-1_all.deb
 68be3533f2de5f8ebc7cf834923ddee518f8a6c4 1011122 
virtualbox-guest-x11_4.3.10-dfsg-1_amd64.deb
 8725688be5eaf063ec754f5ddca3640d34a2b4b3 365912 
virtualbox-guest-utils_4.3.10-dfsg-1_amd64.deb
Checksums-Sha256: 
 29339a206ed3786dc4c725e87c9657662889d6e445fa5ec9aadb681ef0d129b4 3579 
virtualbox_4.3.10-dfsg-1.dsc
 07840728fd094bee70218e8dec28baa7772792f9f0b7d0a45fb52a0acf085404 42622360 
virtualbox_4.3.10-dfsg.orig.tar.xz
 70ab2dff61c2d3252e1247014e2ccd1c508dd29136b4817c5b8af0c86aa792ab 74532 
virtualbox_4.3.10-dfsg-1.debian.tar.xz
 6bfa6c226c6781337021d182a55785a7261ce5b35fc8b33ec26f707c24b39d6c 4595902 
virtualbox-qt_4.3.10-dfsg-1_amd64.deb
 064f5e8dba7b121c8eddc1c4fe9da9950075b231b902fc075ef63587e7fec7c3 15600010 
virtualbox_4.3.10-dfsg-1_amd64.deb
 358fe27a41bdbca08796312299d83cb37deea0704888d321ad4e8ffe357ef623 65018910 
virtualbox-dbg_4.3.10-dfsg-1_amd64.deb
 59ed7bed9b22f552e72b9256e506794925ae54cb70fb4c7bc921ee37348ba47c 558374 
virtualbox-dkms_4.3.10-dfsg-1_all.deb
 bdd60db023189141e2907a2e3819e2c3f4ff0f0ec59b15ecf285df2d684a5a6c 661806 
virtualbox-source_4.3.10-dfsg-1_all.deb
 8e33dc8e42156e9e047bfde8fcb3f6b39817482aceea3d005b4ed4a97469389f 471214 
virtualbox-guest-dkms_4.3.10-dfsg-1_all.deb
 6e7faeb623d3700cc66bb6e135b4981bceb9cb340eeb931f868fa833ba18202d 571552 
virtualbox-guest-source_4.3.10-dfsg-1_all.deb
 a21675298b7c3083c3fce586d505026bbf1d716704f0face9f365a8c5439f49d 1011122 
virtualbox-guest-x11_4.3.10-dfsg-1_amd64.deb
 b0ba3a91e782f23d9b6393cfc05305c4da89cf422edf44fb7254955fbb4796b4 365912 
virtualbox-guest-utils_4.3.10-dfsg-1_amd64.deb
Files: 
 a2e710b88e599b8d54c85425b22d9ca0 3579 contrib/misc optional 
virtualbox_4.3.10-dfsg-1.dsc
 596244adde5c37fe410551cb02035c82 42622360 contrib/misc optional 
virtualbox_4.3.10-dfsg.orig.tar.xz
 e8e0a1ad9c8078abd2af570d47b83b3b 74532 contrib/misc optional 
virtualbox_4.3.10-dfsg-1.debian.tar.xz
 017d05d1acc6cfc333fe6799e440628c 4595902 contrib/misc optional 
virtualbox-qt_4.3.10-dfsg-1_amd64.deb
 34de5dce530886117625a95ec1a237cf 15600010 contrib/misc optional 
virtualbox_4.3.10-dfsg-1_amd64.deb
 27cc0f74b8986680310e94faf0dec280 65018910 contrib/debug extra 
virtualbox-dbg_4.3.10-dfsg-1_amd64.deb
 364c4eae440175c7c0ede8009627d40b 558374 contrib/kernel optional 
virtualbox-dkms_4.3.10-dfsg-1_all.deb
 ba1ce0591aca50a4f32d408218a8bc4e 661806 contrib/kernel optional 
virtualbox-source_4.3.10-dfsg-1_all.deb
 5e3216ec6ecea94ccd13960a82d09a70 471214 contrib/kernel optional 
virtualbox-guest-dkms_4.3.10-dfsg-1_all.deb
 48a378a0453c60f3496bbecfd9b15352 571552 contrib/kernel optional 
virtualbox-guest-source_4.3.10-dfsg-1_all.deb
 30f599f5808525873ad49a2b8281ce97 1011122 contrib/x11 optional 
virtualbox-guest-x11_4.3.10-dfsg-1_amd64.deb
 f1b6e7ae64e470fe9f4c5773c6079f8a 365912 contrib/misc optional 
virtualbox-guest-utils_4.3.10-dfsg-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTQW9fAAoJEP4ixv2DE11FRUAQALBy5EbbWWmySKrXA8hwh5gK
tmBHdV3fs+DQsla4xNlPj5CF6VfBD5uTQAIDWnHhubbw+VkdrZQrKhSRVJjSJ9h+
A1/iXNBEGGZZAFUQlbbGzsutanJrtizE0/GHsKh9xENCAlyVwtJf6U1gcP9nYJU2
dgJwT1rR6RYcZvtVJoPItNyC34QBSH/vQ6ip0ku2GLXDe4qksSHukUwCX54NNBEb
i5b25LfEZ7U5q0IVuevaFJbhAGHhC2TfhQCLSiEnZlQT0ZL25gk3qAUFyWrnoOhe
jHLoDabKUYEAcnQPflsvEE1L/uiowZDO0ycm2sgZlPbM4YeeQ//dutW7xgD/b9EB
UomxuYjpTGlbxOdUHOLYUtoXS718ITO3ZzjrvBrJNHwRODjn2hhYGp/s4CcVcpRP
x8sdtYWkV/Q3XUuW6KSTKoLNT0N4QnO8pnsunaAns22zPLO5XV/5PfEGhnAf6M9s
BB38HNg/Tu65VksE7YnhrBJGHONprSNhoO62BGx49c5SMx06SONHLuPwhLe6KCfl
WsFhZXnLfGZ8MrSwv1krzwWF1Xf5ndaOhP5VJ+qGFVkv5x8+GjCEB9n9i+A7ITCO
+nXSxmkaZ5QxSvXedcKl8JGB/jmdAkuc6kyE8tr88CO8ERPO1mwgus2jlz7Cd/IB
ms9p8kkKpmr2vmc2xM1E
=/0E8
-----END PGP SIGNATURE-----

--- End Message ---