virtualbox: 5.1.6 -> 5.1.8 for many CVEs:
From LWN: From the NVD entries: CVE-2016-5501: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5538. CVE-2016-5538: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501. CVE-2016-5605: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE. CVE-2016-5608: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613. CVE-2016-5610: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core. CVE-2016-5611: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core. CVE-2016-5613: Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.
This commit is contained in:
parent
9970b28680
commit
69e8bac9cd
@ -81,7 +81,7 @@ in stdenv.mkDerivation {
|
||||
'';
|
||||
|
||||
patches = optional enableHardening ./hardened.patch
|
||||
++ [ ./libressl.patch ./qtx11extras.patch ];
|
||||
++ [ ./qtx11extras.patch ];
|
||||
|
||||
postPatch = ''
|
||||
sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \
|
||||
|
@ -1,47 +0,0 @@
|
||||
diff --git a/src/VBox/Runtime/common/crypto/digest-builtin.cpp b/src/VBox/Runtime/common/crypto/digest-builtin.cpp
|
||||
index 66b4304..1aaceff 100644
|
||||
--- a/src/VBox/Runtime/common/crypto/digest-builtin.cpp
|
||||
+++ b/src/VBox/Runtime/common/crypto/digest-builtin.cpp
|
||||
@@ -561,7 +561,7 @@ static PCRTCRDIGESTDESC const g_apDigestOps[] =
|
||||
* OpenSSL EVP.
|
||||
*/
|
||||
|
||||
-# if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
+# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/** @impl_interface_method{RTCRDIGESTDESC::pfnNew} */
|
||||
static DECLCALLBACK(void*) rtCrDigestOsslEvp_New(void)
|
||||
{
|
||||
@@ -597,7 +597,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b
|
||||
if (fReInit)
|
||||
{
|
||||
pEvpType = EVP_MD_CTX_md(pThis);
|
||||
-# if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
+# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
EVP_MD_CTX_reset(pThis);
|
||||
# else
|
||||
EVP_MD_CTX_cleanup(pThis);
|
||||
@@ -616,7 +616,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b
|
||||
static DECLCALLBACK(void) rtCrDigestOsslEvp_Delete(void *pvState)
|
||||
{
|
||||
EVP_MD_CTX *pThis = (EVP_MD_CTX *)pvState;
|
||||
-# if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
+# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
EVP_MD_CTX_reset(pThis);
|
||||
# else
|
||||
EVP_MD_CTX_cleanup(pThis);
|
||||
@@ -661,13 +661,13 @@ static RTCRDIGESTDESC const g_rtCrDigestOpenSslDesc =
|
||||
NULL,
|
||||
RTDIGESTTYPE_UNKNOWN,
|
||||
EVP_MAX_MD_SIZE,
|
||||
-# if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
+# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
0,
|
||||
# else
|
||||
sizeof(EVP_MD_CTX),
|
||||
# endif
|
||||
0,
|
||||
-# if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
+# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
rtCrDigestOsslEvp_New,
|
||||
rtCrDigestOsslEvp_Free,
|
||||
# else
|
@ -1,8 +1,8 @@
|
||||
{
|
||||
"__NOTE": "Generated using update.py from the same directory.",
|
||||
"extpack": "607ac3636bd49a738d5c48159b39261369b5487f71fb10afa2ecf869627a12de",
|
||||
"extpackRev": "110634",
|
||||
"guest": "cbcf9b9b1000e09911b3d20e1efe529aef8a945cf130f6abffc14a39522cc1ed",
|
||||
"main": "2e0112b0d85841587b8f212e6ba8f6c35b31e1cce6b6999497dc917cd37e6911",
|
||||
"version": "5.1.6"
|
||||
"extpack": "d28bcd01c14eb07eedd2b964d1abe4876f0a7e0e89530e7ba285a5d6267bf322",
|
||||
"extpackRev": "111374",
|
||||
"guest": "347fd39df6ddee8079ad41fbc038e2fb64952a40255d75292e8e49a0a0cbf657",
|
||||
"main": "e447031de468aee746529b2cf60768922f9beff22a13c54284aa430f5e925933",
|
||||
"version": "5.1.8"
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user