-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: virtualbox Binary: virtualbox-qt, virtualbox, virtualbox-dbg, virtualbox-dkms, virtualbox-source, virtualbox-guest-dkms, virtualbox-guest-source, virtualbox-guest-x11, virtualbox-guest-utils Architecture: amd64 i386 all Version: 4.3.18-dfsg-2 Maintainer: Debian Virtualbox Team <[email protected]> Uploaders: Michael Meskes <[email protected]>, Ritesh Raj Sarraf <[email protected]>, Gianfranco Costamagna <[email protected]> Homepage: http://www.virtualbox.org/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-virtualbox/virtualbox.git Vcs-Git: git://anonscm.debian.org/pkg-virtualbox/virtualbox.git Build-Depends: bzip2, debhelper (>= 9), default-jdk, dkms (>= 2.1.1.1), docbook-xml, docbook-xsl, dpkg-dev (>= 1.15.6~), g++-multilib [amd64], genisoimage, gsoap (>= 2.8.16), iasl, imagemagick, kbuild (>= 1:0.1.9998svn2695), libasound2-dev, libcap-dev, libcurl4-openssl-dev, libdevmapper-dev, libdrm-dev, libgl1-mesa-dev, libglu1-mesa-dev, libidl-dev, libpam0g-dev, libpixman-1-dev, libpng-dev, libpulse-dev, libqt4-dev (>= 4.4.0), libqt4-network (>= 4.4.0), libqt4-opengl-dev (>= 4.4.0), libsdl1.2-dev, libssl-dev, libvncserver-dev, libvpx-dev, libx11-dev, libxcomposite-dev, libxcursor-dev, libxdamage-dev, libxext-dev, libxi-dev, libxinerama-dev, libxml2-dev, libxmu-dev, libxrandr-dev, libxrender-dev, libxslt1-dev, libxt-dev, lsb-release, lynx-cur, makeself, module-assistant, python-dev (>= 2.6.6-3~), texlive-fonts-extra, texlive-fonts-recommended, texlive-latex-extra, texlive-latex-recommended, uuid-dev, x11proto-gl-dev, x11proto-xf86dri-dev, xserver-xorg-dev, xsltproc, yasm (>= 0.7.0), zlib1g-dev Package-List: virtualbox deb contrib/misc optional arch=amd64,i386 virtualbox-dbg deb contrib/debug extra arch=amd64,i386 virtualbox-dkms deb contrib/kernel optional arch=all virtualbox-guest-dkms deb contrib/kernel optional arch=all virtualbox-guest-source deb contrib/kernel optional arch=all virtualbox-guest-utils deb contrib/misc optional arch=amd64,i386 virtualbox-guest-x11 deb contrib/x11 optional arch=amd64,i386 virtualbox-qt deb contrib/misc optional arch=amd64,i386 virtualbox-source deb contrib/kernel optional arch=all Checksums-Sha1: eb620e523134903bc466bacaf7c66a80abddaabf 43452624 virtualbox_4.3.18-dfsg.orig.tar.xz f33dc1070a4f567a05e748926f9760f5bcebf56d 75152 virtualbox_4.3.18-dfsg-2.debian.tar.xz Checksums-Sha256: 9759c0ebb88a408bee603023e888362185ea5e9dce31cd5d90550b240d3864a1 43452624 virtualbox_4.3.18-dfsg.orig.tar.xz e312f7e74ba99a69452ae85160f9d79c93b37cc913a48a3d8c1327c621e6d353 75152 virtualbox_4.3.18-dfsg-2.debian.tar.xz Files: b95045bc205c8ae718ef901092db1edf 43452624 virtualbox_4.3.18-dfsg.orig.tar.xz a2d02539795e57c3300dc02058297ca4 75152 virtualbox_4.3.18-dfsg-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUxj7oAAoJEKY6WKPy4XVpQVEP/jTNz8YTqhYSpsC49+kLop12 dBGmUwzHQmCZr7W5mcvX9rKKHktjYSU9SfzpHLz6SV/H5vL+K0lJAXTxXPX9RO5s Dh9XluocyCBXPWjqNGdkCMwUmVRbc0DLFUTxPUAQ+g8BemfH4RpoWKIzphDiRlWT Wik1rifC8+bJRm3+Nma4nPllBJtKB8GkQtqUFVfl+8H4JABoGZvPTWd9kfJVxKoG JOjLAErr5QzyNVJhdHUnn8kgGY8SFNcOFQKmL1CDIVDsjqe8R5diJwfmtxvmE4tA pg++Kf5+wKcyzVumtijF+XlhFA2Ghpao9w1zelswmPFMRdPkw4tbZS7cqiwD1hjl IhsrYtzjIZKjTLsRIBtrZiwWragOh0A/njTUQVX/5h9273Mim2mN5S9az60FPCEN d2oT7epQ0CLuyxg/B8sWLdWXkW1kYPBmFTouIOaqofRx/fdr9PUXXEIC8bJXt1Dm wSxFja+Pah9cJx8wkKH9pEWS/AD9kTBDCmJErb5MqAMUVJg8Q61kZe5CvuVTt4xV y2uOEZDa/RwuH499rRfYXtTGGwP5vlfmII3veRfTNOglaWQ2atiVf1WLGao2rX21 MZ07T8ibYuFZp0WwV7Qlpw+5qTT21S6y0wIeeeMxnW2BiC4KORVC5JWy30AAtHB3 1tDySPouZ8o8ig/Sedgm =nPEw -----END PGP SIGNATURE----- Changes: virtualbox (4.3.18-dfsg-2) unstable; urgency=high [ Frank Mehnert ] * d/rules: Disable experimental code by exporting VBOX_WITH_VMSVGA= VBOX_WITH_VMSVGA3D= this fixes CVE-2014-6595, CVE-2014-6590, CVE-2014-6589, CVE-2014-6588 and CVE-2015-0427. (Closes: #775888) -- Gianfranco Costamagna <[email protected]> Thu, 22 Jan 2015 10:51:40 +0100
