[ubuntu/trusty-security] virtualbox 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Wed Nov 25 14:37:39 UTC 2015


virtualbox (4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1) trusty-security; urgency=medium

  * New upstream bugfix release. (LP: #1517161)
    - drop patches and rebase with debian jessie-security upload
    - all CVEs are fixed in the upstream import, drop all the CVE
      patches.

virtualbox (4.3.32-dfsg-1+deb8u2) jessie-security; urgency=medium

  * d/rules: re-enable VBOX_WITH_VMSVGA and
     VBOX_WITH_VMSVGA3D (Closes: #795531).
     - the CVEs are already fixed
     - this patch makes it build more coherently
       with how upstream builds it.
     - the proper patch should be on upstream changeset 57410
       but we don't need it anymore

virtualbox (4.3.32-dfsg-1+deb8u1) jessie-security; urgency=medium

  [ Gianfranco Costamagna ]
  * New upstream security release.
    - Addressed CVE-2015-4813 and CVE-2015-4896
  * Use my uid to fix NMU warning
  * Remove pre-depends on dpkg, useless now.

  [ Ritesh Raj Sarraf ]
  * Move virtualbox-dkms | virtualbox-source to Depends,
    needed to fully configure virtualbox kernel module prior
    to reload virtualbox service, avoiding a race condition.
    (Closes: #798527, #798979)

virtualbox (4.3.30-dfsg-1+deb8u1) jessie-security; urgency=medium

  [ Ritesh Raj Sarraf ]
  * Imported upstream release.

  [ Gianfranco Costamagna ]
  * Readd again some removed lintian overrides.
  * virtualbox 4.3.30 builds fine with gcc 5.1, removing the
    gcc-4.9 workaround (d/{rules,control})
  * Update copyright file.
  * Patch refresh.
  * Remove some more windows prebuilt files.
  * Add libnotify-bin as runtime-dependency for the x11 package
    (used for notify-send command) (Closes: #792292)
    - Thanks Torquil Macdonald Sørensen for the useful and complete
      bug report.

virtualbox (4.3.28-dfsg-1) unstable; urgency=medium

  * New upstream release (Closes: #785655).
    - fix for CVE-2015-3456 a.k.a. VENOM (Closes: #785424)
    - patch refresh.
    - remove d/p/37-diff_smap_4.patch.
  * Remove MAKE=kmk on virtualbox{,-guest}-source.files/rules
    (Closes: #785161).
    Upstream doesn't recommend using kmk to build kernel modules.
    this reverts 63fa6b7b86035b53e8d053b894814eccac9ce595
  * Add gbp.conf file.

virtualbox (4.3.26-dfsg-3) unstable; urgency=medium

  [ Adam Conrad ]
  * Re-work the packaging to account for the kernel modules being shipped in
    the master kernel packages, removing the need for dkms (LP: #1434579):
    - Make the dkms package provide a virtual package matching what the
      kernel packages provide to indicate that they ship the dkms modules.
    - Add an alternate dep from the utils package to the virtual driver.
    - Make the x11 driver package associate with the VGA controller PCI ID.

virtualbox (4.3.26-dfsg-2) experimental; urgency=medium

  [ Gianfranco Costamagna ]
  * remove obsolete lintian overrides.
  * d/p/37-diff_smap_4.patch, cherry-pick upstream patch to fix a kernel
    paging issue (LP: #1437845).

  [ Ritesh Raj Sarraf ]
  * Remove Michael Meskes from uploaders.

virtualbox (4.3.26-dfsg-1) experimental; urgency=medium

  * Imported upstream release.
   * Conflict with upstream proprietary packages 4.3 series.
     (LP: #1371287, LP: #1375018, LP: #1385931, LP: #1386328, LP: #1421926)

virtualbox (4.3.24-dfsg-1) experimental; urgency=medium

  [ Gianfranco Costamagna ]
  * Imported upstream release (Closes: #779025).
  * Remove d/p/38-remove-hardcoded-gcc.patch, use --with-gcc and
    --with-g++ configure flags.
  * Remove d/p/37-fix-build.patch, merged upstream.

  [ Ritesh Raj Sarraf ]
  * [3bf4cdd] Add back versioned dependency on gcc multilib

virtualbox (4.3.22-dfsg-1) experimental; urgency=medium

  [ Gianfranco Costamagna ]
  * Imported Upstream release.
  * Update copyright year.
  * d/p/37-fix-build.patch fix build, following upstream change in
    xorg driver build (thanks to Michael Thayer for the hint and
    the help).
  * Remove old patches.
  * d/p/38-remove-hardcoded-gcc.patch use CC and CXX from d/rules
    until virtualbox is gcc-5 ready.

  [ Ritesh Raj Sarraf ]
  * [1413631] Build with gcc 4 only
  * [f34c886] Add versioned dependency on g++-multilib

virtualbox (4.3.20-dfsg-1) experimental; urgency=medium

  [ Gianfranco Costamagna ]
  * Imported Upstream release.

  [ Ritesh Raj Sarraf ]
  * Flip build dependency to libcurl4-gnutls-dev

virtualbox (4.3.18-dfsg-3+deb8u3) jessie; urgency=medium

  * d/p/39-crash-raw-mode.patch fix crash in raw mode.
    (Closes: #785689) from upstream changeset 53083
    thanks Frank for the hint!

virtualbox (4.3.18-dfsg-3+deb8u2) jessie-security; urgency=high

  * d/p/CVE-2015-3456.patch fix for CVE-2015-3456 a.k.a. VENOM
    (Closes: #785424)

virtualbox (4.3.18-dfsg-3+deb8u1) jessie; urgency=medium

  [ Moritz Mühlenhoff ]
  * d/p/37-disable-smap.patch, cherry-pick upstream patch to fix a kernel
    paging issue (LP: #1437845, Closes: #783142).

virtualbox (4.3.18-dfsg-3) unstable; urgency=medium

  * Conflict with upstream proprietary packages 4.3 series.
    (LP: #1371287, LP: #1375018, LP: #1385931, LP: #1386328, LP: #1421926)

virtualbox (4.3.18-dfsg-2) unstable; urgency=high

  [ Frank Mehnert ]
  * d/rules: Disable experimental code by exporting
    VBOX_WITH_VMSVGA= VBOX_WITH_VMSVGA3D=
    this fixes CVE-2014-6595, CVE-2014-6590, CVE-2014-6589,
    CVE-2014-6588 and CVE-2015-0427. (Closes: #775888)

virtualbox (4.3.18-dfsg-1) unstable; urgency=medium

  [ Gianfranco Costamagna ]
  * Imported Upstream release.
  * Add myself to uploaders.
  * Patch refresh.
  * Bump Standards-Version to 3.9.6, no changes needed.
  * Wrap-and-sort control file.
  * Fix lintian warnings:
    - Remove old hardening-wrapper
    - Remove broken symlinks.

  [ Felix Geyer ]
  * Remove myself from uploaders.

virtualbox (4.3.14-dfsg-1) unstable; urgency=medium

  [ Gianfranco Costamagna ]
  * New upstream release (Closes: #754220)
    thanks Mateusz Łukasik for the patch.
  * Rebuild against the new xorg-video-abi-18 (Closes: #755067)
  * Tweak README.source to show how to upgrade the package with
    uscan (Closes: #699141), thanks Dmitry!
  * Removing some binary files from the source tarball,
    spotted by lintian.

virtualbox (4.3.12-dfsg-1) unstable; urgency=medium

  [ Gianfranco Costamagna ]
  * New upstream release.

virtualbox (4.3.10-dfsg-1ubuntu6) trusty; urgency=medium

  * d/p/39-crash-raw-mode.patch fix crash in raw mode.
    (Closes: #785689, LP: #1456558) from upstream changeset 53083
    thanks Frank for the hint!

Date: 2015-11-23 17:51:18.059176+00:00
Changed-By: LocutusOfBorg <costamagnagianfranco at yahoo.it>
Signed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/+source/virtualbox/4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list