Debian Security Advisory

DSA-3359-1 virtualbox -- security update

Date Reported:
13 Sep 2015
Affected Packages:
virtualbox
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2015-2594.
More information:

This update fixes an unspecified security issue in VirtualBox related to guests using bridged networking via WiFi. Oracle no longer provides information on specific security vulnerabilities in VirtualBox. To still support users of the already released Debian releases we've decided to update these to the respective 4.1.40 and 4.3.30 bugfix releases.

For the oldstable distribution (wheezy), this problem has been fixed in version 4.1.40-dfsg-1+deb7u1.

For the stable distribution (jessie), this problem has been fixed in version 4.3.30-dfsg-1+deb8u1.

For the testing distribution (stretch), this problem has been fixed in version 4.3.30-dfsg-1.

For the unstable distribution (sid), this problem has been fixed in version 4.3.30-dfsg-1.

We recommend that you upgrade your virtualbox packages.