Debian Security Advisory

DLA-372-1 virtualbox-ose -- LTS security update

Date Reported:
18 Dec 2015
Affected Packages:
Security database references:
No other external database security references currently available.
More information:

Oracle stopped supporting version 3.2 of VirtualBox last June. They also do not disclose enough information about vulnerabilities discovered and fixed in newer versions so that it is impossible for us to verify whether the vulnerability also applies to 3.2 and to backport the fix when needed.

We are thus no longer supporting virtualbox-ose in Debian 6 Squeeze. If you rely on it, you should either consider using backports of newer versions (version 4.1.42 is available in squeeze-backports) or upgrade to Debian 7 Wheezy (or newer).