Bugzilla – Bug 1169628
VUL-0: CVE-2020-2741: virtualbox: Oracle 2020 April CPU (update to 6.0.20 and 6.1.6)
Last modified: 2020-07-03 16:15:44 UTC
CVE-2020-2741 CVE-2020-2742 CVE-2020-2743 CVE-2020-2748 CVE-2020-2758 CVE-2020-2894 CVE-2020-2902 CVE-2020-2905 CVE-2020-2907 CVE-2020-2908 CVE-2020-2909 CVE-2020-2910 CVE-2020-2911 CVE-2020-2913 CVE-2020-2914 CVE-2020-2929 CVE-2020-2951 CVE-2020-2958 CVE-2020-2959 Leap should be upgraded to 6.0.20 and Factory to 6.1.6 https://www.oracle.com/security-alerts/cpuapr2020.html
Version 6.0.20 has been submitted to Leap 15.1 Version 6.1.6 has been submitted to Tumbleweed and Leap 15.2.
CVE-2020-2575 is also included in the update but only mentioned after the release.
This is an autogenerated message for OBS integration: This bug (1169628) was mentioned in https://build.opensuse.org/request/show/806055 15.1 / virtualbox
openSUSE-SU-2020:0925-1: An update that fixes 19 vulnerabilities is now available. Category: security (moderate) Bug References: 1169628 CVE References: CVE-2020-2741,CVE-2020-2742,CVE-2020-2743,CVE-2020-2748,CVE-2020-2758,CVE-2020-2894,CVE-2020-2902,CVE-2020-2905,CVE-2020-2907,CVE-2020-2908,CVE-2020-2909,CVE-2020-2910,CVE-2020-2911,CVE-2020-2913,CVE-2020-2914,CVE-2020-2929,CVE-2020-2951,CVE-2020-2958,CVE-2020-2959 Sources used: openSUSE Leap 15.1 (src): virtualbox-6.0.22-lp151.2.15.1