Bug 1169628 - (CVE-2020-2741) VUL-0: CVE-2020-2741: virtualbox: Oracle 2020 April CPU (update to 6.0.20 and 6.1.6)
(CVE-2020-2741)
VUL-0: CVE-2020-2741: virtualbox: Oracle 2020 April CPU (update to 6.0.20 and...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P3 - Medium : Major (vote)
: ---
Assigned To: Larry Finger
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-04-16 08:46 UTC by Alexandros Toptsoglou
Modified: 2020-07-03 16:15 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2020-04-16 08:46:04 UTC
CVE-2020-2741 
CVE-2020-2742
CVE-2020-2743
CVE-2020-2748
CVE-2020-2758
CVE-2020-2894
CVE-2020-2902
CVE-2020-2905 
CVE-2020-2907
CVE-2020-2908
CVE-2020-2909
CVE-2020-2910
CVE-2020-2911 
CVE-2020-2913
CVE-2020-2914 
CVE-2020-2929
CVE-2020-2951
CVE-2020-2958
CVE-2020-2959

Leap should be upgraded to 6.0.20 and Factory to 6.1.6
https://www.oracle.com/security-alerts/cpuapr2020.html
Comment 1 Larry Finger 2020-04-17 20:53:09 UTC
Version 6.0.20 has been submitted to Leap 15.1
Version 6.1.6 has been submitted to Tumbleweed and Leap 15.2.
Comment 2 Alexandros Toptsoglou 2020-04-30 08:01:08 UTC
CVE-2020-2575 is also included in the update but only mentioned after the release.
Comment 3 OBSbugzilla Bot 2020-05-16 22:10:06 UTC
This is an autogenerated message for OBS integration:
This bug (1169628) was mentioned in
https://build.opensuse.org/request/show/806055 15.1 / virtualbox
Comment 4 Swamp Workflow Management 2020-07-03 16:15:44 UTC
openSUSE-SU-2020:0925-1: An update that fixes 19 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1169628
CVE References: CVE-2020-2741,CVE-2020-2742,CVE-2020-2743,CVE-2020-2748,CVE-2020-2758,CVE-2020-2894,CVE-2020-2902,CVE-2020-2905,CVE-2020-2907,CVE-2020-2908,CVE-2020-2909,CVE-2020-2910,CVE-2020-2911,CVE-2020-2913,CVE-2020-2914,CVE-2020-2929,CVE-2020-2951,CVE-2020-2958,CVE-2020-2959
Sources used:
openSUSE Leap 15.1 (src):    virtualbox-6.0.22-lp151.2.15.1