From nobody Sat Jun 03 13:21:37 2023 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QYL9t1mJ3z4YhBy for ; Sat, 3 Jun 2023 13:21:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QYL9t0b53z43Cx for ; Sat, 3 Jun 2023 13:21:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1685798498; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1xANUkXf8TafCMyfaaEPtMbL+cGmtC2wB5lBglVi2hE=; b=rXPUKUpOktareBup3lPvOa9ntV8Ik5631U62BTlClkESvpoxKOgptXjtUieM7agnI37juL eLb2xpujOmKuXCHue4IdLeNr5NuNztXc9zzoLaujeuK9pomH4PJJZyi3V+Ii0TZ+WqBHXS 6UAYkleyFenJv4L3Ux6tewvoDkQ37noUYhYA26ZIPVBnBsWSmSnRzjnrPAOF/Cae3ENw/I P0ZuLdbfnKoR7KSxH0s7uK+nY00zYc0K7ZICHV/4z0kIgmzR6h7IP3torH5qc7w+MuUgNt lAtv0jhXCXCCt8lS4nGWfrr1XzfcFOPqk2YLmeUSYSGbq4wJhI/Vve9kSav3Eg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1685798498; a=rsa-sha256; cv=none; b=xSH113r9tvMiY+9wTDh5xwV5KccKx/WFO8HxfSEbnBi5cFKwJBLkvx7sI5YTluH155UTho zFI/na0DaWGdzKwEQNuwYNYp7LwzC8phMAerpS7uRwmhP1CNyqTWIktgl3hBOhenI20jDu eHRnl6yQMcgwEg6kzODXbSx0u4jnGDN81JJHbRDWYLMqEyV6rlBfcS5aPP4h+ixgqxp9ke hnEYlBstE7OWBHdk2JCJdoUtENRWZQ7B519RiLurPi7MAS9Iug5QQ7DqWZHQF75PGeZieW qAwqWwr3ilndv4zpOeddiC62bJ41yoyMbkNymi0K3DRBKAtviBIermYFppWWBA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QYL9s6pDFzRXx for ; Sat, 3 Jun 2023 13:21:37 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 353DLbo9002954 for ; Sat, 3 Jun 2023 13:21:37 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 353DLb5t002952 for ports-bugs@FreeBSD.org; Sat, 3 Jun 2023 13:21:37 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 271141] security/vuxml: document vulnerabilities for the emulators/virtualbox-ose family Date: Sat, 03 Jun 2023 13:21:37 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: grahamperrin@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271141 Graham Perrin changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|security/vuxml: mark as |security/vuxml: document |FORBIDDEN, and document |vulnerabilities for the |vulnerabilities for, the |emulators/virtualbox-ose |emulators/virtualbox-ose |family |family | --- Comment #5 from Graham Perrin --- With the Oracle-supported 6.1 branch currently at 6.1.44 As far as I can tell, from a FreeBSD-CURRENT perspective, (2023-05-15), its cherry-pick to 2023Q2, and other 6.1-related commits nega= ted the need to mark as FORBIDDEN.=20 % uname -r 14.0-CURRENT % pkg search virtualbox | grep -v 6.1.44 phpvirtualbox-6.1_1 AJAX Web Interface for VirtualBox phpvirtualbox-legacy-5.2.1_2 AJAX Web Interface for VirtualBox virtualbox-ose-additions-legacy-5.2.44_5 VirtualBox additions for FreeBSD guests virtualbox-ose-additions-nox11-legacy-5.2.44_4 VirtualBox additions for Fre= eBSD guests virtualbox-ose-kmod-legacy-5.2.44_7 VirtualBox kernel module for FreeBSD %=20 In addition: we might reasonably assume that ports of the 5.2 branch are vulnerable, however these are no longer supported by Oracle (and so, we can= 't expect vulnerabilities to be documented by Oracle). --=20 You are receiving this mail because: You are the assignee for the bug.=