Bug 244212
| Summary: | emulators/virtualbox-ose: Update to 5.2.44 | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Nikita Stepanov <nikitastepan0v> | ||||||||
| Component: | Individual Port(s) | Assignee: | Guido Falsi <madpilot> | ||||||||
| Status: | Closed FIXED | ||||||||||
| Severity: | Affects Many People | CC: | dereks, dutchbsd, grahamperrin, groenveld, ian, joneum, kevans, lobo, madpilot, pauamma, ports-secteam, vbox, vvd | ||||||||
| Priority: | Normal | Keywords: | security | ||||||||
| Version: | Latest | Flags: | koobs:
maintainer-feedback+
joneum: merge-quarterly+ |
||||||||
| Hardware: | Any | ||||||||||
| OS: | Any | ||||||||||
| URL: | https://www.virtualbox.org/wiki/Changelog-5.2#v44 | ||||||||||
| See Also: |
https://reviews.freebsd.org/D24438 https://reviews.freebsd.org/D25496 |
||||||||||
| Bug Depends on: | |||||||||||
| Bug Blocks: | 247987 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
Nikita Stepanov
2020-02-18 10:40:57 UTC
We really need to have it upgraded on the current port, please can it get some priority? Kyle has a 5.2.40 update in flight There was a lot of CVE (19) fixed in 5.2.40: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixOVIR ^Triage: Re-triage based on security vulnerabilities in comment 4 (Thank you VVD) 5.2.42 released: https://www.virtualbox.org/wiki/Changelog-5.2#v42 Created attachment 214672 [details]
VirtualBox 5.2.42 port
Fully functional port
(In reply to Mario Lobo from comment #7) Hi, Can you please reattach this as an `svn diff` instead? Thanks, Kyle Evans There are only 3 things that need to be done to move from 5.2.34 to 5.2.42: 1) Adjust both Makefiles (virtualbox-ose & virtualbox-ose-kmod) change PORTVERSION= 5.2.34 to PORTVERSION= 5.2.42 remove PORTREVISION= 4 2) remove patch-src_VBox_Devices_PC_vbox-cpuhotplug.dsl from virtualbox-ose/files 3) recalculate distinfo, which becomes this: SHA256 (VirtualBox-5.2.42.tar.bz2) = e5bee2e34f349aac115ee93974febfe3213ad5e94045fa36b9f04b5f8caa3720 SIZE (VirtualBox-5.2.42.tar.bz2) = 124013981 SHA256 (VBoxGuestAdditions_5.2.42.iso) = ff784417295e48e3cee80a596faf05e3b0976e1b94d3b88427939912b0c1fc45 SIZE (VBoxGuestAdditions_5.2.42.iso) = 49833984 ThatÅ› it! (In reply to Mario Lobo from comment #9) I did this on my poudriere build server by hand for one of my servers and it built find and is running fine so far. (In reply to Ian Dickens from comment #10) Ok, I also changed the same Makefile and distinfo in virtualbox-ose-additions so that I could compile the additions-noX11 for my guests. And seems to be going ok too. Like I always do - I recompile virtualbox-ose-kmod on the hosts locally.... Good to know! Thanks for the info. I had only tested the two main ports. Approved for MFH after add a vuxml entry for the CVE's ports-secteam (joneum) Hi, I've created a new review: https://reviews.freebsd.org/D25496 I've taken Mario Lobo patch here and cleaned it up a little. Could I get it reviewed? Thanks! (In reply to Guido Falsi from comment #14) python2.6??? (In reply to VVD from comment #15) > python2.6??? Sorry I don't get the question, my patches use python.3.7. I do patch upstream code that already mentions python 2.6 ad add the actual interpreter to the list. I can change the patch to put the actual interpreter at the start of it, but since upstream code tests from older to newer I thought I'd leave the logic unchanged. (In reply to Guido Falsi from comment #16) The reason I'm patching Config.kmk in that part detecting python is that in poudriere builds no "python3" executable is installed by USES=python:3.7, but only the "python3.7" executable. So I need to add it to the list of binaries being tested before built. Why USES=python:3.7? Why not USES=python? (In reply to VVD from comment #18) I can adapt the patch for that. But I don't see why supporting old python 2.7 which is going to be removed. (In reply to Guido Falsi from comment #19) 3.7 is the default. USES=python:3.7+ or USES=python:3.5+ But not USES=python:3.7 (In reply to Guido Falsi from comment #19) Right, anyway I changed it to USES=python, simply. It works fine with all of the ones we have in the ports tree, and once python2 will be gone it will factor out. So you were right and I have accepted your suggestion. I updated the patch in the review. (In reply to Guido Falsi from comment #14) Perfect, Guido! Compilation and execution without the little glitches! Thank you!! I'm attempting to work with the 6.1.10 port. This is where we stand: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234878 If you have the time, we could use your help :D! (In reply to Mario Lobo from comment #22) I made a minor update to the review, I hope to get approval to commit it soon. I'd like to have virtualbox 6, and am willing to test it, but I don't know how much I can help with crashes in such a complex software. I'll give it a try as soon as I have time though. Pulled an old machine out of storage that had VT-x/AMD-V that I can use for dedicated testing new vbox5 and vbox6. Applied the review's raw diff to head ports and I've tested the following: - Building with additions ISO enabled - virtualbox GUI via xrdp - importing ova - Creating Linux and FreeBSD 64 VMs. - Installing additions via ISO on EL7. - Installing emulators/virtualbox-ose-additions on FreeBSD 12.1 amd64 VM - Addition's VBoxControl. - www/phpvirtualbox - VNC Remote Desktop with auto port selection Everything looks good. 23 (25) CVEs in VirtualBox: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247987 Can anybody attach patch for 5.2.44? (In reply to VVD from comment #25) > 23 (25) CVEs in VirtualBox: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247987 Thanks for this pointer. These need to be added to vuln.xml. It's a boring job and also requires time. > Can anybody attach patch for 5.2.44? You sent this at 02:55:04 UTC, The email announce of version 5.2.44 was sent at 7:25 Even if I had time for this right away, you could not expect any result before tomorrow. I do plan to update it but I'm not in an hurry. So give me a few days at best. BTW if the update is easy (that is no patches need to be modified) you can try that yourself. Just update PORTVERSION and rebuild distinfo. I confirm that VBox 5.2.44 compiles and runs fine with NO alterations to the patches. Only adjust Make file to PORTVERSION= 5.2.44 and make checksum Sorry! The command is make makesum. ^Triage: - Leave merge-quarterly open (?) until merged Created attachment 216479 [details] Update to 5.2.44 (In reply to Guido Falsi from comment #26) > You sent this at 02:55:04 UTC, The email announce of version 5.2.44 was sent at 7:25 > Even if I had time for this right away, you could not expect any result before tomorrow. > I do plan to update it but I'm not in an hurry. So give me a few days at best. I got announce email and just inform others about it - nothing else. So no problems for waiting several days. > BTW if the update is easy (that is no patches need to be modified) you can try that yourself. Just update PORTVERSION and rebuild distinfo. I know how it work. :-D I post 20? 30? update version patches for last 6 months for other ports. And I'm a maintainer of several ports for 3+ years. make check-plist/install for virtualbox-ose/virtualbox-ose-kmod/virtualbox-ose-additions, then run VM work fine on 12.1 amd64. (In reply to VVD from comment #30) Sorry, my reply came out more aggressive than intended. I was just perplexed by how your request for update came hours before the official announce for the new version. Anyway the update looks simple, and I've prepared a vuxml entry. I'll update the review soon. I updated the review at [1]. It also includes a vuxml entry. Hoie it can be approved ASAP. [1] https://reviews.freebsd.org/D25496 Time to commit? (In reply to VVD from comment #33) > Time to commit? I've posted the last patch in the review on July 17th, according to the rules I have to wait for the timeout, which will happen on August 1st. At that point I'll evaluate committing without explicit vbox@FreeBSD.org approval. That unless someone from vbox or portmgr or ports-secteam approves. I'm going to post the patch here for completeness too. Created attachment 216565 [details]
Virtualbox 5.2.44 update patch
Patch as posted in phabric review on July 17th.
Includes vuxml updates.
ok from ports-secteam after add a vuxml for the CVE's A commit references this bug: Author: madpilot Date: Sun Jul 19 09:11:26 UTC 2020 New revision: 542548 URL: https://svnweb.freebsd.org/changeset/ports/542548 Log: Document multiple vulnerabilities in VirtualBox> PR: 244212 Submitted by: Nikita Stepanov <nikitastepan0v@bk.ru> Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: madpilot Date: Sun Jul 19 09:19:30 UTC 2020 New revision: 542551 URL: https://svnweb.freebsd.org/changeset/ports/542551 Log: - Update VirtualBox ports to 5.2.44 - Adapt and regenerate patches - Reduce differences in patch-src_VBox_Devices_PC_vbox-cpuhotplug.dsl [1] Patch based on one provided by Mario Lobo <lobo@bsd.com.br>. Many thanks to people who provided ideas and suggetions in the PR and review. PR: 244212 Submitted by: Nikita Stepanov <nikitastepan0v@bk.ru> Reviewed by: kevans [1] Tested by: lwshu Approved by: ports-secteam (joneum) MFH: 2020Q3 Security: 1e7b316b-c6a8-11ea-a7d5-001999f8d30b Differential Revision: https://reviews.freebsd.org/D25496 Changes: head/emulators/virtualbox-ose/Makefile head/emulators/virtualbox-ose/distinfo head/emulators/virtualbox-ose/files/patch-Config.kmk head/emulators/virtualbox-ose/files/patch-configure head/emulators/virtualbox-ose/files/patch-include-VBox-vmm-cpumctx.h head/emulators/virtualbox-ose/files/patch-include-iprt-x86.h head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-VBoxGuest-freebsd.c head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-freebsd-Makefile head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-freebsd-files_vboxguest head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_exports.py head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_exports_dri.py head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_glxapi_exports.py head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-x11-Installer-98vboxadd-xclient head/emulators/virtualbox-ose/files/patch-src-VBox-Additions-x11-Installer-vboxclient.desktop head/emulators/virtualbox-ose/files/patch-src-VBox-Devices-Network-slirp-bsd-sys-mbuf.h head/emulators/virtualbox-ose/files/patch-src-VBox-Devices-PC-ipxe-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-Support-freebsd-Makefile head/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-Support-freebsd-files_vboxdrv head/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-VBoxNetAdp-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-VBoxNetAdp-freebsd-VBoxNetAdp-freebsd.c head/emulators/virtualbox-ose/files/patch-src-VBox-Installer-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-Installer-freebsd-virtualbox.desktop head/emulators/virtualbox-ose/files/patch-src-VBox-Main-src-server-VirtualBoxImpl.cpp head/emulators/virtualbox-ose/files/patch-src-VBox-Main-src-server-freebsd-HostHardwareFreeBSD.cpp head/emulators/virtualbox-ose/files/patch-src-VBox-Main-webservice-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-Runtime-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-VBox-Runtime-r0drv-freebsd-sleepqueue-r0drv-freebsd.h head/emulators/virtualbox-ose/files/patch-src-recompiler-Makefile.kmk head/emulators/virtualbox-ose/files/patch-src-recompiler-Sun-testmath.c head/emulators/virtualbox-ose/files/patch-src_VBox_Additions_common_pam_pam__vbox.cpp head/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_Makefile head/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_Makefile.kmk head/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_vboxvfs__prov.c head/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_vboxvfs__vfsops.c head/emulators/virtualbox-ose/files/patch-src_VBox_Debugger_Makefile.kmk head/emulators/virtualbox-ose/files/patch-src_VBox_Devices_Audio_DrvHostALSAAudio.cpp head/emulators/virtualbox-ose/files/patch-src_VBox_Devices_PC_vbox-cpuhotplug.dsl head/emulators/virtualbox-ose/files/patch-src_VBox_Frontends_VBoxManage_VBoxManageHelp.cpp head/emulators/virtualbox-ose/files/patch-src_VBox_Frontends_VirtualBox_Makefile.kmk head/emulators/virtualbox-ose/files/patch-src_VBox_HostDrivers_Support_SUPDrvInternal.h head/emulators/virtualbox-ose/files/patch-src_VBox_HostDrivers_Support_freebsd_SUPDrv-freebsd.c head/emulators/virtualbox-ose/files/patch-src_VBox_HostServices_SharedOpenGL_Makefile.kmk head/emulators/virtualbox-ose/files/patch-src_VBox_Main_Makefile.kmk head/emulators/virtualbox-ose/files/patch-src_VBox_Main_include_USBProxyBackend.h head/emulators/virtualbox-ose/files/patch-src_VBox_Main_src-client_ConsoleImpl2.cpp head/emulators/virtualbox-ose/files/patch-src_VBox_Main_src-server_HostImpl.cpp head/emulators/virtualbox-ose/files/patch-src_VBox_VMM_VMMR0_GVMMR0.cpp head/emulators/virtualbox-ose/files/patch-src_libs_xpcom18a4_nsprpub_pr_src_pthreads_ptsynch.c head/emulators/virtualbox-ose/files/patch-src_libs_xpcom18a4_xpcom_io_nsLocalFileUnix.h head/emulators/virtualbox-ose-additions/Makefile head/emulators/virtualbox-ose-additions/distinfo head/emulators/virtualbox-ose-kmod/Makefile head/emulators/virtualbox-ose-kmod/distinfo A commit references this bug: Author: madpilot Date: Sun Jul 19 09:21:57 UTC 2020 New revision: 542552 URL: https://svnweb.freebsd.org/changeset/ports/542552 Log: MFH: r542551 - Update VirtualBox ports to 5.2.44 - Adapt and regenerate patches - Reduce differences in patch-src_VBox_Devices_PC_vbox-cpuhotplug.dsl [1] Patch based on one provided by Mario Lobo <lobo@bsd.com.br>. Many thanks to people who provided ideas and suggetions in the PR and review. PR: 244212 Submitted by: Nikita Stepanov <nikitastepan0v@bk.ru> Reviewed by: kevans [1] Tested by: lwshu Approved by: ports-secteam (joneum) Security: 1e7b316b-c6a8-11ea-a7d5-001999f8d30b Differential Revision: https://reviews.freebsd.org/D25496 Approved by: ports-secteam (joneum, via bugzilla PR) Changes: _U branches/2020Q3/ branches/2020Q3/emulators/virtualbox-ose/Makefile branches/2020Q3/emulators/virtualbox-ose/distinfo branches/2020Q3/emulators/virtualbox-ose/files/patch-Config.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-configure branches/2020Q3/emulators/virtualbox-ose/files/patch-include-VBox-vmm-cpumctx.h branches/2020Q3/emulators/virtualbox-ose/files/patch-include-iprt-x86.h branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-VBoxGuest-freebsd.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-freebsd-Makefile branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-VBoxGuest-freebsd-files_vboxguest branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_exports.py branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_exports_dri.py branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-FreeBSD_i386_glxapi_exports.py branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-common-crOpenGL-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-x11-Installer-98vboxadd-xclient branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Additions-x11-Installer-vboxclient.desktop branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Devices-Network-slirp-bsd-sys-mbuf.h branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Devices-PC-ipxe-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-Support-freebsd-Makefile branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-Support-freebsd-files_vboxdrv branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-VBoxNetAdp-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-HostDrivers-VBoxNetAdp-freebsd-VBoxNetAdp-freebsd.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Installer-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Installer-freebsd-virtualbox.desktop branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Main-src-server-VirtualBoxImpl.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Main-src-server-freebsd-HostHardwareFreeBSD.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Main-webservice-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Runtime-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-VBox-Runtime-r0drv-freebsd-sleepqueue-r0drv-freebsd.h branches/2020Q3/emulators/virtualbox-ose/files/patch-src-recompiler-Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src-recompiler-Sun-testmath.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Additions_common_pam_pam__vbox.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_Makefile branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_vboxvfs__prov.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Additions_freebsd_vboxvfs_vboxvfs__vfsops.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Debugger_Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Devices_Audio_DrvHostALSAAudio.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Devices_PC_vbox-cpuhotplug.dsl branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Frontends_VBoxManage_VBoxManageHelp.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Frontends_VirtualBox_Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_HostDrivers_Support_SUPDrvInternal.h branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_HostDrivers_Support_freebsd_SUPDrv-freebsd.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_HostServices_SharedOpenGL_Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Main_Makefile.kmk branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Main_include_USBProxyBackend.h branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Main_src-client_ConsoleImpl2.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_Main_src-server_HostImpl.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_VBox_VMM_VMMR0_GVMMR0.cpp branches/2020Q3/emulators/virtualbox-ose/files/patch-src_libs_xpcom18a4_nsprpub_pr_src_pthreads_ptsynch.c branches/2020Q3/emulators/virtualbox-ose/files/patch-src_libs_xpcom18a4_xpcom_io_nsLocalFileUnix.h branches/2020Q3/emulators/virtualbox-ose-additions/Makefile branches/2020Q3/emulators/virtualbox-ose-additions/distinfo branches/2020Q3/emulators/virtualbox-ose-kmod/Makefile branches/2020Q3/emulators/virtualbox-ose-kmod/distinfo Update committed and merged to quarterly. Thanks to all! ^Triage: Assign to committer that resolved |
