From a92a3b521ef9125dab7c57e036857619bc39b1a0 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Fri, 25 Oct 2024 11:27:52 +0200 Subject: [PATCH] virtualbox: 7.0.20 -> 7.0.22 (#350707) Fixes CVE-2024-21248, CVE-2024-21253, CVE-2024-21259, CVE-2024-21263 and CVE-2024-21273. Changelog: https://www.virtualbox.org/wiki/Changelog-7.0#v22 (cherry picked from commit 299522b78a546b0238861cdad93f340f0b62b8fd) --- pkgs/applications/virtualization/virtualbox/default.nix | 4 ++-- pkgs/applications/virtualization/virtualbox/extpack.nix | 7 +++++-- .../virtualbox/guest-additions-iso/default.nix | 2 +- .../virtualization/virtualbox/guest-additions/builder.nix | 4 ++-- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index 3982cec8b4273..8b04f3f64a07a 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -29,8 +29,8 @@ let buildType = "release"; # Use maintainers/scripts/update.nix to update the version and all related hashes or # change the hashes in extpack.nix and guest-additions/default.nix as well manually. - virtualboxVersion = "7.0.20"; - virtualboxSha256 = "5cf5979bef66ebab3fcd495796b215a940e8a07c469d4bc56d064de44222dd02"; + virtualboxVersion = "7.0.22"; + virtualboxSha256 = "cf3ddf633ca410f1b087b0722413e83247cda4f14d33323dc122a4a42ff61981"; kvmPatchVersion = "20240828"; kvmPatchHash = "sha256-g0esJbB1IGyLGZMLFJIY8ZYdHWuiM5IZtLMHZvCY6bs="; diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix index c234c079b4c89..66f3d2cc78c8f 100644 --- a/pkgs/applications/virtualization/virtualbox/extpack.nix +++ b/pkgs/applications/virtualization/virtualbox/extpack.nix @@ -12,8 +12,11 @@ fetchurl rec { # Manually sha256sum the extensionPack file, must be hex! # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`. # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS - let value = "d750fb17688d70e0cb2d7b06f1ad3a661303793f4d1ac39cfa9a54806b89da25"; - in assert (builtins.stringLength value) == 64; value; + let + value = "6b0c16074dde1ea273b15e091336034368217ba569e09359a63c4d32af558886"; + in + assert (builtins.stringLength value) == 64; + value; meta = { description = "Oracle Extension pack for VirtualBox"; diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix index f59dcc25f4c20..02ed647d5fe1b 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix @@ -5,7 +5,7 @@ let in fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso"; - sha256 = "4c7523fa6d17436e3b7788f62956674270572cfefa340d03111b85f8517d5981"; + sha256 = "486f90cbfe9ed4bf2b12d726ebf54a839758a237e967aa65fc2c92d90a963021"; meta = { description = "Guest additions ISO for VirtualBox"; longDescription = '' diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix index 64b2d5f7229c6..049b186d07757 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix @@ -10,11 +10,11 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "VirtualBox-GuestAdditions-builder-${kernel.version}"; - version = "7.0.20"; + version = "7.0.22"; src = fetchurl { url = "https://download.virtualbox.org/virtualbox/${finalAttrs.version}/VirtualBox-${finalAttrs.version}.tar.bz2"; - sha256 = "5cf5979bef66ebab3fcd495796b215a940e8a07c469d4bc56d064de44222dd02"; + sha256 = "cf3ddf633ca410f1b087b0722413e83247cda4f14d33323dc122a4a42ff61981"; }; env.NIX_CFLAGS_COMPILE = "-Wno-error=incompatible-pointer-types -Wno-error=implicit-function-declaration";