Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Packages for VirtualBox are not available in Debian 10 and won't be in buster-backports either. A recommended alternative is Virtual Machine Manager (buster/virt-manager).
It's also currently a trivial backport from Sid to Buster, if you care to do that.
Backport means rebuilding the packages from the debianized source on Buster; it does not mean to create a FrankenDebian by installing the upstream packages.
stevepusser wrote:It's also currently a trivial backport from Sid to Buster, if you care to do that.
And how would you propose that the OP keep track of new vulnerabilities and update the package when needed?
Oracle don't even publish individual CVE's, they just offer new versions for the user to upgrade to.
Thorsten Glaser wrote:> and Oracle wants to support just the most recent versions, introducing
That is worded in a way to make the sentence wrong. What they do is
not publish security details, so others cannot even support older
versions *themselves*, which is proactively harmful. AIUI you get a
new release and either take it or not, with no separation of patches.
TBH I'm a bit shocked that MX Linux are so blasé about VB and it's egregiously bad security support. Have you tried gnome-boxes? The UI is even simpler than VB and the performance is better for hardware-based virtualisation.
stevepusser wrote:It's also currently a trivial backport from Sid to Buster, if you care to do that.
And how would you propose that the OP keep track of new vulnerabilities and update the package when needed?
Oracle don't even publish individual CVE's, they just offer new versions for the user to upgrade to.
Thorsten Glaser wrote:> and Oracle wants to support just the most recent versions, introducing
That is worded in a way to make the sentence wrong. What they do is
not publish security details, so others cannot even support older
versions *themselves*, which is proactively harmful. AIUI you get a
new release and either take it or not, with no separation of patches.
TBH I'm a bit shocked that MX Linux are so blasé about VB and it's egregiously bad security support. Have you tried gnome-boxes? The UI is even simpler than VB and the performance is better for hardware-based virtualisation.
That sounds interesting! I'll have to see if it supports shared folders like Vbox. The better performance would be a selling point.
Hmmm...well, the first thing it does is lock up my system tight if I try and boot an ISO when I'm running a Liquorix kernel. It does work when running the Debian/MX kernel, though.
I've found the Debian modifications to VBox make it easier to set up, that's why. We can also easily include built guest modules with the MX Linux ISO so the guest additions features work out of the box if you're testing it by using the Debian virtualbox-guest packages...can you tell us how to do that with the Oracle single deb package?
Yes, it works for me on XFCE, as long as I'm not running a Liquorix kernel. I haven't found out how to transfer files to and from a guest with the Stretch version yet, though...that version doesn't support shared folders and I can't get the guest to pick up a USB drive when I tell it to use one--the guest just locks up. I can upload and download from my Google Drive at speeds much higher than a flash drive, though, so that's a viable workaround.
