-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.7) focal-security; urgency=medium
* SECURITY UPDATE: SAML Bypass
- debian/patches/CVE-2023-34058.patch: don't accept tokens with
unrelated certs in open-vm-tools/vgauth/common/certverify.c,
open-vm-tools/vgauth/common/certverify.h,
open-vm-tools/vgauth/common/prefs.h,
open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c.
- CVE-2023-34058
* SECURITY UPDATE: file descriptor hijack
- debian/patches/CVE-2023-34059.patch: change privilege dropping order
in open-vm-tools/services/vmtoolsd/mainPosix.c,
open-vm-tools/vmware-user-suid-wrapper/main.c.
- CVE-2023-34059
-- Marc Deslauriers <email address hidden> Fri, 27 Oct 2023 07:51:55 -0400
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.6) focal-security; urgency=medium
* SECURITY UPDATE: SAML token signature bypass vulnerability
- debian/patches/CVE-2023-20900.patch: Allow only X509 certs to verify
the SAML token signature in
open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c.
- CVE-2023-20900
-- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:46:25 -0400
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.5) focal-security; urgency=medium
* SECURITY UPDATE: authentication bypass vulnerability
- debian/patches/CVE-2023-20867.patch: Remove some dead code
- CVE-2023-20867
-- Nishit Majithia <email address hidden> Tue, 25 Jul 2023 09:36:54 +0530
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.4) focal; urgency=medium
* d/open-vm-tools.postinst: Fixes issue with "udevadm trigger"
affecting all devices that can cause unwanted side-effects.
(LP: #1968354)
-- Bryce Harrington <email address hidden> Mon, 19 Sep 2022 22:14:14 +0000
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: local privilege escalation
- debian/patches/CVE-2022-31676.patch: check authorization on incoming
guestOps requests in open-vm-tools/vgauth/serviceImpl/proto.c.
- CVE-2022-31676
-- Marc Deslauriers <email address hidden> Tue, 16 Aug 2022 09:23:06 -0400
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.2) focal; urgency=medium
* d/rules: provide a compat link for the old open-vm-tools
library/plugin paths (LP: #1944946)
- d/open-vm-tools.postinst: handle upgrades from <11.3.0-2 in regard
to the symlink
-- Christian Ehrhardt <email address hidden> Tue, 12 Oct 2021 07:53:54 +0200
-
open-vm-tools (2:11.3.0-2ubuntu0~ubuntu20.04.1) focal; urgency=medium
* Update to latest release v11.3.0 (LP: #1933143)
Remaining changes:
- Revert "build-depend on libgdk-pixbuf-xlib-2.0-dev"
* Dropped [ is in 11.3.0-2]
- Revert "Add net-tools as dependency again." as we don't want to
modify the focal seed/ISO content without a real issue behind it.
open-vm-tools (2:11.3.0-2) experimental; urgency=medium
* d/copyright: further fix licenses after consulting SPDX
* d/copyright: state multi-license under one glob pattern
* d/control: enable arm64 which is ready in 11.3.0
* d/control: drop no more needed net-tools dependency
open-vm-tools (2:11.3.0-1) experimental; urgency=medium
* New upstream version 11.3.0 (Closes: #990163)(LP: #1933143)
- d/rules: install new binary vmwgfxctrl into open-vm-tools-desktop
- d/rules: add new binary vmware-alias-import to open-vm-tools
- d/rules: add new vmsvc plugins libguestStore.so and libgdp.so
to open-vm-tools
* d/open-vm-tools.maintscript: remove stale conffiles (Closes: #868273)
* d/control: add myself to uploaders
* Cleanups flagged by tracker.debian.org
- d/watch: fix to work with upstreams github tags
- d/control: bump Standards-Version to 4.5.1 (no changes needed)
* Cleanups for various Lintian findings
- d/source/lintian-overrides: allow helper scripts by setting
patch-file-present-but-not-mentioned-in-series
- d/{open-vm-tools,open-vm-tools-dev}.lintian-overrides tolerate
package-name-doesnt-match-sonames
- d/{open-vm-tools,open-vm-tools-desktop}.lintian-overrides: tolerate
no-manual-page until upstream issue 526 is resolved
- d/control: fix skip-systemd-native-flag-missing-pre-depends warning by
adding misc:Pre-Depends
- d/copyright: rename non allowed license names to fix
space-in-std-shortname-in-dep5-copyright warning
- d/open-vm-tools-desktop.lintian-overrides: fix setuid override
- d/rules: drop no more needed handling of pam vmtoolsd-x64
- d/rules: put libs and .pc files in correct multiarch directories
- d/rules: do not ship vmware-vgauth-smoketest (only meant for build&test,
per upstream it can wipe system config and therefore should not be
shipped after build - upstream issue 527)
* d/control: Remove constraints unnecessary since stretch (from Janitor)
-- Christian Ehrhardt <email address hidden> Tue, 31 Aug 2021 12:05:31 +0200
-
open-vm-tools (2:11.2.5-2ubuntu1~ubuntu20.04.1) focal; urgency=medium
* Update to latest release v11.2.5 (LP: #1911831)
- Revert "Add net-tools as dependency again." as we don't want to
modify the focal seed/ISO content without a real issue behind it.
- Revert "build-depend on libgdk-pixbuf-xlib-2.0-dev"
open-vm-tools (2:11.2.5-2ubuntu1) hirsute; urgency=medium
* d/p/fix-FTFBS-glib2.0-2.66.3.patch: fix FTBFS with glib2.0 >=2.66.3
open-vm-tools (2:11.2.5-2) unstable; urgency=medium
* [7f14954] Drop max_nic_count patch.
See https://github.com/vmware/open-vm-tools/issues/128 for details.
open-vm-tools (2:11.2.5-1) unstable; urgency=medium
* [b54d022] New upstream version 11.2.5
Thanks: John Wolfe
Closes: #980190
open-vm-tools (2:11.2.0-2) unstable; urgency=medium
* [d5d4593] Fix building with new gcc versions
* [94ce968] build-depend on libgdk-pixbuf-xlib-2.0-dev
Closes: #978262
Thanks to Lucas NUssbaum for the upload reminder.
open-vm-tools (2:11.2.0-1) unstable; urgency=medium
* [447d833] Update upstream source from tag 'upstream/11.2.0'
Update to upstream version '11.2.0'
with Debian dir 67243748d9ba09fc4e53f1ab4e921e119c981beb
Closes: #972732
* [704edba] remove pam-use-common-auth-account patch.
Not needed anymore
* [f792922] Use upstream pam file for Debian
-- Christian Ehrhardt <email address hidden> Wed, 17 Mar 2021 08:14:50 +0100
-
open-vm-tools (2:11.1.5-1~ubuntu20.04.2) focal; urgency=medium
* Update to latest release v11.1.5 (LP: #1892266)
- Revert "Add net-tools as dependency again." as we don't want to
modify the focal seed/ISO content without a real issue behind it.
open-vm-tools (2:11.1.5-1ubuntu1) groovy; urgency=medium
* d/p/fix-FTBFS-glibc2.32.patch: fix tirpc flags to propagate correctly
fixing an FTFBS with glibc >=2.32
* d/rules: avoid FTBFS by ignoring nonnull errors for now
open-vm-tools (2:11.1.5-1) unstable; urgency=medium
* [5515c98] Don't recommend xserver-xorg-input-vmmouse.
Thanks to Raphaël Hertzog (Closes: #966465)
* [8a31efc] Update upstream source from tag 'upstream/11.1.5'
Update to upstream version '11.1.5'
with Debian dir 62c70f15b660e7719555a78e6658ced5ca05ca35
Closes: #968688
* [09714a7] Removing patches that were applied upstream
open-vm-tools (2:11.1.0-3) unstable; urgency=medium
* [03d18b3] Fix gcc-10 related issues. (Closes: #957631)
-- Christian Ehrhardt <email address hidden> Mon, 22 Jun 2020 08:40:58 +0200
-
open-vm-tools (2:11.1.5-1~ubuntu20.04.1) focal; urgency=medium
* Update to latest release v11.1.5 (LP: #1877672)
- Revert "Add net-tools as dependency again." as we don't want to
modify the focal seed/ISO content without a real issue behind it.
open-vm-tools (2:11.1.5-1ubuntu1) groovy; urgency=medium
* d/p/fix-FTBFS-glibc2.32.patch: fix tirpc flags to propagate correctly
fixing an FTFBS with glibc >=2.32
* d/rules: avoid FTBFS by ignoring nonnull errors for now
open-vm-tools (2:11.1.5-1) unstable; urgency=medium
* [5515c98] Don't recommend xserver-xorg-input-vmmouse.
Thanks to Raphaël Hertzog (Closes: #966465)
* [8a31efc] Update upstream source from tag 'upstream/11.1.5'
Update to upstream version '11.1.5'
with Debian dir 62c70f15b660e7719555a78e6658ced5ca05ca35
Closes: #968688
* [09714a7] Removing patches that were applied upstream
open-vm-tools (2:11.1.0-3) unstable; urgency=medium
* [03d18b3] Fix gcc-10 related issues. (Closes: #957631)
-- Christian Ehrhardt <email address hidden> Mon, 22 Jun 2020 08:40:58 +0200
-
open-vm-tools (2:11.1.0-2~ubuntu20.04.1) focal; urgency=medium
* Update to latest release v11.1.0 (LP: #1877672)
- among many fixes this also brings the sdmp plugin (LP: #1877678)
- fixes upgrade issues due to bad package versions (LP: #1884483)
- Revert "Add net-tools as dependency again." as we don't want to
modify the focal seed/ISO content without a real issue behind it.
open-vm-tools (2:11.1.0-2) unstable; urgency=medium
[ Christian Ehrhardt ]
* [4d69c6a] d/p/lp-1877678-: fixes for the sdmp plugin that is new in 11.1.0.
Signed-off-by: Christian Ehrhardt <email address hidden>
* [38bd11e] d/control: change net-tools dependency to iproute2.
Signed-off-by: Christian Ehrhardt <email address hidden>
[ Bernd Zeimetz ]
* [c15c08d] Add net-tools as dependency again.
Various scripts still use ifconfig.
open-vm-tools (2:11.1.0-1) unstable; urgency=medium
[ Christian Ehrhardt ]
* [6b7d31d] New upstream version 11.1.0
(Closes: #960061) (LP: #1877672)
* [3ece93a14] d/control, d/rules, d//*sdmp*: add service discovery plugin (sdmp)
(Closes: #960065) (LP: #1877678)
Thanks to Oliver Kurth for the initial contribution, changes in addition:
- d/control: improve description
- rules fix whitespace damage
- maintscripts: fixed some whihtespace damage
- maintscripts: fixed maintainer scripts per skeletons from dh_make
- maintscripts: added the service-active-before-restart check to postinst
as well (was only in rm)
- maintscripts: use deb-systemd-invoke
- d/control: add further dependencies used in sdmp
* [e0c9fbc14] remove patches applied upstream in 11.1.0
- d/p/4ee0bd3c8_Rectify-a-log-spew-in-vmsvc-logging-vmware-vmsvc-root.log
- d/p/89c0d4445_GitHub-Issue-367.-Remove-references-to-deprecated-G_INLINE_FUNC
- d/p/f1f0b812e_add-appinfo-plugin
* [f4cf14931] d/rules: drop perm fixup of vm-support as it is properly
in /usr/bin/ now
* [d71e99e33] lintian: add overrides for intentional cases
* [ba27a73eb] d/p/debian/vmxnet_fix_kernel_4.7.patch: drop unused patch
* [7488e6e2f] d/copyright: fix tab in text
-- Christian Ehrhardt <email address hidden> Mon, 22 Jun 2020 08:40:58 +0200
-
open-vm-tools (2:11.0.5-4) unstable; urgency=medium
* [c720d18] Run vmtoolsd with Nice=-20.
Ensure that the watchdog is always able to answer.
Thanks to Aron Xu (Closes: #953346)
-- Bernd Zeimetz <email address hidden> Mon, 09 Mar 2020 17:10:31 +0100
-
open-vm-tools (2:11.0.5-3) unstable; urgency=medium
* [9d3c1d7] Build-Depend on liblzma-dev.
Thanks to Lucas Nussbaum (Closes: #951940)
-- Bernd Zeimetz <email address hidden> Sun, 23 Feb 2020 16:57:41 +0100
-
open-vm-tools (2:11.0.5-2) unstable; urgency=medium
* [eab2f1a] Add vmtoolsd.service alias.
Debian's open-vm-tools.service is rather unsuaul and based on the
history of the package, so ship an alias.
* [b2977cd] Rectify a log spew in vmsvc logging.
Upstream commit 4ee0bd3c8ead89541ab7d196fb54e940e397420d
When a LSI Logic Parallel SCSI controller sits in PCI bus 0
(SCSI controller 0), the Linux disk device enumeration does not provide
a "label" file with the controller name. This results in messages like
"GuestInfoGetDiskDevice: Missing disk device name; VMDK mapping
unavailable for "/var/log", fsName: "/dev/sda2" repeatedly appearing
in the vmsvc logging. The patch converts what previously was a warning
message to a debug message and thus avoids the log spew.
Thanks to Oliver Kurth (Closes: #950888)
-- Bernd Zeimetz <email address hidden> Tue, 11 Feb 2020 15:56:51 +0100
-
open-vm-tools (2:11.0.5-1) unstable; urgency=medium
* [e302fbf] Depend on lsb-release instead of recommending it.
* [7731b26] Update upstream source from tag 'upstream/11.0.5'
Update to upstream version '11.0.5'
with Debian dir 7744f94a9026a7a3178032ef206d5d5798206fa5
Closes: #949011
* [68e74c1] snapshot changelog
* [6ce977f] Refreshing patches
-- Bernd Zeimetz <email address hidden> Thu, 16 Jan 2020 14:05:36 +0100
-
open-vm-tools (2:11.0.1-4) unstable; urgency=medium
[ Christian Ehrhardt ]
* [e30fabc] d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch:
fix crash with uncommon lsb_output behavior (LP: #1855686)
-- Bernd Zeimetz <email address hidden> Mon, 30 Dec 2019 00:56:03 +0100
-
open-vm-tools (2:11.0.1-3ubuntu1) focal; urgency=medium
* d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch: fix crash with
uncommon lsb_output behavior (LP: #1855686)
-- Christian Ehrhardt <email address hidden> Mon, 09 Dec 2019 11:03:56 +0100
-
open-vm-tools (2:11.0.1-3) unstable; urgency=medium
* [c30953f] gitlab-ci: disable reprotest
* [ee6873b] Use upstream patch to fix (ignore) ZFS.
-- Bernd Zeimetz <email address hidden> Wed, 30 Oct 2019 21:16:31 +0100
-
open-vm-tools (2:11.0.1-2) unstable; urgency=medium
* [76c600f] Fix segfault for fs devices without /
See https://github.com/vmware/open-vm-tools/issues/378 for details.
Thanks to Mo Zhou (Closes: #942692)
-- Bernd Zeimetz <email address hidden> Tue, 22 Oct 2019 15:48:48 +0200
-
open-vm-tools (2:10.3.10-3ubuntu1) eoan; urgency=medium
* Fix memory leaks in vix plugin (LP: #1847157)
- d/p/lp-1847157-End-VGAuth-impersonation-in-the-case-of-error.patch
- d/p/lp-1847157-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch
- d/p/lp-1847157-Fix-memory-leaks-in-vix-tools-plugin.patch
-- Christian Ehrhardt <email address hidden> Wed, 09 Oct 2019 14:06:46 +0200
