-
open-vm-tools (2:12.3.5-3~ubuntu0.22.04.1) jammy; urgency=medium
* Backport recent open-vm-tools release v12.3.5
(LP: #2028420)
open-vm-tools (2:12.3.5-3) unstable; urgency=medium
* [7699f7a] Fix typo in last upload
open-vm-tools (2:12.3.5-2) unstable; urgency=medium
* [80ed173] Disable arm cross-build
* [61a0f4d] (Temporarily) build with diffoscope
* [d929c44] Fix containerinfo plugin directory.
Thanks to John Wolfe (Closes: #1056205)
open-vm-tools (2:12.3.5-1) unstable; urgency=high
* [1b07bee] Remove api doc build dir with dh_clean.
Thanks to Lucas Nussbaum (Closes: #1046018)
* [de2e0ba] New upstream version 12.3.5 (Closes: #1054662)
- New upstream release fixes two CVEs:
CVE-2023-34059 CVE-2023-34058
Closes: #1054666
open-vm-tools (2:12.3.0-1) unstable; urgency=high
* [4ed4be4] New upstream version 12.3.0
(Closes: #1050972)
CVE-2023-20900
Adressing this CVE also Closes: #1050970
There are no new features in the open-vm-tools 12.3.0 release. This is
primarily a maintenance release, details can be found at
https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md
* [779d338] drop d/p/debian/grpc_1.51: no more needed
open-vm-tools (2:12.2.5-1) unstable; urgency=medium
* [8c0c33f] New upstream version 12.2.5
(Closes: #1037546)
CVE-2023-20867
* [232810e] d/p/*: add DEP-3 patch headers
open-vm-tools (2:12.2.0-1) unstable; urgency=medium
* [bebda7c] New upstream version 12.2.0
(Closes: #1032607)
* [d266aa7] Add libabsl-dev as explicit build-dependency.
Not needed in Debian, but let's support the Deepin package maintainer.
(Closes: #1032305)
-- Bryce Harrington <email address hidden> Tue, 05 Dec 2023 13:18:04 -0800
-
open-vm-tools (2:12.1.5-3~ubuntu0.22.04.4) jammy-security; urgency=medium
* SECURITY UPDATE: SAML Bypass
- debian/patches/CVE-2023-34058.patch: don't accept tokens with
unrelated certs in open-vm-tools/vgauth/common/certverify.c,
open-vm-tools/vgauth/common/certverify.h,
open-vm-tools/vgauth/common/prefs.h,
open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c.
- CVE-2023-34058
* SECURITY UPDATE: file descriptor hijack
- debian/patches/CVE-2023-34059.patch: change privilege dropping order
in open-vm-tools/services/vmtoolsd/mainPosix.c,
open-vm-tools/vmware-user-suid-wrapper/main.c.
- CVE-2023-34059
-- Marc Deslauriers <email address hidden> Fri, 27 Oct 2023 07:38:17 -0400
-
open-vm-tools (2:12.1.5-3~ubuntu0.22.04.3) jammy-security; urgency=medium
* SECURITY UPDATE: SAML token signature bypass vulnerability
- debian/patches/CVE-2023-20900.patch: Allow only X509 certs to verify
the SAML token signature in
open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c.
- CVE-2023-20900
-- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:45:55 -0400
-
open-vm-tools (2:12.1.5-3~ubuntu0.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: authentication bypass vulnerability
- debian/patches/CVE-2023-20867.patch: Remove some dead code
- CVE-2023-20867
-- Nishit Majithia <email address hidden> Tue, 25 Jul 2023 09:39:02 +0530
-
open-vm-tools (2:12.1.5-3~ubuntu0.22.04.1) jammy; urgency=medium
* Backport recent open-vm-tools release v12.1.5
(LP: #1998558)
* d/control: Add libabsl-dev as explicit build-dependency.
- (Closes #1032305)
-- Bryce Harrington <email address hidden> Thu, 16 Mar 2023 23:57:03 +0000
-
open-vm-tools (2:12.1.0-1~ubuntu0.22.04.1) jammy; urgency=medium
* Backport recent open-vm-tools (LP: #1975767)
- Fixes issue with "udevadm trigger" affecting all devices
that can cause unwanted side-effects.
(LP: #1968354)
- Adds new binary open-vm-tools-containerinfo that installs the
vRealize Container Info plugin, which captures and publishes
information about running containers inside the guest.
- Adds new binary open-vm-tools-salt-minion that installs the Salt
Minion plugin for event driven IT automation, remote task execution,
and configuration management.
-- Bryce Harrington <email address hidden> Mon, 19 Sep 2022 17:52:55 +0000
-
open-vm-tools (2:11.3.5-1ubuntu4.1) jammy-security; urgency=medium
* SECURITY UPDATE: local privilege escalation
- debian/patches/CVE-2022-31676.patch: check authorization on incoming
guestOps requests in open-vm-tools/vgauth/serviceImpl/proto.c.
- CVE-2022-31676
-- Marc Deslauriers <email address hidden> Tue, 16 Aug 2022 09:21:12 -0400
-
open-vm-tools (2:11.3.5-1ubuntu4) jammy; urgency=medium
* No-change rebuild to update maintainer scripts, see LP: 1959054
-- Dave Jones <email address hidden> Wed, 16 Feb 2022 17:15:58 +0000
-
open-vm-tools (2:11.3.5-1ubuntu3) jammy; urgency=medium
* d/control, d/rules: other dependencies seem to be all ready, switch
to fuse3 again (LP 1956949 LP 1935665)
* d/p/libc-2.35-compat-FTBFS-fix.patch: fix FTBFS with glibc 2.35
(LP: #1960224)
-- Christian Ehrhardt <email address hidden> Tue, 01 Feb 2022 16:29:32 +0100
-
open-vm-tools (2:11.3.5-1ubuntu2) jammy; urgency=medium
* d/control, d/rules: go back to fuse3 until all other
packages are ready (LP: #1956949)
-- Christian Ehrhardt <email address hidden> Mon, 10 Jan 2022 14:44:22 +0100
-
open-vm-tools (2:11.3.5-1ubuntu1) jammy; urgency=medium
* d/control, d/rules: go back to fuse3 until all other
packages are ready (LP: #1956949)
-- Christian Ehrhardt <email address hidden> Mon, 10 Jan 2022 14:44:22 +0100
-
open-vm-tools (2:11.3.5-1) unstable; urgency=medium
[ Debian Janitor ]
* Remove constraints unnecessary since buster
[ Christian Ehrhardt ]
* New upstream version 11.3.5 (LP: #1946836) (Closes: #995221)
- Closes gcc-11 FTBFS, actually since 11.3.0 (Closes: #984272)
* d/rules, d/open-vm-tools.lintian-overrides: The hgfsmounter (mount.vmhgfs)
command has been removed from open-vm-tools
* d/p/Update-open-vm-tools-to-build-with-either-Fuse-3-or-2.patch: allow to
build against fuse 3
* d/rules, d/control: switch to use fuse3 (LP: #1935665)
-- Christian Ehrhardt <email address hidden> Tue, 04 Jan 2022 08:53:54 +0100
-
open-vm-tools (2:11.3.0-2ubuntu2) jammy; urgency=medium
* No-change rebuild against openssl3
-- Simon Chopin <email address hidden> Wed, 01 Dec 2021 16:08:51 +0000
-
open-vm-tools (2:11.3.0-2ubuntu1) impish; urgency=medium
* d/rules: provide a compat link for the old open-vm-tools
library/plugin paths (LP: #1944946)
-- Christian Ehrhardt <email address hidden> Thu, 07 Oct 2021 09:31:05 +0200