Описание
Security update for open-vm-tools
This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues:
- New vmware-namespace-cmd command line utility
- GTK3 support
- Common Agent Framework (CAF)
- Guest authentication with xmlsec1
- Sub-command to push updated network information to the host on demand
- Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796)
- Fix for CVE-2015-5191 (bsc#1007600)
- Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496)
- Add udev rule to increase VMware virtual disk timeout values (bsc#994598)
- Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libvmtools0-10.1.0-8.1
open-vm-tools-10.1.0-8.1
open-vm-tools-desktop-10.1.0-8.1
SUSE Linux Enterprise Server 12 SP2
libvmtools0-10.1.0-8.1
open-vm-tools-10.1.0-8.1
open-vm-tools-desktop-10.1.0-8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libvmtools0-10.1.0-8.1
open-vm-tools-10.1.0-8.1
open-vm-tools-desktop-10.1.0-8.1
Ссылки
- Link for SUSE-SU-2017:0702-1
- E-Mail link for SUSE-SU-2017:0702-1
- SUSE Security Ratings
- SUSE Bug 1006796
- SUSE Bug 1007600
- SUSE Bug 1011057
- SUSE Bug 1013496
- SUSE Bug 1024200
- SUSE Bug 971031
- SUSE Bug 994598
- SUSE CVE CVE-2015-5191 page
Описание
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libvmtools0-10.1.0-8.1
SUSE Linux Enterprise Desktop 12 SP2:open-vm-tools-10.1.0-8.1
SUSE Linux Enterprise Desktop 12 SP2:open-vm-tools-desktop-10.1.0-8.1
SUSE Linux Enterprise Server 12 SP2:libvmtools0-10.1.0-8.1
Ссылки
- CVE-2015-5191
- SUSE Bug 1007600