Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:0705-1

Опубликовано: 15 мар. 2017
Источник: suse-cvrf

Описание

Security update for open-vm-tools

This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues:

  • New vmware-namespace-cmd command line utility
  • GTK3 support
  • Common Agent Framework (CAF)
  • Guest authentication with xmlsec1
  • Sub-command to push updated network information to the host on demand
  • Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796)
  • Fix for CVE-2015-5191 (bsc#1007600)
  • Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496)
  • Add udev rule to increase VMware virtual disk timeout values (bsc#994598)
  • Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031)
  • Fix copy-n-paste and drag-n-drop regressions (bsc#978424)
  • Add new vmblock-fuse.service
  • Fix a suspend with systemd issue (bsc#913727)
  • ESXi Serviceability
  • GuestInfo Enhancements
  • Compatibility with all supported versions of VMware vSphere, VMware Workstation 12.0 and VMware Fusion 8.0.

Список пакетов

SUSE Linux Enterprise Server 11 SP4
libvmtools0-10.1.0-7.1
open-vm-tools-10.1.0-7.1
open-vm-tools-desktop-10.1.0-7.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libvmtools0-10.1.0-7.1
open-vm-tools-10.1.0-7.1
open-vm-tools-desktop-10.1.0-7.1

Ссылки

Описание

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libvmtools0-10.1.0-7.1
SUSE Linux Enterprise Server 11 SP4:open-vm-tools-10.1.0-7.1
SUSE Linux Enterprise Server 11 SP4:open-vm-tools-desktop-10.1.0-7.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libvmtools0-10.1.0-7.1
Ссылки