Описание
Security update for open-vm-tools
This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues:
- New vmware-namespace-cmd command line utility
- GTK3 support
- Common Agent Framework (CAF)
- Guest authentication with xmlsec1
- Sub-command to push updated network information to the host on demand
- Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796)
- Fix for CVE-2015-5191 (bsc#1007600)
- Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496)
- Add udev rule to increase VMware virtual disk timeout values (bsc#994598)
- Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
libvmtools-devel-10.1.0-3.1
libvmtools0-10.1.0-3.1
open-vm-tools-10.1.0-3.1
open-vm-tools-desktop-10.1.0-3.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0827-1
- SUSE Security Ratings
Описание
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Затронутые продукты
openSUSE Leap 42.2:libvmtools-devel-10.1.0-3.1
openSUSE Leap 42.2:libvmtools0-10.1.0-3.1
openSUSE Leap 42.2:open-vm-tools-10.1.0-3.1
openSUSE Leap 42.2:open-vm-tools-desktop-10.1.0-3.1
Ссылки
- CVE-2015-5191
- SUSE Bug 1007600