openSUSE Security Update: Security update for open-vm-tools ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0509-1 Rating: moderate References: #1006796 #1007600 #1011057 #1013496 #913727 #971031 #978424 #985110 #994598 Cross-References: CVE-2015-5191 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves one vulnerability and has 8 fixes is now available. Description: This update for open-vm-tools fixes the following issues: - Updated to 10.1.0 stable release (boo#1011057) + vmware-namespace-cmd command line utility. + gtk3 support + Common Agent Framework (CAF) + guest authentication with xmlsec1 + FreeBSD support + sub-command to push updated network information to the host on demand + udev rules for configuring SCSI timeouts in the guest + fixes for Ubuntu 16.10 + Fix for quiesced snapshot failure leaving guest file system quiesced (boo#1006796) + Fix for CVE-2015-5191 (boo#1007600) - Report SLES12-SAP guest OS as SLES12 (boo#1013496) - Remove building KMP modules. No longer needed or wanted for current releases. User space tool vmhgfs-fuse has replaced the need for vmhgfs kernel module. - Add udev rule to increase VMware virtual disk timeout values (boo#994598) - Fix vmtoolsd init script to run vmtoolsd in background. (boo#971031) + fix originally done in SLE-11-SP4 code base by tcech@suse.cz - Added patches for GCC 6 build failure (boo#985110) - Update to 10.0.7-gtk3 stable branch + add support for gtk3, needed by the dndcp and resolutionset plugins + remove files generated by autoreconf + a few minor build fixes - Update fixes copy-n-paste and drag-n-drop regressions (boo#978424) - Added new vmblock-fuse.service - Update to 10.0.7 stable branch + Added namespace command line utility "vmware-namespace-cmd". - Compile without gtkmm support for SLES12 based environments (which do not provide gtkmm2.4) - Update to 10.0.5 stable branch + [vgauth] fix timestamp check + [libresolutionSet.so] Add an error handler to X11 resolutionSet + [vmci.ko] Kill tasklet when unloading vmci module + [libvmbackup.so] Quiesced snapshots Skip freezing autofs mounts. + [vmhgfs.ko] make vmhgfs compatible with Linux kernel 4.2 - This update also addresses a suspend with systemd issue (boo#913727) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-276=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): libvmtools-devel-10.1.0-6.1 libvmtools0-10.1.0-6.1 libvmtools0-debuginfo-10.1.0-6.1 open-vm-tools-10.1.0-6.1 open-vm-tools-debuginfo-10.1.0-6.1 open-vm-tools-debugsource-10.1.0-6.1 open-vm-tools-desktop-10.1.0-6.1 open-vm-tools-desktop-debuginfo-10.1.0-6.1 References: https://www.suse.com/security/cve/CVE-2015-5191.html https://bugzilla.suse.com/1006796 https://bugzilla.suse.com/1007600 https://bugzilla.suse.com/1011057 https://bugzilla.suse.com/1013496 https://bugzilla.suse.com/913727 https://bugzilla.suse.com/971031 https://bugzilla.suse.com/978424 https://bugzilla.suse.com/985110 https://bugzilla.suse.com/994598