openSUSE Security Update: Security update for open-vm-tools ______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:0509-1 Rating: moderate References: #1006796 #1007600 #1011057 #1013496 #913727 #971031 #978424 #985110 #994598 Cross-References: CVE-2015-5191 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________
An update that solves one vulnerability and has 8 fixes is now available.
Description:
This update for open-vm-tools fixes the following issues:
- Updated to 10.1.0 stable release (boo#1011057) + vmware-namespace-cmd command line utility. + gtk3 support + Common Agent Framework (CAF) + guest authentication with xmlsec1 + FreeBSD support + sub-command to push updated network information to the host on demand + udev rules for configuring SCSI timeouts in the guest + fixes for Ubuntu 16.10 + Fix for quiesced snapshot failure leaving guest file system quiesced (boo#1006796) + Fix for CVE-2015-5191 (boo#1007600)
- Report SLES12-SAP guest OS as SLES12 (boo#1013496)
- Remove building KMP modules. No longer needed or wanted for current releases. User space tool vmhgfs-fuse has replaced the need for vmhgfs kernel module.
- Add udev rule to increase VMware virtual disk timeout values (boo#994598)
- Fix vmtoolsd init script to run vmtoolsd in background. (boo#971031) + fix originally done in SLE-11-SP4 code base by tcech@suse.cz
- Added patches for GCC 6 build failure (boo#985110)
- Update to 10.0.7-gtk3 stable branch + add support for gtk3, needed by the dndcp and resolutionset plugins + remove files generated by autoreconf + a few minor build fixes - Update fixes copy-n-paste and drag-n-drop regressions (boo#978424) - Added new vmblock-fuse.service
- Update to 10.0.7 stable branch + Added namespace command line utility "vmware-namespace-cmd".
- Compile without gtkmm support for SLES12 based environments (which do not provide gtkmm2.4)
- Update to 10.0.5 stable branch + [vgauth] fix timestamp check + [libresolutionSet.so] Add an error handler to X11 resolutionSet + [vmci.ko] Kill tasklet when unloading vmci module + [libvmbackup.so] Quiesced snapshots Skip freezing autofs mounts. + [vmhgfs.ko] make vmhgfs compatible with Linux kernel 4.2
- This update also addresses a suspend with systemd issue (boo#913727)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-276=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
libvmtools-devel-10.1.0-6.1 libvmtools0-10.1.0-6.1 libvmtools0-debuginfo-10.1.0-6.1 open-vm-tools-10.1.0-6.1 open-vm-tools-debuginfo-10.1.0-6.1 open-vm-tools-debugsource-10.1.0-6.1 open-vm-tools-desktop-10.1.0-6.1 open-vm-tools-desktop-debuginfo-10.1.0-6.1
References:
https://www.suse.com/security/cve/CVE-2015-5191.html https://bugzilla.suse.com/1006796 https://bugzilla.suse.com/1007600 https://bugzilla.suse.com/1011057 https://bugzilla.suse.com/1013496 https://bugzilla.suse.com/913727 https://bugzilla.suse.com/971031 https://bugzilla.suse.com/978424 https://bugzilla.suse.com/985110 https://bugzilla.suse.com/994598